Trojaner-Board - Windows 10: Fenster poppt kurz auf und verschwindet sofort wieder-Keine Chance es zu erkennen

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Windows 10: Fenster poppt kurz auf und verschwindet sofort wieder-Keine Chance es zu erkennen (https://www.trojaner-board.de/185725-windows-10-fenster-poppt-kurz-verschwindet-sofort-keine-chance-erkennen.html)

Servus,

wir entfernen noch ein bisschen was und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

Start:: CloseProcesses: Task: {A912C1A7-DEA3-4EE3-AEB0-6622D9890796} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG EmptyTemp: End::
Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
Profilnachricht inklusive Link zum Thema an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Eigentlich habe ich ja darum gebeten das Thema bis heute offen zu lassen, da ich wie angekündigt bis gestern weg war deswegen hoffe ich auf eine Wiederaufnahme des Themas

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Pascal (03-06-2017 09:28:42) Run:2
Gestartet von C:\Users\Pascal\Downloads
Geladene Profile: Pascal (Verfügbare Profile: Pascal)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
Task: {A912C1A7-DEA3-4EE3-AEB0-6622D9890796} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A912C1A7-DEA3-4EE3-AEB0-6622D9890796} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A912C1A7-DEA3-4EE3-AEB0-6622D9890796} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1229423121-489186376-597309758-1001 => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19180235 B
Java, Flash, Steam htmlcache => 27853186 B
Windows/system/drivers => 21210028 B
Edge => 0 B
Chrome => 729968246 B
Firefox => 31530272 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 2420 B
NetworkService => 4300 B
Pascal => 4937927 B

RecycleBin => 0 B
EmptyTemp: => 803 MB temporäre Dateien entfernt.

================================

Das System musste neu gestartet werden.

==== Ende von Fixlog 09:28:48 ====

Code:

HitmanPro 3.7.20.286

www.hitmanpro.com
 

   Computer name . . . . : PASCAL

   Windows . . . . . . . : 10.0.0.15063.X64/4

   User name . . . . . . : PASCAL\Pascal

   UAC . . . . . . . . . : Enabled

   License . . . . . . . : Free
 

   Scan date . . . . . . : 2017-06-03 09:33:37

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 1m 50s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No
 

   Threats . . . . . . . : 1

   Traces  . . . . . . . : 13
 

   Objects scanned . . . : 2.226.863

   Files scanned . . . . : 73.553

   Remnants scanned  . . : 542.176 files / 1.611.134 keys
 

Malware _____________________________________________________________________
 

   C:\Users\AMD\Packages\Apps\Radeon-Crimson-15.11-ccc-zh-chs64-64bit.exe

      Size . . . . . . . : 260.600 bytes

      Age  . . . . . . . : 544.5 days (2015-12-06 22:04:30)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 229FCE050DF598451691B5EA3DA9BFA523DCBD94FB28E9D5116C73A6CBE9A5BE

      Product  . . . . . : Radeon Software Crimson Edition

      Publisher  . . . . : AMD Inc.

      Description  . . . : Radeon Software Crimson Edition

      Version  . . . . . : 0.0.0.0

      Copyright  . . . . : AMD Inc.

      RSA Key Size . . . : 2048

      LanguageID . . . . : 1033

      Authenticode . . . : Valid

    > HitmanPro  . . . . : Mal/Generic-S

      Fuzzy  . . . . . . : 104.0
 
 

Suspicious files ____________________________________________________________
 

   C:\Users\Pascal\Downloads\FRST-OlderVersion\FRST64.exe

      Size . . . . . . . : 2.429.952 bytes

      Age  . . . . . . . : 6.8 days (2017-05-27 14:12:18)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 2B4DE3E0A23A0E4A8C83875C0BA9A3FDC4B332D90777DC0D9624DB4876BCD630

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 24.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.
 

   C:\Users\Pascal\Downloads\FRST64.exe

      Size . . . . . . . : 2.433.536 bytes

      Age  . . . . . . . : 0.0 days (2017-06-03 09:27:41)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 9E51FA16E351CB637E687A806F8F803BBABBFBD15977B3C7A418AF189D397266

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 24.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.

      Forensic Cluster

         -32.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{03E0732F-F716-4B6E-812A-8C14CFC468A4}

         -31.8s C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\xulstore.json

         -31.8s C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\sessionCheckpoints.json

         -31.5s C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\prefs.js

         -31.5s C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\datareporting\archived\2017-06\

         -31.5s C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\datareporting\archived\2017-06\1496474829936.965554e0-d087-4c6c-8b48-bfaa810e500c.main.jsonlz4

         -3.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\77\

         -2.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\77\F7131A43846CCF15.dat

         -2.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{6742C018-7F6C-42D0-9B7E-A1E9D3F6506E}

          0.0s C:\Users\Pascal\Downloads\FRST64.exe

          1.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\6B9FB2B98D250EB745AFF143BAE13914

          1.7s C:\Users\Pascal\Downloads\FRST-OlderVersion\

         22.4s C:\Users\Pascal\AppData\Local\Packages\microsoft.windows.authhost.sso.c_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF

         22.4s C:\Users\Pascal\AppData\Local\Packages\microsoft.windows.authhost.sso.c_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\C46E7B0F942663A1EDC8D9D6D7869173_D9B9F37ECE595B0B7B6AA12451D392CF

         22.5s C:\Users\Pascal\AppData\Local\Packages\microsoft.windows.authhost.sso.c_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\MetaData\705A76DE71EA2CAEBB8F0907449CE086_FC2B1E54BF228194FDCCB7229F4C62AE

         22.5s C:\Users\Pascal\AppData\Local\Packages\microsoft.windows.authhost.sso.c_8wekyb3d8bbwe\AC\Microsoft\CryptnetUrlCache\Content\705A76DE71EA2CAEBB8F0907449CE086_FC2B1E54BF228194FDCCB7229F4C62AE

         22.6s C:\Users\Pascal\AppData\Local\Packages\microsoft.windows.authhost.sso.c_8wekyb3d8bbwe\AC\INetCache\MSIMGSIZ.DAT

         39.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\86\9191AAA0530D1E5A.dat

         43.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\77\F7131A43846CCF15.dat

         61.1s C:\FRST\Logs\ct

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_48.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1920.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_2560.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_exif.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide_alternate.db

         63.8s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\thumbcache_custom_stream.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db

         63.9s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db

         67.9s C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\

         67.9s C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms

         71.0s C:\FRST\Logs\Fixlog_03-06-2017 09.28.52.txt

         71.4s C:\Users\Pascal\AppData\Local\IconCache.db

         71.5s C:\Users\Pascal\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000004c.db

         71.9s C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc\{8BB4D0A2-1632-453C-945A-D20F09F38F71}\Protectors\1\6.dat

         71.9s C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc\{8BB4D0A2-1632-453C-945A-D20F09F38F71}\Protectors\1\16.dat

         71.9s C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc\{8BB4D0A2-1632-453C-945A-D20F09F38F71}\Protectors\1\17.dat

         71.9s C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc\{8BB4D0A2-1632-453C-945A-D20F09F38F71}\Protectors\1\11.dat

         72.3s C:\ProgramData\Microsoft\Diagnosis\VortexSchemaRequests.dat

         72.7s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\18\107002

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\18\107001

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\17\109001

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\18\109002

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\22\109003

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\02\109004

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\04\109005

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\22\109006

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\19\328

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\09\238

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\05\317

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\10\197

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\01\198

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\05\199

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\11\200

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\05\100013

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\08\15004

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\08\107003

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\06\107007

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\13\107009

         72.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Mput\MputHistory\20\107012

         90.9s C:\ProgramData\Kaspersky Lab\AVP17.0.0\dummy.tmp

         90.9s C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\dummy.tmp

         91.8s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl

         91.9s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl

         96.2s C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

         96.2s C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

         97.6s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTWFP-IPsec Diagnostics.etl

         98.0s C:\Windows\Temp\{7F927AB9-44F3-441A-A51F-87A5C0D0F02E} - OProcSessId.dat

         98.1s C:\Windows\Temp\PASCAL-20170603-0929.log

         98.1s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagtrack-Listener.etl

         98.3s C:\Windows\Temp\officeclicktorun.exe_streamserver(20170603092919ED4).log

         98.3s C:\ProgramData\Microsoft\Windows Security Health\Logs\SHS-06032017-092919-3-1-15063.0.amd64fre.rs2_release.170317-1834.bin

         98.7s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\settings.kvdb-wal

         98.7s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\settings.kvdb-shm

         98.7s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\data.kvdb-wal

         98.7s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\data.kvdb-shm

         98.8s C:\Program Files (x86)\MSI\MSITrigger\VGA Boost\autogpuoc.ini

         98.8s C:\ProgramData\Kaspersky Lab\AVP17.0.0\a1d1b6563e3f2e336502a383b2e393820326ba253f22661d22393e38659763e3f2e33

         99.0s C:\Windows\System32\SleepStudy\ScreenOn\ScreenOnPowerStudyTraceSession-2017-06-03-09-29-20.etl

         99.0s C:\ProgramData\Malwarebytes\MBAMService\ARW\mbarwind.arw

         100.3s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Report\Database\reports.db-wal

         100.3s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Report\Database\reports.db-shm

         100.3s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\Cache\intctrl_00000000.lck_00000002

         100.5s C:\ProgramData\Microsoft\Windows Defender\Support\MpWppTracing-06032017-092921-00000003-ffffffff.bin

         100.9s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDefenderAuditLogger.etl

         102.4s C:\Users\Pascal\NTUSER.DAT{1d886739-2443-11e7-991c-acd3b2ed4b91}.TxR.blf

         102.4s C:\Users\Pascal\NTUSER.DAT{1d886739-2443-11e7-991c-acd3b2ed4b91}.TxR.0.regtrans-ms

         102.4s C:\Users\Pascal\NTUSER.DAT{1d886739-2443-11e7-991c-acd3b2ed4b91}.TxR.1.regtrans-ms

         102.4s C:\Users\Pascal\NTUSER.DAT{1d886739-2443-11e7-991c-acd3b2ed4b91}.TxR.2.regtrans-ms

         103.5s C:\Users\Pascal\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin

         106.9s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\persistent_q.db-wal

         106.9s C:\Windows\Temp\etilqs_Wz1RYzx3Shxooct

         106.9s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\persistent_q.db-shm

         107.1s C:\Windows\Temp\etilqs_U0zTwXXA6xEjdBB

         107.5s C:\Users\Pascal\AppData\Local\Microsoft\Windows\INetCache\counters2.dat

         108.2s C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\

         109.4s C:\Windows\Temp\cpuz140\

         109.4s C:\Windows\Temp\cpuz140\cpuz140_x64.sys

         112.1s C:\Users\Pascal\AppData\Local\Comms\UnistoreDB\tmp.edb

         112.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\10\1968DF1EDF47BEC2.dat

         112.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\EB5F5A0D383677DBE90E6BC406F564BC

         112.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0AA53920C5D1A6A05C080146314E3B26

         112.8s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0AA53920C5D1A6A05C080146314E3B26

         112.9s C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0AA53920C5D1A6A05C080146314E3B26

         112.9s C:\ProgramData\Kaspersky Lab\AVP17.0.0\1617791a2223322f791c3624273225243c2e771639233e7a13e252224791021e1a2223322f1

         113.6s C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\

         114.1s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache131409485733937181.txt

         114.2s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicGenre_02.0407.digest.bin

         114.2s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicAlbum_02.0407.digest.bin

         114.2s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicSong_02.0407.digest.bin

         114.2s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicGenre_02.0407.cfg.txt

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{d4070f64-8b94-411f-922a-652a2682f373}\

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{d4070f64-8b94-411f-922a-652a2682f373}\Apps.index

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicGenre_02.0407.cfg

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{d4070f64-8b94-411f-922a-652a2682f373}\0.0.filtertrie.intermediate.txt

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{d4070f64-8b94-411f-922a-652a2682f373}\0.1.filtertrie.intermediate.txt

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{d4070f64-8b94-411f-922a-652a2682f373}\0.2.filtertrie.intermediate.txt

         114.3s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{d4070f64-8b94-411f-922a-652a2682f373}\Apps.ft

         114.4s C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\5f7b5f1e01b83767.automaticDestinations-ms

         114.4s C:\Users\Pascal\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\

         114.4s C:\Users\Pascal\AppData\Local\Microsoft\Windows\INetCache\IE\

         114.5s C:\Users\Pascal\AppData\Local\Microsoft\Windows\History\History.IE5\container.dat

         115.1s C:\Users\Pascal\AppData\Local\Microsoft\Windows\INetCache\IE\container.dat

         115.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{082E0C7C-0CE1-4595-907B-DDE089A58064}

         117.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\27B5508F9886AF565659AB8474A585F5

         118.5s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicAlbum_02.0407.cfg.txt

         118.5s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicAlbum_02.0407.cfg

         119.5s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicSong_02.0407.cfg.txt

         119.6s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicSong_02.0407.cfg

         119.6s C:\Users\Pascal\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\LocalState\TileThumbnails\primarytileimage_0.jpg

         120.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\74\7C1D332ECBA25CA2.dat

         121.1s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_01.0407.digest.bin

         123.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\02487C042C983299AFCECCD06C10C8FE

         123.2s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_01.0407.cfg.txt

         123.7s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_01.0407.cfg

         125.4s C:\Users\Pascal\AppData\Local\Temp\jusched.log

         126.6s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_01.0407.digest.bin

         127.0s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_01.0407.cfg.txt

         127.0s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_01.0407.cfg

         127.7s C:\Users\Pascal\AppData\Local\Temp\qtsingleapp-roccat-b578-1-lockfile

         128.3s C:\Users\Pascal\Documents\ROCCAT\Swarm\setting\monitor.ini

         128.3s C:\Users\Pascal\Documents\ROCCAT\Swarm\setting\Swarm

         129.7s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\

         129.7s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Age of Conan.dat

         129.7s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Anno 2070.dat

         129.7s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Battlefield 3.dat

         129.7s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Battlefield 4.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Batman Arkham City.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Battle for Middle Earth.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Battlefield Bad Company 2.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Bioshock 2.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Borderlands 2.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\C&C 3.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Civilization 5.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Counter Strike 1.6.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Counter-Strike Global Offensive.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Counter Strike Source.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Crysis  Crysis Warhead.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Dota 2.dat

         129.8s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Dragon Age.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Elder Scrolls V Skyrim.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Football Manager 2013(EA).dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Football Manager 2013(SEGA).dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Guild Wars.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\League of Legends.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Left4Dead.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Lineage 2.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\LotR Online.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Mass Effect 2.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Minecraft.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Modern Warfare 2.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Neverwinter.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Path of Exile.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Sacred 2.dat

         129.9s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Sims 3.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\StarCraft 2.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Star Wars The Old Republic.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Team Fortress 2.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Warhammer Online.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\War Thunder.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\World of Tanks.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\World of Warcraft.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\World of Warplanes.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Firefox.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Internet Explorer.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Office Functions.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Photoshop.dat

         130.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Safari.dat

         130.1s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Skype.dat

         130.1s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Team Speak 2.dat

         130.1s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Team Speak 3.dat

         130.1s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Windows Functions.dat

         130.1s C:\Users\Pascal\Documents\ROCCAT\Swarm\preset_macro\Xfire.dat

         130.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\61\8E2A40B668B94161.dat

         131.0s C:\Users\Pascal\Documents\ROCCAT\Swarm\faq\Swarm\english.ini

         131.1s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\antimalware.patch_management.product_registry.kvdb-wal

         131.1s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\antimalware.patch_management.product_registry.kvdb-shm

         131.1s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\antimalware.unwanted_products.product_registry.kvdb-wal

         131.1s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Data\antimalware.unwanted_products.product_registry.kvdb-shm

         131.2s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Report\traffic_stats.db-wal

         131.2s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Report\traffic_stats.db-shm

         132.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\92\7EDA96F523C29F50.dat

         133.1s C:\Windows\Temp\MSIb045.LOG

         133.1s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\Cache\kavbase_000000a6.lck_00000047

         133.3s C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys

         133.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\99\50054FF4CAB6A5BB.dat

         133.4s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{16D2007E-5E49-441E-B020-A70BEC77D1F1}

         134.6s C:\Users\Pascal\Documents\ROCCAT\Swarm\setting\APP_Clients

         135.6s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\E4B8BBA2005DE7AEB31181B75DF2A795

         136.7s C:\Windows\Temp\{A4E7CFD7-DDD1-4A0A-BBD8-702F0D6AD62E}\

         136.7s C:\Windows\Temp\{A4E7CFD7-DDD1-4A0A-BBD8-702F0D6AD62E}\msi_misc.dll

         137.4s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\48BFA6128DB09A3A6796B777D4D09E87

         137.5s C:\Windows\Temp\{A4E7CFD7-DDD1-4A0A-BBD8-702F0D6AD62E}\msi_common.dll

         137.6s C:\Windows\Temp\{A4E7CFD7-DDD1-4A0A-BBD8-702F0D6AD62E}\product_info.dll

         138.7s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\History

         138.7s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG

         138.7s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\History-journal

         138.7s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal

         139.2s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal

         139.2s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Visited Links

         139.2s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

         139.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\31\FB70187285595B7F.dat

         139.6s C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\1d9f7f6a83e3e8c79854cd63d4c4ee05af6eb299

         139.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index

         139.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

         139.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

         139.7s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

         139.7s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

         139.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal

         140.0s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG

         140.1s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal

         140.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

         140.9s C:\Windows\System32\catroot2\edb.log

         140.9s C:\Windows\System32\catroot2\edbtmp.log

         140.9s C:\Windows\System32\catroot2\edbres00001.jrs

         140.9s C:\Windows\System32\catroot2\edbres00002.jrs

         140.9s C:\Windows\System32\catroot2\edb.chk

         141.1s C:\Windows\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\klelam.cat

         141.2s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Current Session

         142.0s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRT{1C1EC973-62BC-4CE2-8374-98C3F294B479}.etl

         142.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\index

         142.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0

         142.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1

         142.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2

         142.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3

         142.5s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cookies

         142.5s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal

         143.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001

         143.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002

         143.4s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003

         143.5s C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

         143.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004

         143.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005

         143.8s C:\Windows\Temp\obuDA26.tmp

         144.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006

         144.3s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007

         144.5s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008

         144.5s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009

         144.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a

         144.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b

         144.6s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c

         145.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG

         146.6s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_02.0407.digest.bin

         146.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e

         146.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f

         146.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010

         147.1s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_02.0407.cfg.txt

         147.1s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_02.0407.cfg

         147.2s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011

         156.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\63\1E991D057216C553.dat

         156.3s C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\2b450c65c4420925a316a9186a6caa630f3febcc

         156.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{F998893A-5DD9-4FAF-A839-1BC5B5BA48B2}

         157.2s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_02.0407.digest.bin

         157.9s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_02.0407.cfg.txt

         158.1s C:\Users\Pascal\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_02.0407.cfg

         158.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trojaner-board.de_0.localstorage

         158.9s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trojaner-board.de_0.localstorage-journal

         160.0s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage

         160.0s C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage-journal
 

   C:\WINDOWS\SysWOW64\GameMon.des

      Size . . . . . . . : 3.916.368 bytes

      Age  . . . . . . . : 495.9 days (2016-01-24 12:40:55)

      Entropy  . . . . . : 8.0

      SHA-256  . . . . . : C2FA0CBBF038F74F8A30F86E289C09D488A36285BF6BBD45CD44C855F6696B1B

      Product  . . . . . : nProtect Game Monitor

      Publisher  . . . . : INCA Internet Co., Ltd.

      Description  . . . : nProtect Game Monitor Rev 2368

      Version  . . . . . : 2016.1.10.1

      RSA Key Size . . . : 2048

      Service  . . . . . : npggsvc

      LanguageID . . . . : 1042

      Authenticode . . . : Valid

      Fuzzy  . . . . . . : 25.0

         The file name extension of this program is not common.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.

         Starts automatically as a service during system bootup.

         Program is code signed with a valid Authenticode certificate.

      Startup

         HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\
 

   L:\Programme\bass.dll

      Size . . . . . . . : 110.207 bytes

      Age  . . . . . . . : 81.6 days (2017-03-13 19:48:39)

      Entropy  . . . . . : 7.9

      SHA-256  . . . . . : A8D979460E970E84EACCE36B8A68AE5F6B9CC0FE16E05A6209B4EAD52B81B021

      Fuzzy  . . . . . . : 22.0

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Program is running but currently exposes no human-computer interface (GUI).

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Program contains PE structure anomalies. This is not typical for most programs.

         The file is in use by one or more active processes.
 
 

Potential Unwanted Programs _________________________________________________
 

   HKLM\SOFTWARE\Classes\f\ (Funmoods)

   HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}\ (ReimageRepair)

   HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}\ (ReimageRepair)

   HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger)

   HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger)

   HKU\S-1-5-21-1229423121-489186376-597309758-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger)

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9ceabbcaa6e28240be4fd63a54640feb
# end=init
# utc_time=2017-06-03 07:37:30
# local_time=2017-06-03 09:37:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 33599
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9ceabbcaa6e28240be4fd63a54640feb
# end=updated
# utc_time=2017-06-03 07:40:46
# local_time=2017-06-03 09:40:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9ceabbcaa6e28240be4fd63a54640feb
# engine=33599
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-06-03 09:18:20
# local_time=2017-06-03 11:18:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 6441 29412034 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 43496 6614496 0 0
# scanned=345350
# found=0
# cleaned=0
# scan_time=5854

Fehlerhaft

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017

durchgeführt von Pascal (Administrator) auf PASCAL (03-06-2017 11:25:22)

Gestartet von C:\Users\Pascal\Downloads

Geladene Profile: Pascal (Verfügbare Profile: Pascal)

Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe

(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe

(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe

(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe

(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe

() C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe

() C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe

(Electronic Arts) L:\Programme\Origin\OriginWebHelperService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(ROCCAT GmbH) C:\Users\Pascal\Downloads\SWARM_v19201 (1)\data\SWARM_CONNECT\SwarmHW_Service.exe

(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(© 2015 Microsoft Corporation) C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe

(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(ROCCAT) L:\Programme\ROCCAT_Swarm_Monitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) L:\Programme\Steam\Steam.exe

(Valve Corporation) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe

(Valve Corporation) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-23] (Realtek Semiconductor)

HKLM\...\Run: [MBCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)

HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)

HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()

HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe [579056 2014-03-28] (Micro-Star International)

HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2015-03-05] (MSI)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [BingSvc] => C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-12-24] (© 2015 Microsoft Corporation)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Dropbox Update] => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-24] (Dropbox, Inc.)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Spotify Web Helper] => C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-25] (Spotify Ltd)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [WallpaperEngine] => L:\Programme\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [735232 2017-05-11] ()

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-03-25]

ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2017-03-13]

ShortcutTarget: ROCCAT Swarm.lnk -> L:\Programme\ROCCAT_Swarm_Monitor.exe (ROCCAT)

Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-31]

ShortcutTarget: Dropbox.lnk -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{8fee23f3-22fd-4b73-a7b9-9aea4d15184f}: [DhcpNameServer] 192.168.2.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1229423121-489186376-597309758-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1229423121-489186376-597309758-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)

BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle Corporation)

Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)

Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default [2017-06-03]

FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\user.js [2016-11-21]

FF Homepage: Mozilla\Firefox\Profiles\qh5dvH6z.default -> hxxps://www.reddit.com/r/all/

FF Extension: (Firefox Hotfix) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-16]

FF Extension: (BetterTTV) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox@betterttv.net.xpi [2016-09-19]

FF Extension: (Adblock Plus) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-27]

FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]

FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-27] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-27] (Google Inc.)
 

Chrome: 

=======

CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default

CHR DefaultSearchKeyword: Default -> Yahoo

CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10

CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default [2017-06-03]

CHR Extension: (Google Präsentationen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-27]

CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-27]

CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-27]

CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-27]

CHR Extension: (Google Tabellen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-27]

CHR Extension: (Kaspersky Protection) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-27]

CHR Extension: (Avira Browserschutz) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-05-27]

CHR Extension: (Google Docs Offline) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-27]

CHR Extension: (Yahoo Partner) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-05-27]

CHR Extension: (LottaDeals) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigcbafcnfakaokfjaplokfbgmjldpfg [2017-05-27]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-27]

CHR Extension: (Weather Hub Pro) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajfkbekgfapaenbmngmilchlbejokcg [2017-05-27]

CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-27]

CHR Extension: (Chrome Media Router) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-27]

CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [pajfkbekgfapaenbmngmilchlbejokcg] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)

S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-08-03] (EasyAntiCheat Ltd)

R2 ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2126448 2014-04-10] ()

R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)

R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)

S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)

S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-12-31] (MSI) [Datei ist nicht signiert]

S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4035024 2015-03-10] (MSI)

S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-12-31] () [Datei ist nicht signiert]

R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704 2015-01-29] () [Datei ist nicht signiert]

S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2249168 2015-03-10] ()

S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-12-31] () [Datei ist nicht signiert]

S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2015-03-13] () [Datei ist nicht signiert]

R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)

R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)

R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)

R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)

S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)

S3 Origin Client Service; L:\Programme\Origin\OriginClientService.exe [2124296 2017-02-24] (Electronic Arts)

R2 Origin Web Helper Service; L:\Programme\Origin\OriginWebHelperService.exe [2185232 2017-02-24] (Electronic Arts)

R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [Datei ist nicht signiert]

R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)

R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-01-19] (Advanced Micro Devices)

S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)

S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)

R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-06-03] (CPUID)

R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-30] (REALiX(tm))

S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [23936 2014-02-03] ()

R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)

S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] ()

S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)

R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)

R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)

R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)

R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)

R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)

S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)

R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-16] (AO Kaspersky Lab)

R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-16] (AO Kaspersky Lab)

R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-03] (AO Kaspersky Lab)

R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-16] (AO Kaspersky Lab)

S1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab)

R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)

R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)

S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)

R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-24] (AO Kaspersky Lab)

R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-06-02] (AO Kaspersky Lab)

R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-19] (AO Kaspersky Lab)

R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-19] (AO Kaspersky Lab)

R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-19] (AO Kaspersky Lab)

R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)

R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)

R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)

S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45200 2016-02-16] (Logitech Inc.)

S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)

S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)

S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)

R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-03] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-03] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-03] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-03] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-03] (Malwarebytes)

R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)

S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)

R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)

R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)

S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)

S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)

S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)

S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)

S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)

S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)

S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)

S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)

S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [25088 2015-02-02] (SteelSeries ApS)

S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)

S3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-06-24] (The OpenVPN Project)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

U3 aswbdisk; kein ImagePath

S1 ESEADriver2; \??\C:\Users\Pascal\AppData\Local\Temp\ESEADriver2.sys [X] <==== ACHTUNG
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-06-03 09:37 - 2017-06-03 09:37 - 02870984 _____ (ESET) C:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe

2017-06-03 09:32 - 2017-06-03 09:32 - 11584088 _____ (SurfRight B.V.) C:\Users\Pascal\Downloads\HitmanPro_x64.exe

2017-06-03 09:32 - 2017-06-03 09:32 - 00000000 ____D C:\ProgramData\HitmanPro

2017-06-03 09:27 - 2017-06-03 09:27 - 02433536 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe

2017-06-03 09:27 - 2017-06-03 09:27 - 00000000 ____D C:\Users\Pascal\Downloads\FRST-OlderVersion

2017-06-02 23:10 - 2017-06-02 23:10 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys

2017-05-27 16:00 - 2017-05-27 16:00 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-05-27 16:00 - 2017-05-27 16:00 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2017-05-27 15:59 - 2017-05-27 15:59 - 01130328 _____ (Google Inc.) C:\Users\Pascal\Downloads\ChromeSetup(1).exe

2017-05-27 15:59 - 2017-05-27 15:59 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-05-27 15:59 - 2017-05-27 15:59 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-05-27 15:44 - 2017-06-03 09:28 - 00001854 _____ C:\Users\Pascal\Downloads\Fixlog.txt

2017-05-27 15:02 - 2017-05-27 15:02 - 00001381 _____ C:\Users\Pascal\Desktop\mbam.txt

2017-05-27 15:00 - 2017-06-03 10:38 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-05-27 15:00 - 2017-06-03 10:38 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-05-27 15:00 - 2017-06-03 10:38 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-05-27 14:59 - 2017-06-03 10:38 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-05-27 14:59 - 2017-06-03 10:38 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-05-27 14:59 - 2017-06-03 10:38 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-05-27 14:59 - 2017-05-27 14:59 - 63364552 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe

2017-05-27 14:59 - 2017-05-27 14:59 - 00001926 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes

2017-05-27 14:57 - 2017-05-27 14:57 - 00566128 _____ (Malwarebytes) C:\Users\Pascal\Downloads\mbam-clean-2.3.0.1001.exe

2017-05-27 14:48 - 2017-05-27 14:48 - 04102600 _____ C:\Users\Pascal\Downloads\AdwCleaner_6.046.exe

2017-05-27 14:47 - 2017-05-27 14:53 - 00000000 ____D C:\AdwCleaner

2017-05-27 14:18 - 2017-05-27 14:29 - 00114264 _____ C:\TDSSKiller.3.1.0.15_27.05.2017_14.18.10_log.txt

2017-05-27 14:18 - 2017-05-27 14:18 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Pascal\Downloads\tdsskiller.exe

2017-05-27 14:13 - 2017-06-03 11:22 - 00054696 _____ C:\Users\Pascal\Downloads\Addition.txt

2017-05-27 14:12 - 2017-06-03 11:25 - 00032226 _____ C:\Users\Pascal\Downloads\FRST.txt

2017-05-27 14:12 - 2017-06-03 11:25 - 00000000 ____D C:\FRST

2017-05-25 23:13 - 2017-05-25 23:13 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\424D3EFA.sys

2017-05-25 23:10 - 2017-05-25 23:10 - 22851472 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mbam-setup-2.2.1.1043.exe

2017-05-25 13:09 - 2017-05-25 13:09 - 00003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Pascal)

2017-05-24 12:19 - 2017-05-24 12:19 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys

2017-05-23 17:25 - 2017-05-23 17:25 - 00000212 _____ C:\Users\Pascal\Desktop\Rocket League.url

2017-05-23 14:14 - 2017-05-23 14:14 - 05545512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

2017-05-23 14:13 - 2017-05-23 14:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2017-05-23 14:13 - 2017-05-23 14:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2017-05-23 14:13 - 2017-05-23 14:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys

2017-05-23 14:13 - 2017-05-23 14:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll

2017-05-23 14:13 - 2017-05-23 14:13 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll

2017-05-23 13:27 - 2017-05-23 13:27 - 15721672 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.4.0.512).exe

2017-05-17 17:42 - 2017-05-17 17:42 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN

2017-05-17 17:42 - 2017-05-17 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings

2017-05-17 17:41 - 2017-05-23 14:14 - 00000000 ____D C:\WINDOWS\LastGood.Tmp

2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe

2017-05-16 18:06 - 2017-05-16 18:06 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll

2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll

2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll

2017-05-16 13:11 - 2017-05-19 10:42 - 05222216 _____ C:\Users\Pascal\Desktop\Euthanasie.pptx

2017-05-13 15:37 - 2017-05-13 15:37 - 00000212 _____ C:\Users\Pascal\Desktop\DARK SOULS III.url

2017-05-12 20:05 - 2017-05-12 20:05 - 00000000 ____D C:\Users\Pascal\AppData\Local\Styx2

2017-05-11 22:25 - 2017-05-11 22:25 - 00000212 _____ C:\Users\Pascal\Desktop\Wallpaper Engine.url

2017-05-11 16:32 - 2017-05-11 16:32 - 19247873 _____ C:\Users\Pascal\Desktop\IrishBritish.mp4

2017-05-10 13:26 - 2017-04-19 08:12 - 00395226 __RSH C:\bootmgr

2017-05-10 13:26 - 2017-03-18 22:57 - 00000001 ___SH C:\BOOTNXT

2017-05-09 22:19 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-05-09 22:19 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-05-09 22:19 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-05-09 22:19 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-05-09 22:19 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-05-09 22:19 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-05-09 22:19 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-05-09 22:19 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-05-09 22:19 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-05-09 22:19 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-05-09 22:19 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-05-09 22:19 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-05-09 22:19 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-05-09 22:19 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-05-09 22:19 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-05-09 22:19 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-05-09 22:19 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-05-09 22:19 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-05-09 22:19 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-05-09 22:19 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-05-09 22:19 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-05-09 22:19 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-05-09 22:19 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-05-09 22:19 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-05-09 22:19 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-05-09 22:19 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-05-09 22:19 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-05-09 22:19 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-05-09 22:19 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-05-09 22:19 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-05-09 22:19 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-05-09 22:19 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-05-09 22:19 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-05-09 22:19 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-05-09 22:19 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2017-05-09 22:19 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll

2017-05-09 22:19 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-05-09 22:19 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-05-09 22:19 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-05-09 22:19 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-05-09 22:19 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-05-09 22:19 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-05-09 22:19 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2017-05-09 22:19 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

2017-05-09 22:19 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll

2017-05-09 22:19 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-05-09 22:19 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-05-09 22:19 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe

2017-05-09 22:19 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-05-09 22:19 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-05-09 22:19 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-05-09 22:19 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-05-09 22:19 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-05-09 22:19 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-05-09 22:19 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-05-09 22:19 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2017-05-09 22:19 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-05-09 22:19 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe

2017-05-09 22:18 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-05-09 22:18 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-05-09 22:18 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-05-09 22:18 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-05-09 22:18 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-05-09 22:18 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-05-09 22:18 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-05-09 22:18 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-05-09 22:18 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-05-09 22:18 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-05-09 22:18 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-05-09 22:18 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-05-09 22:18 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-05-09 22:18 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-05-09 22:18 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-05-09 22:18 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-05-09 22:18 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-05-09 22:18 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-05-09 22:18 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-05-09 22:18 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-05-09 22:18 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-05-09 22:18 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-05-09 22:18 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2017-05-09 22:18 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-05-09 22:18 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-05-09 22:18 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-05-09 22:18 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-05-09 22:18 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-05-09 22:18 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-05-09 22:18 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-05-09 22:18 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-05-09 22:18 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-05-09 22:18 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-05-09 22:18 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-05-09 22:18 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-05-09 22:18 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-05-09 22:18 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-05-09 22:18 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-05-09 22:18 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-05-09 22:18 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-05-09 22:18 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-05-09 22:18 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-05-09 22:18 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2017-05-09 22:18 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-05-09 22:18 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-05-09 22:18 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-05-09 22:18 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-05-09 22:18 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-05-09 22:18 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2017-05-09 22:18 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-05-09 22:18 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2017-05-09 22:18 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-05-09 22:18 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-05-09 22:18 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-05-09 22:18 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-05-09 22:18 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-05-09 22:18 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-05-09 22:18 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-05-09 22:18 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-05-09 22:18 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-05-09 22:18 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-05-09 22:18 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-05-09 22:18 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-05-09 22:18 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-05-09 22:18 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2017-05-09 22:18 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-05-09 22:18 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-05-09 22:18 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-05-09 22:18 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-05-09 22:18 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-05-09 22:18 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-05-09 22:18 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-05-09 22:18 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-05-09 22:18 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-05-09 22:18 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-05-09 22:18 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-05-09 22:18 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-05-09 22:18 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-05-09 22:18 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-05-09 22:18 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2017-05-09 22:18 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-05-09 22:18 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-05-09 22:18 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll

2017-05-09 22:18 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-05-09 22:18 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-05-09 22:18 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2017-05-09 22:18 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2017-05-09 22:18 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-05-09 22:18 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2017-05-09 22:18 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2017-05-09 22:18 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2017-05-09 22:18 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2017-05-09 22:18 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2017-05-09 22:18 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-05-09 22:18 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-05-09 22:18 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2017-05-09 22:18 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-05-09 22:18 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2017-05-09 22:18 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2017-05-09 22:18 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-05-09 22:18 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-05-09 22:18 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-05-09 22:18 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-05-09 22:18 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-05-09 22:18 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-05-09 22:18 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2017-05-09 22:18 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-05-09 22:18 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2017-05-09 22:18 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-05-09 22:18 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2017-05-09 22:18 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-05-09 22:18 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2017-05-09 22:18 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2017-05-09 22:18 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2017-05-09 22:18 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-05-09 22:18 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2017-05-09 22:18 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2017-05-09 22:18 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll

2017-05-09 22:18 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2017-05-09 22:18 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2017-05-09 22:18 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-05-09 22:18 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2017-05-09 22:18 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-05-09 22:18 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll

2017-05-09 22:18 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2017-05-09 22:18 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll

2017-05-09 22:18 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-05-09 22:18 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2017-05-09 22:18 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2017-05-09 22:18 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

2017-05-09 22:18 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2017-05-09 22:18 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2017-05-09 22:18 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll

2017-05-09 22:18 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2017-05-09 22:18 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-05-09 22:18 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-05-09 22:18 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2017-05-09 22:18 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2017-05-09 22:18 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll

2017-05-09 22:18 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2017-05-09 22:18 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2017-05-09 22:18 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-05-09 22:18 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2017-05-09 22:18 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll

2017-05-09 22:18 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-05-09 22:18 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2017-05-09 22:18 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll

2017-05-09 22:18 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll

2017-05-09 22:18 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-05-09 22:18 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-05-09 22:18 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-05-09 22:18 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-05-09 22:18 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll

2017-05-09 22:11 - 2017-05-09 22:11 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

2017-05-09 22:11 - 2017-05-09 22:11 - 00001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

2017-05-09 22:10 - 2017-05-09 22:11 - 00000000 ____D C:\Program Files (x86)\Windows Live

2017-05-09 22:10 - 2017-05-09 22:10 - 26689458 _____ (videowinsoft.com ) C:\Users\Pascal\Downloads\windows-movie-maker-2016.exe

2017-05-09 22:10 - 2017-05-09 22:10 - 00001317 _____ C:\Users\Public\Desktop\Windows Movie Maker.lnk

2017-05-09 22:10 - 2017-05-09 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker

2017-05-09 22:08 - 2017-05-09 22:08 - 00000000 ____D C:\Program Files (x86)\LottaDeals

2017-05-09 22:07 - 2017-05-09 22:12 - 00000000 ____D C:\ProgramData\AVAST Software

2017-05-09 22:07 - 2017-05-09 22:07 - 00000000 ____D C:\Program Files (x86)\WeatherHubPro

2017-05-09 21:50 - 2017-05-09 22:14 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\obs-studio

2017-05-09 17:45 - 2017-03-17 22:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll

2017-05-09 17:45 - 2017-03-17 21:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll

2017-05-09 17:45 - 2017-03-17 21:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll

2017-05-09 17:45 - 2017-03-17 21:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll

2017-05-09 17:45 - 2017-03-17 21:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll

2017-05-09 17:44 - 2017-05-09 17:44 - 00001053 _____ C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk

2017-05-09 17:40 - 2017-05-18 09:29 - 22120924 _____ C:\Users\Pascal\Desktop\Irelandpres.pptx

2017-05-09 16:10 - 2017-05-09 16:10 - 00000977 _____ C:\Users\Public\Desktop\OBS Studio.lnk

2017-05-09 16:10 - 2017-05-09 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio

2017-05-09 16:08 - 2017-05-09 16:08 - 113034688 _____ (obsproject.com) C:\Users\Pascal\Downloads\OBS-Studio-18.0.1-Full-Installer.exe

2017-05-09 13:54 - 2017-05-09 13:54 - 00000000 ____D C:\Users\Pascal\Desktop\Stuff

2017-05-06 09:45 - 2017-05-06 09:47 - 00000000 ____D C:\Users\Pascal\Desktop\SPIELE ORDNER

2017-05-05 21:02 - 2017-05-05 21:02 - 00659456 _____ C:\Users\Pascal\Downloads\DualMonitorTools-2.5.msi

2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor Tools

2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\Program Files (x86)\Dual Monitor Tools

2017-05-05 18:52 - 2017-05-05 18:52 - 00000212 _____ C:\Users\Pascal\Desktop\Prey.url

2017-05-05 17:05 - 2017-05-05 17:05 - 00000212 _____ C:\Users\Pascal\Desktop\Styx Shards of Darkness.url

2017-05-05 16:28 - 2017-05-22 18:12 - 00000000 ___RD C:\Users\Pascal\Desktop\FiveM

2017-05-05 16:28 - 2017-05-05 16:28 - 00000000 ____D C:\Users\Pascal\Downloads\FiveM.app

2017-05-05 13:23 - 2017-05-27 12:09 - 00000080 _____ C:\Users\Pascal\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦

2017-05-04 21:51 - 2017-05-04 21:51 - 09390672 _____ (Piriform Ltd) C:\Users\Pascal\Downloads\ccsetup529.exe

2017-05-04 16:05 - 2017-05-04 18:17 - 41294497 _____ C:\Users\Pascal\Downloads\Flechten Daid (2).pptx
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-06-03 11:02 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-06-03 09:45 - 2016-01-06 13:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2017-06-03 09:35 - 2017-04-18 15:40 - 02340706 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-06-03 09:35 - 2017-03-20 06:41 - 01065544 _____ C:\WINDOWS\system32\perfh007.dat

2017-06-03 09:35 - 2017-03-20 06:41 - 00238024 _____ C:\WINDOWS\system32\perfc007.dat

2017-06-03 09:29 - 2017-04-18 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-06-03 09:29 - 2017-04-18 15:28 - 00000000 ____D C:\Users\Pascal

2017-06-03 09:28 - 2017-04-18 15:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2017-06-03 09:28 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI

2017-06-03 09:19 - 2014-09-05 17:20 - 00000000 ____D C:\Users\Pascal\AppData\Local\Packages

2017-06-03 09:17 - 2017-04-18 15:35 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8DB2EA9F-FDA0-4CD1-B8F0-3B7DEF1B6AB2}

2017-06-02 22:59 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps

2017-06-02 22:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-06-02 22:51 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-06-02 22:51 - 2015-09-02 09:13 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-05-27 22:29 - 2014-09-05 23:07 - 00000000 ____D C:\Users\Pascal\AppData\Local\Spotify

2017-05-27 21:38 - 2014-09-05 23:06 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Spotify

2017-05-27 16:00 - 2014-09-05 17:24 - 00000000 ____D C:\Users\Pascal\AppData\Local\Google

2017-05-27 15:59 - 2014-09-05 17:24 - 00000000 ____D C:\Program Files (x86)\Google

2017-05-27 14:53 - 2015-12-30 21:42 - 00000000 ____D C:\ProgramData\IObit

2017-05-25 20:10 - 2015-12-30 21:43 - 00000000 ____D C:\ProgramData\ProductData

2017-05-25 14:00 - 2014-09-05 20:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\TS3Client

2017-05-25 10:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-05-25 10:09 - 2014-09-05 17:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2017-05-25 09:53 - 2016-03-21 19:39 - 00000000 ____D C:\ProgramData\PDF Architect 4

2017-05-23 18:28 - 2014-09-07 18:23 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-05-23 18:26 - 2014-09-07 18:23 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-05-23 14:14 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2017-05-23 14:14 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF

2017-05-17 17:42 - 2017-04-18 15:28 - 00000000 ____D C:\Program Files\AMD

2017-05-17 17:42 - 2015-12-30 21:26 - 00000000 ____D C:\Program Files (x86)\ATI Technologies

2017-05-17 17:41 - 2016-09-16 17:37 - 00000000 ____D C:\AMD

2017-05-13 15:37 - 2014-12-27 01:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2017-05-11 22:26 - 2015-07-29 16:12 - 00000000 ____D C:\ProgramData\Package Cache

2017-05-11 18:58 - 2014-10-06 09:10 - 00000000 ____D C:\Users\Pascal\AppData\Local\ElevatedDiagnostics

2017-05-11 15:45 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-05-10 18:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache

2017-05-10 13:27 - 2016-11-20 23:50 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-05-10 13:26 - 2017-04-18 15:27 - 00391832 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-05-09 23:26 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism

2017-05-09 22:12 - 2016-11-20 12:40 - 00000000 ____D C:\Program Files\Common Files\AV

2017-05-09 17:45 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR

2017-05-09 16:02 - 2017-04-18 15:35 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed

2017-05-05 21:03 - 2016-06-17 23:19 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Dual Monitor Tools

2017-05-05 20:49 - 2016-06-25 11:44 - 00000000 ____D C:\Users\Pascal\AppData\Local\UnrealEngine

2017-05-04 21:51 - 2015-02-15 13:33 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2014-09-19 23:07 - 2015-01-08 22:51 - 0001470 _____ () C:\Users\Pascal\AppData\Roaming\SpeedRunnersLog.txt

2015-06-06 19:02 - 2015-06-06 19:02 - 0001457 _____ () C:\Users\Pascal\AppData\Local\recently-used.xbel

2015-09-05 23:10 - 2015-09-05 23:10 - 0007602 _____ () C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg

2014-11-03 17:59 - 2014-11-03 18:01 - 0000000 _____ () C:\Users\Pascal\AppData\Local\{D225EC80-495D-4D31-93CB-8D9B23232D0F}
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-05-27 16:06
 

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017

durchgeführt von Pascal (03-06-2017 11:25:46)

Gestartet von C:\Users\Pascal\Downloads

Windows 10 Pro Version 1703 (X64) (2017-04-18 13:38:02)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1229423121-489186376-597309758-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1229423121-489186376-597309758-503 - Limited - Disabled)

Gast (S-1-5-21-1229423121-489186376-597309758-501 - Limited - Disabled)

Pascal (S-1-5-21-1229423121-489186376-597309758-1001 - Administrator - Enabled) => C:\Users\Pascal
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)

AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)

AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden

AMD Catalyst Install Manager (HKLM\...\{BFA7FEF1-18FF-A9BF-560B-8243CF14C689}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)

Arena of Fate (HKLM-x32\...\{3692304C-EFBB-4181-B75C-6A477A2B8708}) (Version: 1.0.0 - Crytek GmbH)

Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)

Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)

CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

Crossout Launcher 1.0.0.18 (HKLM-x32\...\CrossOutLauncher_is1) (Version:  - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DARK SOULS™ III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)

Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)

Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.27.80.1020 - Electronic Arts Inc.)

Discord (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)

Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)

Dropbox (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)

Dual Monitor Tools (HKLM-x32\...\{0DAA6DDB-DE54-4687-ADDE-B4CA1C74E0C3}) (Version: 2.5.0.0 - GNE)

ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.7 - MSI)

ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)

ESEA Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)

Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)

Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.1 - MSI)

FileZilla Client 3.9.0.6 (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)

Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)

GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)

Golf It! (HKLM\...\Steam App 571740) (Version:  - Perfuse Entertainment)

GooCubelets (HKLM\...\Steam App 397620) (Version:  - Zonitron Productions)

GooCubelets 2 (HKLM\...\Steam App 416270) (Version:  - Zonitron Productions)

GooCubelets: The Algoorithm (HKLM\...\Steam App 431270) (Version:  - Zonitron Productions)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)

H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)

Heart's Medicine - Time to Heal (HKLM\...\Steam App 494230) (Version:  - Blue Giraffe)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)

Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden

Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)

Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden

Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)

Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden

Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)

League client alpha (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)

League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)

League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden

Little Nightmares (HKLM\...\Steam App 424840) (Version:  - Tarsier Studios)

Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.004 - MSI)

LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)

Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)

MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.93 - MSI)

MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 2.0.0.10 - MSI)

MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)

MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden

MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)

NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)

Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)

Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)

Punch Club (HKLM\...\Steam App 394310) (Version:  - Lazy Bear Games)

Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden

Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden

Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)

Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)

ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH)

ROCCAT Swarm (x32 Version: 1.92.00 - ROCCAT GmbH) Hidden

Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)

Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)

ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)

Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505200853 - Sony Mobile Communications Inc.)

Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)

Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)

SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)

Spotify (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)

Styx: Shards of Darkness (HKLM\...\Steam App 355790) (Version:  - Cyanide Studio)

Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

TeamSpeak 3 Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)

The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)

The Curious Expedition (HKLM\...\Steam App 358130) (Version:  - Maschinen-Mensch)

Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)

UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden

UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden

Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)

VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden

Wallpaper Engine (HKLM\...\Steam App 431960) (Version:  - Kristjan Skutta)

Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)

WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {03CB350A-E21F-45F5-8671-56732C904458} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {16C347D8-5B7E-4602-9732-D46C9359BE15} - System32\Tasks\{A4442B86-8DBB-43F9-9E34-477D9C82A120} => pcalua.exe -a L:\Programme\MobileGo\unins000.exe -c /WAF

Task: {189B50CD-385D-491E-9DF3-B29B2A3EE1D0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {21616791-3E35-4F9F-80EF-6E707F6B05DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)

Task: {245ED3C0-7034-4771-A3DE-33C21655F235} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)

Task: {24D71ADF-73EE-409F-B82E-300BE94481C3} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 

Task: {35464B03-40BA-4942-B7C5-DC917F3E6609} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()

Task: {4884CAC8-FF7A-445E-9FA5-FEEEB0920564} - System32\Tasks\Driver Booster SkipUAC (Pascal) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe 

Task: {4AE08037-CE95-4548-8EEA-D741748D41FF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {540A65DC-9162-41B6-8E2B-A0F1AA99695E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)

Task: {565A2A36-AAC7-4F4A-AE06-58FBE5E97E4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-27] (Google Inc.)

Task: {580507F1-F02A-4C81-8E21-855C71C9AE41} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)

Task: {75B89EE9-D3F7-4F20-96B4-CB44DEEA5D05} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {9A5D4BB8-78FB-4736-AEE0-64C4A3C6A742} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-25] (Microsoft Corporation)

Task: {ABA178A7-82F6-4234-97E2-61A8E8B075A1} - System32\Tasks\Uninstaller_SkipUac_Pascal => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe 

Task: {AD8B3F2E-0A7A-45FA-8ABA-01CA8C7498AF} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Users/Pascal/Downloads/SWARM_v19201 

Task: {BF789F40-CB07-4D5D-A681-FA23DBCFE793} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)

Task: {CF1B5F07-D8FD-474A-986A-9BB094F29257} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2016-12-04] (Advanced Micro Devices, Inc.)

Task: {DEB58E5E-D945-4881-82C3-5DA0C310D0C3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)

Task: {EC04A89D-63D7-4D05-83EC-6D3D7026E41A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 

Task: {EEB7A64A-C9BB-48BA-BBD9-2220B4E2BC78} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-27] (Google Inc.)

Task: {FD9D0019-4A1A-4493-8CB9-6B72C3E8BE15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()

Task: {FDFC500C-A949-41B1-B00B-0FA45AB5FC16} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1229423121-489186376-597309758-1001Core1d25e21afe2fdbd.job => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

Shortcut: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arena of Fate\Repair Arena of Fate.lnk -> L:\Programme\repair\repair.bat ()
 

ShortcutWithArgument: C:\Users\Pascal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8879236057a5818c\Steam inventory helper.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cmeakgjggjdlcpncigglobpjbkabhmjl
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-03-25 22:46 - 2015-01-29 14:41 - 01992704 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe

2015-03-25 22:03 - 2014-04-10 14:57 - 02126448 _____ () C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe

2017-05-27 14:59 - 2017-06-03 10:38 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll

2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll

2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll

2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll

2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll

2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll

2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-03-25 21:44 - 2014-02-21 12:21 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL

2015-03-25 21:44 - 2014-02-21 12:19 - 00366080 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL

2017-05-27 16:00 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll

2017-05-27 16:00 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

2017-03-18 22:58 - 2017-03-18 22:58 - 03826176 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll

2017-04-08 10:13 - 2017-04-08 10:13 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll

2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll

2016-11-21 15:51 - 2016-06-21 20:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl

2016-11-21 15:51 - 2016-06-21 20:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl

2016-11-21 15:51 - 2016-06-21 20:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

2017-02-24 19:35 - 2017-02-24 19:35 - 02493440 _____ () L:\Programme\Origin\libGLESv2.dll

2014-10-23 19:27 - 2014-10-23 19:27 - 00119822 _____ () L:\Programme\libgcc_s_dw2-1.dll

2015-12-29 07:25 - 2015-12-29 07:25 - 01540622 _____ () L:\Programme\libstdc++-6.dll

2014-02-19 19:51 - 2014-02-19 19:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2017-06-02 23:04 - 2017-05-17 03:54 - 00678176 _____ () L:\Programme\Steam\SDL2.dll

2017-06-02 23:04 - 2017-06-01 21:50 - 02485536 _____ () L:\Programme\Steam\video.dll

2016-10-14 09:38 - 2016-09-01 03:02 - 04969248 _____ () L:\Programme\Steam\v8.dll

2016-10-14 09:38 - 2016-01-27 09:49 - 02549760 _____ () L:\Programme\Steam\libavcodec-56.dll

2016-10-14 09:38 - 2016-01-27 09:49 - 00491008 _____ () L:\Programme\Steam\libavformat-56.dll

2016-10-14 09:38 - 2016-01-27 09:49 - 00332800 _____ () L:\Programme\Steam\libavresample-2.dll

2016-10-14 09:38 - 2016-01-27 09:49 - 00442880 _____ () L:\Programme\Steam\libavutil-54.dll

2016-10-14 09:38 - 2016-01-27 09:49 - 00485888 _____ () L:\Programme\Steam\libswscale-3.dll

2016-10-14 09:38 - 2016-09-01 03:02 - 01563936 _____ () L:\Programme\Steam\icui18n.dll

2016-10-14 09:38 - 2016-09-01 03:02 - 01195296 _____ () L:\Programme\Steam\icuuc.dll

2017-06-02 23:04 - 2017-06-01 21:50 - 00877856 _____ () L:\Programme\Steam\bin\chromehtml.DLL

2016-10-14 09:38 - 2016-07-05 00:17 - 00266560 _____ () L:\Programme\Steam\openvr_api.dll

2017-06-02 23:04 - 2017-05-08 21:45 - 69516064 _____ () L:\Programme\Steam\bin\cef\cef.win7\libcef.dll

2017-06-02 23:04 - 2017-06-01 21:50 - 00385312 _____ () L:\Programme\Steam\steam.dll

2016-10-14 09:38 - 2015-09-25 01:52 - 00119208 _____ () L:\Programme\Steam\winh264.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-1229423121-489186376-597309758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal\Pictures\Epicnice.png

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

MSCONFIG\startupreg: Overwolf => "c:\program files (x86)\overwolf\overwolflauncher.exe" -overwolfsilent

MSCONFIG\startupreg: RoccatIskuFX => "l:\programme\iskufxmonitor.exe"

HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"

HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"

HKLM\...\StartupApproved\Run32: => "avgnt"

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

HKLM\...\StartupApproved\Run32: => "StartCCC"

HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2"

HKLM\...\StartupApproved\Run32: => "Command Center"

HKLM\...\StartupApproved\Run32: => "Fast Boot"

HKLM\...\StartupApproved\Run32: => "Live Update"

HKLM\...\StartupApproved\Run32: => "Super Charger"

HKLM\...\StartupApproved\Run32: => "RaidCall"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Duden Korrektor SysTray"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Clownfish"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Sony PC Companion"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "MK LOL"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Dropbox Update"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "WallpaperEngine"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [TCP Query User{A170B425-8091-46BF-B73A-65DD1061A1EE}L:\programme\roccat_swarm_monitor.exe] => (Block) L:\programme\roccat_swarm_monitor.exe

FirewallRules: [UDP Query User{288663AB-AB6D-4F76-A98E-EEF0188C65F8}L:\programme\roccat_swarm_monitor.exe] => (Block) L:\programme\roccat_swarm_monitor.exe

FirewallRules: [TCP Query User{52D427B7-2BFE-424D-88A5-BCC6FFD5B3FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{21F4A2E2-8C1E-452D-B283-74A8E0122BB2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [{95BC90B8-62CE-475A-B696-5F40702F5744}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [{82B95E73-1546-4F84-9A1C-ECD7331AB4D9}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [{A924880C-CA3C-4D61-B484-682DCCB569BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [TCP Query User{FF0AAC89-ED04-4E1A-B2EA-DAA84E30606D}C:\users\pascal\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pascal\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{D5228E38-F014-446C-B8FA-0D41D1641DE1}C:\users\pascal\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pascal\appdata\roaming\spotify\spotify.exe

FirewallRules: [{3389829F-3CB6-4606-8898-E5D5E5332C4B}] => (Block) C:\users\pascal\appdata\roaming\spotify\spotify.exe

FirewallRules: [{81746705-A0E4-43DE-9158-3DA7E310D610}] => (Block) C:\users\pascal\appdata\roaming\spotify\spotify.exe

FirewallRules: [{093DE240-B3C5-475B-9BE6-891CED811E33}] => (Allow) L:\Programme\Steam\Steam.exe

FirewallRules: [{DD6716FD-9CDC-4216-8EE0-A6919D4896F0}] => (Allow) L:\Programme\Steam\Steam.exe

FirewallRules: [{8F9237BE-1807-48B6-90E6-176F695EBA78}] => (Allow) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{9BB47D31-6AEB-48F1-AA25-24E429F66E47}] => (Allow) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{05CF5D0E-FA7B-4C8E-A151-CA23C2E81A7A}] => (Allow) L:\Programme\Steam\SteamApps\common\Golf It!\GolfIt.exe

FirewallRules: [{14C86F48-5B67-41D0-BBEB-8F9A4E5C48A1}] => (Allow) L:\Programme\Steam\SteamApps\common\Golf It!\GolfIt.exe

FirewallRules: [{223AB791-67AB-4806-ABC1-6FEDFC30FCE6}] => (Allow) L:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{7828F05D-2738-4546-9DE5-98ED9DFE9555}] => (Allow) L:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{5C92EA3B-6139-4480-94E7-9ADE8AF3D8A7}] => (Allow) L:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe

FirewallRules: [{88C27B8E-29EE-4A73-A328-ECCB11F53155}] => (Allow) L:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe

FirewallRules: [{BD2C4DEF-EB86-4416-8A94-03BDD3E07E20}] => (Allow) L:\Programme\Steam\SteamApps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe

FirewallRules: [{BAAC3CBF-682A-4815-94BB-8C50E68EBA6B}] => (Allow) L:\Programme\Steam\SteamApps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
 

==================== Wiederherstellungspunkte =========================
 

ACHTUNG: Systemwiederherstellung ist deaktiviert
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: PS/2-Standardtastatur

Description: PS/2-Standardtastatur

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardtastaturen)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (06/03/2017 11:21:07 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 11:21:05 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 11:20:26 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 11:20:11 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 10:45:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PASCAL)

Description: Das Paket „Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
 

Error: (06/03/2017 09:45:51 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)

Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSIb046.LOG enthalten.
 

Error: (06/03/2017 09:39:09 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 09:38:05 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 09:37:25 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 

Error: (06/03/2017 09:37:23 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
 

Systemfehler:

=============

Error: (06/03/2017 09:45:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 

Ein an das System angeschlossenes Gerät funktioniert nicht.
 

Error: (06/03/2017 09:40:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (06/03/2017 09:40:38 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Pascal\AppData\Local\Temp\ehdrv.sys
 

Error: (06/03/2017 09:40:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (06/03/2017 09:40:38 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Pascal\AppData\Local\Temp\ehdrv.sys
 

Error: (06/03/2017 09:40:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (06/03/2017 09:40:38 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Pascal\AppData\Local\Temp\ehdrv.sys
 

Error: (06/03/2017 09:38:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (06/03/2017 09:38:12 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Pascal\AppData\Local\Temp\ehdrv.sys
 

Error: (06/03/2017 09:38:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 
 

CodeIntegrity:

===================================

  Date: 2017-06-03 09:29:33.114

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-03 09:29:32.741

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-03 09:27:08.250

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-03 09:27:08.249

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-03 09:15:21.552

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-03 09:15:21.550

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-02 23:19:06.926

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-02 23:19:06.924

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-02 22:52:58.946

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-02 22:52:57.658

  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz

Prozentuale Nutzung des RAM: 49%

Installierter physikalischer RAM: 8143.77 MB

Verfügbarer physikalischer RAM: 4135.47 MB

Summe virtueller Speicher: 11343.77 MB

Verfügbarer virtueller Speicher: 6438.4 MB
 

==================== Laufwerke ================================
 

Drive c: (Origin) (Fixed) (Total:111.35 GB) (Free:34.55 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive h: (Data1) (Fixed) (Total:139.73 GB) (Free:139.62 GB) NTFS

Drive j: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

Drive l: (Data2) (Fixed) (Total:465.66 GB) (Free:145 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 28BDBFA2)

Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CDF8897F)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 139.7 GB) (Disk ID: 00000001)

Partition 1: (Active) - (Size=139.7 GB) - (Type=07 NTFS)
 

==================== Ende von Addition.txt ============================

--- --- ---