Windows 10: Fenster poppt kurz auf und verschwindet sofort wieder-Keine Chance es zu erkennen

Seehmer · 27.05.2017, 00:22

Schönen guten Tag,

ich hab seit 2-3 Tagen das Problem, dass ein mir unbekanntes Fenster sich hin und wieder öffnet und mich somit aus Fullscreen Angelegenheiten entfernt, was grade beim Spielen SEHR nervig sein kann.
Außerdem kann ich mir nicht vorstellen, dass das ein feature von irgendeinem Programm ist weshalb ich mich jetzt hier angemeldet habe und auf Hilfe hoffe.
Ich habe natürlich meinen Anti-Virus Provider Kaspersky drüber laufen lassen, was aber nach vollständiger Suche in nichts resultiert ist.

Mit freundlichen Grüßen Pascal (aka. Seehmer)

M-K-D-B · 27.05.2017, 11:50

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Seehmer · 27.05.2017, 13:16

Tut mir leid ich habe am Anfang den CODE nicht richtig gesetzt

Seehmer · 27.05.2017, 13:21

Tut mir leid ich habe die ersten 3 falsch gemacht nun habe ich es verstanden!

Seehmer · 27.05.2017, 13:23

Hier das selbe wie darüber

Seehmer · 27.05.2017, 13:24

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Pascal (27-05-2017 14:13:21)
Gestartet von C:\Users\Pascal\Downloads
Windows 10 Pro Version 1703 (X64) (2017-04-18 13:38:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1229423121-489186376-597309758-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1229423121-489186376-597309758-503 - Limited - Disabled)
Gast (S-1-5-21-1229423121-489186376-597309758-501 - Limited - Disabled)
Pascal (S-1-5-21-1229423121-489186376-597309758-1001 - Administrator - Enabled) => C:\Users\Pascal

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
AMD Catalyst Install Manager (HKLM\...\{BFA7FEF1-18FF-A9BF-560B-8243CF14C689}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Arena of Fate (HKLM-x32\...\{3692304C-EFBB-4181-B75C-6A477A2B8708}) (Version: 1.0.0 - Crytek GmbH)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crossout Launcher 1.0.0.18 (HKLM-x32\...\CrossOutLauncher_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.27.80.1020 - Electronic Arts Inc.)
Discord (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)
Dropbox (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dual Monitor Tools (HKLM-x32\...\{0DAA6DDB-DE54-4687-ADDE-B4CA1C74E0C3}) (Version: 2.5.0.0 - GNE)
ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.7 - MSI)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.1 - MSI)
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Golf It! (HKLM\...\Steam App 571740) (Version:  - Perfuse Entertainment)
GooCubelets (HKLM\...\Steam App 397620) (Version:  - Zonitron Productions)
GooCubelets 2 (HKLM\...\Steam App 416270) (Version:  - Zonitron Productions)
GooCubelets: The Algoorithm (HKLM\...\Steam App 431270) (Version:  - Zonitron Productions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Heart's Medicine - Time to Heal (HKLM\...\Steam App 494230) (Version:  - Blue Giraffe)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
League client alpha (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Little Nightmares (HKLM\...\Steam App 424840) (Version:  - Tarsier Studios)
Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.004 - MSI)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.93 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 2.0.0.10 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
Punch Club (HKLM\...\Steam App 394310) (Version:  - Lazy Bear Games)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH)
ROCCAT Swarm (x32 Version: 1.92.00 - ROCCAT GmbH) Hidden
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505200853 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
Styx: Shards of Darkness (HKLM\...\Steam App 355790) (Version:  - Cyanide Studio)
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Curious Expedition (HKLM\...\Steam App 358130) (Version:  - Maschinen-Mensch)
Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Wallpaper Engine (HKLM\...\Steam App 431960) (Version:  - Kristjan Skutta)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03CB350A-E21F-45F5-8671-56732C904458} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {16C347D8-5B7E-4602-9732-D46C9359BE15} - System32\Tasks\{A4442B86-8DBB-43F9-9E34-477D9C82A120} => pcalua.exe -a L:\Programme\MobileGo\unins000.exe -c /WAF
Task: {189B50CD-385D-491E-9DF3-B29B2A3EE1D0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {21616791-3E35-4F9F-80EF-6E707F6B05DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {22559DAC-7EAE-454F-81AC-FCFD33C54634} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {245ED3C0-7034-4771-A3DE-33C21655F235} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {24D71ADF-73EE-409F-B82E-300BE94481C3} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {35464B03-40BA-4942-B7C5-DC917F3E6609} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()
Task: {44F89B89-89C6-450B-92F5-4B08E5F3A493} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {4884CAC8-FF7A-445E-9FA5-FEEEB0920564} - System32\Tasks\Driver Booster SkipUAC (Pascal) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe 
Task: {4AE08037-CE95-4548-8EEA-D741748D41FF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {540A65DC-9162-41B6-8E2B-A0F1AA99695E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {580507F1-F02A-4C81-8E21-855C71C9AE41} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {75B89EE9-D3F7-4F20-96B4-CB44DEEA5D05} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8F907EAD-9E04-4860-94F2-1D220B66B66B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9A5D4BB8-78FB-4736-AEE0-64C4A3C6A742} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-25] (Microsoft Corporation)
Task: {A1209673-C3B4-4AB1-B241-867A25909B1A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A1AD0BAA-2A71-4917-AF99-AC11C04CF583} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A3E1769C-9628-44F7-8B8F-001CB7832B78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A83F9266-054C-49E2-9D20-726078B9463B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {A912C1A7-DEA3-4EE3-AEB0-6622D9890796} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {ABA178A7-82F6-4234-97E2-61A8E8B075A1} - System32\Tasks\Uninstaller_SkipUac_Pascal => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe 
Task: {AD8B3F2E-0A7A-45FA-8ABA-01CA8C7498AF} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Users/Pascal/Downloads/SWARM_v19201 
Task: {AF0CB8C2-0473-4589-8AA9-F77D23E1F8D3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF46780E-A4F9-4D44-B519-9A0E789313BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BF789F40-CB07-4D5D-A681-FA23DBCFE793} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {CAEFF53C-82ED-4FAE-B0B5-C1FD098178AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {CF1B5F07-D8FD-474A-986A-9BB094F29257} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2016-12-04] (Advanced Micro Devices, Inc.)
Task: {D5E9C7EC-9FAA-4838-97A6-ED3632206EC0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DEB58E5E-D945-4881-82C3-5DA0C310D0C3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {E31756E6-D0CB-4374-B048-4DCE3D9D5C6B} - \WPD\SqmUpload_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {EC04A89D-63D7-4D05-83EC-6D3D7026E41A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {F3B6B55A-9C8D-44DF-A7EC-5BFF474CA071} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F58CD541-A9C8-41DC-84C2-99005E759A57} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FD9D0019-4A1A-4493-8CB9-6B72C3E8BE15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()
Task: {FDFC500C-A949-41B1-B00B-0FA45AB5FC16} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1229423121-489186376-597309758-1001Core1d25e21afe2fdbd.job => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arena of Fate\Repair Arena of Fate.lnk -> L:\Programme\repair\repair.bat ()

ShortcutWithArgument: C:\Users\Pascal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8879236057a5818c\Steam inventory helper.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cmeakgjggjdlcpncigglobpjbkabhmjl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-25 22:03 - 2014-04-10 14:57 - 02126448 _____ () C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
2015-03-25 22:46 - 2015-01-29 14:41 - 01992704 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 03826176 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-04-08 10:13 - 2017-04-08 10:13 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-03-25 21:44 - 2014-02-21 12:21 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2015-03-25 21:44 - 2014-02-21 12:19 - 00366080 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2017-05-08 13:21 - 2017-05-08 13:22 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-05-08 13:21 - 2017-05-08 13:21 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-05-08 13:21 - 2017-05-08 13:22 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-05-16 12:33 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-16 12:33 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2017-02-24 19:35 - 2017-02-24 19:35 - 02493440 _____ () L:\Programme\Origin\libGLESv2.dll
2014-02-19 19:51 - 2014-02-19 19:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-21 15:51 - 2016-06-21 20:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-11-21 15:51 - 2016-06-21 20:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-11-21 15:51 - 2016-06-21 20:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-10-23 19:27 - 2014-10-23 19:27 - 00119822 _____ () L:\Programme\libgcc_s_dw2-1.dll
2015-12-29 07:25 - 2015-12-29 07:25 - 01540622 _____ () L:\Programme\libstdc++-6.dll
2017-05-25 01:14 - 2017-05-25 01:14 - 67117168 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\libcef.dll
2017-05-25 01:14 - 2017-05-25 01:14 - 00116848 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-05-25 01:14 - 2017-05-25 01:14 - 02253424 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\libglesv2.dll
2017-05-25 01:14 - 2017-05-25 01:14 - 00086640 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal\Pictures\Epicnice.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Overwolf => "c:\program files (x86)\overwolf\overwolflauncher.exe" -overwolfsilent
MSCONFIG\startupreg: RoccatIskuFX => "l:\programme\iskufxmonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "RaidCall"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Duden Korrektor SysTray"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Advanced SystemCare 10"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "WallpaperEngine"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{20BEB720-5E9F-4D1E-842C-D1903926412D}] => (Block) C:\users\pascal\appdata\local\fivem\fivem.exe
FirewallRules: [{1A40A9AA-1B43-4FE7-B642-90762C6DEE2F}] => (Block) C:\users\pascal\appdata\local\fivem\fivem.exe
FirewallRules: [UDP Query User{557805F7-382A-41D7-B58D-ED18934A36E5}C:\users\pascal\appdata\local\fivem\fivem.exe] => (Allow) C:\users\pascal\appdata\local\fivem\fivem.exe
FirewallRules: [TCP Query User{46A62D48-D407-4897-8154-194AA2F4C6C4}C:\users\pascal\appdata\local\fivem\fivem.exe] => (Allow) C:\users\pascal\appdata\local\fivem\fivem.exe
FirewallRules: [{02F4112F-9565-495A-8254-814084C0CA54}] => (Allow) L:\Programme\GTA5\GTA5.exe
FirewallRules: [{F7F75422-E537-4BF1-A27A-92AA843B82D8}] => (Allow) L:\Programme\GTA5\GTA5.exe
FirewallRules: [{637C53D9-BCEC-4BF9-8124-652733DDF85D}] => (Block) L:\programme\teamspeak\ts3client_win64.exe
FirewallRules: [{71961A45-5907-4F11-A598-023E5BC1BDDE}] => (Block) L:\programme\teamspeak\ts3client_win64.exe
FirewallRules: [UDP Query User{1A2C65D8-949A-4804-AC01-CAA4CC22CB52}L:\programme\teamspeak\ts3client_win64.exe] => (Allow) L:\programme\teamspeak\ts3client_win64.exe
FirewallRules: [TCP Query User{D880948F-A356-4F3F-BB5E-0BC61B5E5DEE}L:\programme\teamspeak\ts3client_win64.exe] => (Allow) L:\programme\teamspeak\ts3client_win64.exe
FirewallRules: [{C77C46CB-5F14-4F26-8D63-834DCBFD87F1}] => (Block) L:\programme\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [{053BF99B-844B-4AD2-A867-0A0662B70B4C}] => (Block) L:\programme\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [UDP Query User{BA240DB7-B515-4D33-B392-9F449A02791A}L:\programme\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) L:\programme\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [TCP Query User{7B032687-3A14-42E7-BCE2-92BA9BDFD42E}L:\programme\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) L:\programme\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [{E2E14CD4-BEED-45D2-8CD5-5CE6DCA0D83D}] => (Allow) L:\Programme\Steam\SteamApps\common\Golf It!\GolfIt.exe
FirewallRules: [{5CDD3AA7-F3DD-4083-8F3B-4D99A216331A}] => (Allow) L:\Programme\Steam\SteamApps\common\Golf It!\GolfIt.exe
FirewallRules: [{91BDC07C-8151-4A58-A258-ED4013F2DB24}] => (Allow) L:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{8197D7AE-D44A-48E4-8A80-CD5F46F9C910}] => (Allow) L:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{F4325687-46E8-4E1B-AF69-D0FAE8BF6B24}] => (Allow) L:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A600A715-2558-48FC-B406-842C67285574}] => (Allow) L:\Programme\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F3BF4CD8-2F3D-40F6-8341-4B37F58D4729}] => (Allow) L:\Programme\Steam\SteamApps\common\GooCubelets\GooCubelets.exe
FirewallRules: [{247E55F7-0A58-4AA5-B5F1-6D7C22F5CD65}] => (Allow) L:\Programme\Steam\SteamApps\common\GooCubelets\GooCubelets.exe
FirewallRules: [{C1019600-87C4-4267-B31F-79E5A68B652A}] => (Allow) L:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{D943DA45-AA0B-4BC9-BB85-27491DF830BC}] => (Allow) L:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{E9592459-B378-4866-88B8-6495660FA585}] => (Allow) L:\Programme\Steam\SteamApps\common\GooCubelets 2\GooCubelets 2.exe
FirewallRules: [{26E90077-50D0-4529-B81E-A7FAE9103EF2}] => (Allow) L:\Programme\Steam\SteamApps\common\GooCubelets 2\GooCubelets 2.exe
FirewallRules: [{B038FC60-C768-40C7-9377-F85F9C09094D}] => (Allow) L:\Programme\Steam\SteamApps\common\GooCubelets The Algoorithm\GooCubeletsTheAlgoorithm.exe
FirewallRules: [{7EF83E7C-9B67-4A03-8EBB-642DD1D6BCEC}] => (Allow) L:\Programme\Steam\SteamApps\common\GooCubelets The Algoorithm\GooCubeletsTheAlgoorithm.exe
FirewallRules: [{A321314F-9A75-46AF-ADC4-809F939D54B5}] => (Block) C:\users\pascal\downloads\swarm_v19201 (1)\roccat_swarm_monitor.exe
FirewallRules: [{BF909C62-838A-4BB7-B5EA-9F43B7D69DB4}] => (Block) C:\users\pascal\downloads\swarm_v19201 (1)\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{AEAFDAD6-F3DF-4A78-AAA0-9A2A2ECBF5BF}C:\users\pascal\downloads\swarm_v19201 (1)\roccat_swarm_monitor.exe] => (Allow) C:\users\pascal\downloads\swarm_v19201 (1)\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{1A782A0E-A10A-4A28-860B-ACF1EDC2FDEA}C:\users\pascal\downloads\swarm_v19201 (1)\roccat_swarm_monitor.exe] => (Allow) C:\users\pascal\downloads\swarm_v19201 (1)\roccat_swarm_monitor.exe
FirewallRules: [{C9AF1333-72D7-4C0C-BB33-C5A157D75AB8}] => (Allow) L:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{A4F7C3D7-0055-4557-868C-917F8B0457DC}] => (Allow) L:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{4D2092F8-4ED2-42DB-BC8D-2DFB714E3950}] => (Allow) L:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{C2FCAA49-3C15-4218-A4CF-E81A0C98A39C}] => (Allow) L:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{62DB88A3-109D-47CF-AB9C-9E1013075B99}] => (Allow) L:\Programme\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{FCD64376-5A13-4F4A-A959-4AB81C8E7312}] => (Allow) L:\Programme\Steam\SteamApps\common\Punch Club\Punch Club.exe
FirewallRules: [{FADFF7C2-3E1D-4111-AC71-F5882AFAB92D}] => (Allow) L:\Programme\Steam\SteamApps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{F5B13D29-D37E-4964-A374-8CBA11F9DB4F}] => (Allow) L:\Programme\Steam\SteamApps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{E8537801-8215-49E8-B5EB-5BE0E537A6BD}] => (Allow) L:\Programme\Steam\SteamApps\common\ESEA Premium\eseaclientsteam.exe
FirewallRules: [{FE9702B5-D8B6-4E28-95FF-09F373C1AD3E}] => (Allow) L:\Programme\Steam\SteamApps\common\ESEA Premium\eseaclientsteam.exe
FirewallRules: [TCP Query User{2357AF3A-0EE9-4124-8D70-AF51ECD684E2}L:\programme\roccat_swarm_monitor.exe] => (Allow) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{D8971A15-C7B0-48A0-9148-9E34DDB1E1C4}L:\programme\roccat_swarm_monitor.exe] => (Allow) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [{51C03349-2D50-4218-92C4-FE6412B38D9A}] => (Block) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [{928B88B3-1F36-49CE-A5EC-E084EF4DD116}] => (Block) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{923969A5-2E76-4581-8E59-D95F68373263}C:\users\pascal\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pascal\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CF975782-B1CF-4723-BB9B-DD19F4AEA102}C:\users\pascal\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pascal\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B42E06E6-6592-404F-BAA3-B7E3242E7238}] => (Block) C:\users\pascal\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7D63FF86-CE4B-4AE7-8C3A-324C4D087B8F}] => (Block) C:\users\pascal\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3AA1E659-59CB-4FE6-92DD-C02582E985FF}] => (Allow) L:\Programme\Steam\Steam.exe
FirewallRules: [{9813D161-4BE8-4BC4-851A-06A611C21292}] => (Allow) L:\Programme\Steam\Steam.exe
FirewallRules: [{C6821747-F099-4099-B730-D437EDA700B9}] => (Allow) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{824D3542-176E-4F0F-87FD-3ACD71E64ACA}] => (Allow) L:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{85F12B3F-0E7C-4937-8733-15F101CA5BB7}] => (Allow) L:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9854E96F-8FCF-4202-B89E-CCB09C425867}] => (Allow) L:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DFECDD50-2A8E-4172-99B9-3D649E1CFD84}] => (Allow) L:\Programme\Steam\SteamApps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{DC207259-FCF8-4284-8586-BBFF449607C0}] => (Allow) L:\Programme\Steam\SteamApps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{A0EC51F4-FE01-4948-A478-8C1ABAF435E1}] => (Allow) L:\Programme\Steam\SteamApps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{2C9396CC-96C0-4E99-93FE-802B4AF29D52}] => (Allow) L:\Programme\Steam\SteamApps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{046C84A2-678C-4F8E-BF74-DD637067DA49}] => (Allow) L:\Programme\Steam\SteamApps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe
FirewallRules: [{7006FA6D-D502-4809-8E1C-AA2D15727B3C}] => (Allow) L:\Programme\Steam\SteamApps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe
FirewallRules: [TCP Query User{5DA6D36C-8149-4ADE-A95B-CB4AE3BEE627}C:\users\pascal\desktop\fivem\fivem (1).exe] => (Allow) C:\users\pascal\desktop\fivem\fivem (1).exe
FirewallRules: [UDP Query User{47653F9B-524C-4DEF-B350-AB59BBFF2B9C}C:\users\pascal\desktop\fivem\fivem (1).exe] => (Allow) C:\users\pascal\desktop\fivem\fivem (1).exe
FirewallRules: [{02C4DE88-2E87-4DB0-8BDC-6DBDA5676C53}] => (Block) C:\users\pascal\desktop\fivem\fivem (1).exe
FirewallRules: [{BF9B08F7-EFFB-4951-B93F-4C4EF497A2E7}] => (Block) C:\users\pascal\desktop\fivem\fivem (1).exe
FirewallRules: [{36C64382-99DD-45A3-83BE-DDC9B9962173}] => (Allow) L:\Programme\Steam\SteamApps\common\Styx Shards of Darkness\Styx2.exe
FirewallRules: [{4CE611BA-0142-4447-BE02-0BFFD89E58AF}] => (Allow) L:\Programme\Steam\SteamApps\common\Styx Shards of Darkness\Styx2.exe
FirewallRules: [{98CA2E3A-DF62-404A-B329-8B0C9500246D}] => (Allow) L:\Programme\Steam\SteamApps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{0A807F65-B1EF-48DB-8561-3DDD43ACE21A}] => (Allow) L:\Programme\Steam\SteamApps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{487B593B-8469-419E-9AEC-1297576712D1}] => (Allow) L:\Programme\Steam\SteamApps\common\wallpaper_engine\launcher.exe
FirewallRules: [{2D51B43B-E756-4475-8723-21528681C463}] => (Allow) L:\Programme\Steam\SteamApps\common\wallpaper_engine\launcher.exe
FirewallRules: [TCP Query User{57AF5034-1E76-42DC-9C6D-BFD103B16231}L:\programme\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) L:\programme\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe
FirewallRules: [UDP Query User{6FB7C7C5-B63D-4A47-B9B6-67DF8F41B46B}L:\programme\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe] => (Allow) L:\programme\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe
FirewallRules: [{E0E6270B-80DD-4493-B599-3D2FA134140E}] => (Block) L:\programme\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe
FirewallRules: [{E242D473-4B0B-4F34-8D0C-A957F0C2EE3D}] => (Block) L:\programme\steam\steamapps\common\styx shards of darkness\styx2\binaries\win64\styx2-win64-shipping.exe
FirewallRules: [{68C292DB-7F7C-4764-8FA9-C9619D4A3AEF}] => (Allow) L:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{D62EAB9B-9BF2-417D-BF6B-23D6F05AFB63}] => (Allow) L:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{0CD4CCE6-81B2-43B2-9D0F-7ACF6AE7E17A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A9D8FE38-4804-4D8F-9FE5-4090D27ACAD6}] => (Block) LPort=445
FirewallRules: [{A4B793C6-FC5B-434A-B74E-1CF7F15185A2}] => (Block) LPort=445
FirewallRules: [{44B9711D-3DD3-48D2-B73F-0E9189F0E58C}] => (Allow) L:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5A8384FB-D36F-4351-9224-DA459373FB02}] => (Allow) L:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C5222356-9FE5-43F2-A69E-2EA1AA6CC0A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 02:01:54 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6085.LOG enthalten.

Error: (05/27/2017 11:03:14 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6084.LOG enthalten.

Error: (05/27/2017 12:06:29 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6083.LOG enthalten.

Error: (05/26/2017 10:04:17 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6082.LOG enthalten.

Error: (05/26/2017 07:23:25 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6081.LOG enthalten.

Error: (05/26/2017 05:50:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PASCAL)
Description: Das Paket „Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (05/26/2017 05:21:20 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6080.LOG enthalten.

Error: (05/26/2017 02:59:50 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI607f.LOG enthalten.

Error: (05/26/2017 12:34:37 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI607e.LOG enthalten.

Error: (05/25/2017 10:33:26 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI607d.LOG enthalten.


Systemfehler:
=============
Error: (05/27/2017 02:01:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/27/2017 11:03:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/27/2017 12:06:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/26/2017 10:04:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/26/2017 07:23:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/26/2017 05:21:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/26/2017 02:59:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/26/2017 12:34:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/26/2017 12:09:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/25/2017 11:14:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-05-25 23:14:50.474
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-25 23:14:50.468
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-25 23:14:50.465
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-09 22:06:25.323
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-09 16:08:08.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 15:44:05.912
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8143.77 MB
Verfügbarer physikalischer RAM: 4239.22 MB
Summe virtueller Speicher: 13775.77 MB
Verfügbarer virtueller Speicher: 8612.32 MB

==================== Laufwerke ================================

Drive c: (Origin) (Fixed) (Total:111.35 GB) (Free:30.43 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive h: (Data1) (Fixed) (Total:139.73 GB) (Free:139.62 GB) NTFS
Drive j: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive l: (Data2) (Fixed) (Total:465.66 GB) (Free:145.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 28BDBFA2)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CDF8897F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 139.7 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=139.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Seehmer · 27.05.2017, 13:27

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Pascal (Administrator) auf PASCAL (27-05-2017 14:12:48)
Gestartet von C:\Users\Pascal\Downloads
Geladene Profile: Pascal (Verfügbare Profile: Pascal)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
() C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
() C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Electronic Arts) L:\Programme\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(© 2015 Microsoft Corporation) C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT) L:\Programme\ROCCAT_Swarm_Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.5170.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-23] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe [579056 2014-03-28] (Micro-Star International)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2015-03-05] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [BingSvc] => C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-12-24] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Dropbox Update] => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-24] (Dropbox, Inc.)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Spotify Web Helper] => C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-25] (Spotify Ltd)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [WallpaperEngine] => L:\Programme\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [735232 2017-05-11] ()
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-03-25]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2017-03-13]
ShortcutTarget: ROCCAT Swarm.lnk -> L:\Programme\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8fee23f3-22fd-4b73-a7b9-9aea4d15184f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1229423121-489186376-597309758-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1229423121-489186376-597309758-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default [2017-05-04]
FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\user.js [2016-11-21]
FF Homepage: Mozilla\Firefox\Profiles\qh5dvH6z.default -> hxxps://www.reddit.com/r/all/
FF Extension: (Firefox Hotfix) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-16]
FF Extension: (BetterTTV) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox@betterttv.net.xpi [2016-09-19]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-04-21]
FF Extension: (Adblock Plus) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-16]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2467A2B3-0253-422E-9236-CC5F6822DB51&SSPV=","hxxp://searchfunmoods.com/?f=1&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtBtBtCyDzz0B0FtBzytCyC0AyE0AtN0D0Tzu0CyEyBzytN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1493526372&ir=","hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=1bb522de-3707-eb1b-9375-91cd8ec09600&searchtype=hp&installDate={installDate}","hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP622969F6-4F05-4630-B4EE-4D8B2DB4F654&SSPV=","hxxp://www.sweet-page.com/?type=hp&ts=1395233957&from=slbnew&uid=WDCXWD5000AAKS-22V1A0_WD-WCAWFD65254052540","hxxp://www.sweet-page.com/?type=hp&ts=1395234093&from=slbnew&uid=WDCXWD5000AAKS-22V1A0_WD-WCAWFD65254052540","hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6122d82720534cc28a7eaa44042bd4c5_39_1006_20140319_DE_cr_sp_sbinstall2"
CHR DefaultSearchURL: Default -> hxxp://www.ultimateshoppingsearch.com/default?q={searchTerms}&PCSF=SU_DEFAULT
CHR DefaultSearchKeyword: Default -> ultimateshoppingsearch.com
CHR DefaultSuggestURL: Default -> hxxp://www.ultimateshoppingsearch.com/suggest/CSuggestJson.ashx?prefix={searchTerms}&PCSF=SU_SUGGEST
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default [2017-05-27]
CHR Extension: (Google Präsentationen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-04]
CHR Extension: (BetterTTV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-21]
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-04]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (Google Tabellen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-04]
CHR Extension: (Google Docs Offline) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-04]
CHR Extension: (AdBlock) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Weather Hub Pro) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajfkbekgfapaenbmngmilchlbejokcg [2017-05-09]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1229423121-489186376-597309758-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pajfkbekgfapaenbmngmilchlbejokcg] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-08-03] (EasyAntiCheat Ltd)
R2 ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2126448 2014-04-10] ()
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-12-31] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4035024 2015-03-10] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-12-31] () [Datei ist nicht signiert]
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704 2015-01-29] () [Datei ist nicht signiert]
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2249168 2015-03-10] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-12-31] () [Datei ist nicht signiert]
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2015-03-13] () [Datei ist nicht signiert]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; L:\Programme\Origin\OriginClientService.exe [2124296 2017-02-24] (Electronic Arts)
R2 Origin Web Helper Service; L:\Programme\Origin\OriginWebHelperService.exe [2185232 2017-02-24] (Electronic Arts)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [Datei ist nicht signiert]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-01-19] (Advanced Micro Devices)
S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-05-16] (CPUID)
R1 ESEADriver2; C:\Users\Pascal\AppData\Local\Temp\ESEADriver2.sys [330384 2017-04-21] () <==== ACHTUNG
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-30] (REALiX(tm))
S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [23936 2014-02-03] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-16] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-18] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-16] (AO Kaspersky Lab)
S1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-24] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-04-16] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-19] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-19] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-19] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45200 2016-02-16] (Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [25088 2015-02-02] (SteelSeries ApS)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-06-24] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U0 wjimfvo; C:\WINDOWS\System32\drivers\tmdfeg.sys [79064 2017-05-25] (Malwarebytes)
U3 aswbdisk; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 14:12 - 2017-05-27 14:13 - 00032923 _____ C:\Users\Pascal\Downloads\FRST.txt
2017-05-27 14:12 - 2017-05-27 14:12 - 02429952 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2017-05-27 14:12 - 2017-05-27 14:12 - 00000000 ____D C:\FRST
2017-05-25 23:21 - 2017-05-25 23:21 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\tmdfeg.sys
2017-05-25 23:21 - 2017-05-25 23:21 - 00009250 _____ C:\WINDOWS\SysWOW64\iyhiqwtn
2017-05-25 23:13 - 2017-05-25 23:13 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\424D3EFA.sys
2017-05-25 23:12 - 2017-05-25 23:12 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-25 23:12 - 2017-05-25 23:12 - 00000793 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-05-25 23:12 - 2017-05-25 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2017-05-25 23:12 - 2017-05-25 23:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-25 23:12 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-25 23:12 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-05-25 23:12 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-25 23:10 - 2017-05-25 23:10 - 22851472 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mbam-setup-2.2.1.1043.exe
2017-05-25 13:09 - 2017-05-25 13:09 - 00003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Pascal)
2017-05-24 12:19 - 2017-05-24 12:19 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-05-23 17:25 - 2017-05-23 17:25 - 00000212 _____ C:\Users\Pascal\Desktop\Rocket League.url
2017-05-23 14:14 - 2017-05-23 14:14 - 05545512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-05-23 14:13 - 2017-05-23 14:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-23 14:13 - 2017-05-23 14:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-23 14:13 - 2017-05-23 14:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-05-23 14:13 - 2017-05-23 14:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-05-23 13:27 - 2017-05-23 13:27 - 15721672 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.4.0.512).exe
2017-05-17 17:42 - 2017-05-17 17:42 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 17:42 - 2017-05-17 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 17:41 - 2017-05-23 14:14 - 00000000 ____D C:\WINDOWS\LastGood
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 15:37 - 2017-05-16 15:37 - 00000000 _____ C:\WINDOWS\cd_127
2017-05-16 13:11 - 2017-05-19 10:42 - 05222216 _____ C:\Users\Pascal\Desktop\Euthanasie.pptx
2017-05-13 15:37 - 2017-05-13 15:37 - 00000212 _____ C:\Users\Pascal\Desktop\DARK SOULS III.url
2017-05-12 20:05 - 2017-05-12 20:05 - 00000000 ____D C:\Users\Pascal\AppData\Local\Styx2
2017-05-11 22:25 - 2017-05-11 22:25 - 00000212 _____ C:\Users\Pascal\Desktop\Wallpaper Engine.url
2017-05-11 16:32 - 2017-05-11 16:32 - 19247873 _____ C:\Users\Pascal\Desktop\IrishBritish.mp4
2017-05-10 13:26 - 2017-04-19 08:12 - 00395226 __RSH C:\bootmgr
2017-05-10 13:26 - 2017-03-18 22:57 - 00000001 ___SH C:\BOOTNXT
2017-05-09 22:19 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-09 22:19 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-09 22:19 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 22:19 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 22:19 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 22:19 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 22:19 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 22:19 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 22:19 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 22:19 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 22:19 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 22:19 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 22:19 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 22:19 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 22:19 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 22:19 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 22:19 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 22:19 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 22:19 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 22:19 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 22:19 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 22:19 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 22:19 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 22:19 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 22:19 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 22:19 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 22:19 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 22:19 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 22:19 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 22:19 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-09 22:19 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-09 22:19 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-09 22:19 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-09 22:19 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-09 22:19 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-09 22:19 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-09 22:19 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-09 22:19 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-09 22:19 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-09 22:19 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-09 22:19 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-09 22:19 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-09 22:19 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-09 22:19 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-09 22:19 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-09 22:19 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-09 22:19 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-09 22:19 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-09 22:19 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-09 22:19 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-09 22:19 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-09 22:19 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-09 22:18 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 22:18 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 22:18 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 22:18 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 22:18 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 22:18 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 22:18 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 22:18 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 22:18 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 22:18 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 22:18 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 22:18 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 22:18 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 22:18 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 22:18 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 22:18 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 22:18 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 22:18 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 22:18 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 22:18 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 22:18 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 22:18 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 22:18 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 22:18 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 22:18 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 22:18 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 22:18 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 22:18 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 22:18 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 22:18 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 22:18 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 22:18 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 22:18 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 22:18 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 22:18 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 22:18 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 22:18 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 22:18 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 22:18 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 22:18 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 22:18 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 22:18 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 22:18 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 22:18 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 22:18 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 22:18 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 22:18 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 22:18 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 22:18 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 22:18 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 22:18 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 22:18 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 22:18 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 22:18 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 22:18 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 22:18 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 22:18 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 22:18 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 22:18 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 22:18 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 22:18 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 22:18 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-09 22:18 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-09 22:18 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-09 22:18 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-09 22:18 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-09 22:18 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-09 22:18 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-09 22:18 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-09 22:18 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-09 22:18 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-09 22:18 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-09 22:18 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-09 22:18 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-09 22:18 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-09 22:18 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-09 22:18 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-09 22:18 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-09 22:18 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-09 22:18 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-09 22:18 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-09 22:18 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-09 22:18 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-09 22:18 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-09 22:18 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-09 22:18 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-09 22:18 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-09 22:18 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-09 22:18 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-09 22:18 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-09 22:18 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-09 22:18 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-09 22:18 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-09 22:18 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-09 22:18 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-09 22:18 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-09 22:18 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-09 22:18 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-09 22:18 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-09 22:18 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-09 22:18 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-09 22:18 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-09 22:18 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-09 22:18 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-09 22:18 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-09 22:18 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-09 22:18 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-09 22:18 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-09 22:18 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-09 22:18 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-09 22:18 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-09 22:18 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-09 22:18 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-09 22:18 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-09 22:18 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-09 22:18 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-09 22:18 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-09 22:18 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-09 22:18 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-09 22:18 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-09 22:18 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-09 22:18 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-09 22:18 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-09 22:18 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-09 22:11 - 2017-05-09 22:11 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-05-09 22:11 - 2017-05-09 22:11 - 00001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-05-09 22:10 - 2017-05-09 22:11 - 00000000 ____D C:\Program Files (x86)\Windows Live
2017-05-09 22:10 - 2017-05-09 22:10 - 26689458 _____ (videowinsoft.com ) C:\Users\Pascal\Downloads\windows-movie-maker-2016.exe
2017-05-09 22:10 - 2017-05-09 22:10 - 00001317 _____ C:\Users\Public\Desktop\Windows Movie Maker.lnk
2017-05-09 22:10 - 2017-05-09 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2017-05-09 22:08 - 2017-05-09 22:08 - 00000000 ____D C:\Program Files (x86)\LottaDeals
2017-05-09 22:07 - 2017-05-09 22:12 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-09 22:07 - 2017-05-09 22:07 - 00000000 ____D C:\Program Files (x86)\WeatherHubPro
2017-05-09 21:50 - 2017-05-09 22:14 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\obs-studio
2017-05-09 17:45 - 2017-03-17 22:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-05-09 17:45 - 2017-03-17 21:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-05-09 17:45 - 2017-03-17 21:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-05-09 17:45 - 2017-03-17 21:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-05-09 17:45 - 2017-03-17 21:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-05-09 17:44 - 2017-05-09 17:44 - 00001053 _____ C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-09 17:40 - 2017-05-18 09:29 - 22120924 _____ C:\Users\Pascal\Desktop\Irelandpres.pptx
2017-05-09 16:10 - 2017-05-09 16:10 - 00000977 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-05-09 16:10 - 2017-05-09 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-05-09 16:08 - 2017-05-09 16:08 - 113034688 _____ (obsproject.com) C:\Users\Pascal\Downloads\OBS-Studio-18.0.1-Full-Installer.exe
2017-05-09 13:54 - 2017-05-09 13:54 - 00000000 ____D C:\Users\Pascal\Desktop\Stuff
2017-05-06 09:45 - 2017-05-06 09:47 - 00000000 ____D C:\Users\Pascal\Desktop\SPIELE ORDNER
2017-05-05 21:02 - 2017-05-05 21:02 - 00659456 _____ C:\Users\Pascal\Downloads\DualMonitorTools-2.5.msi
2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor Tools
2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\Program Files (x86)\Dual Monitor Tools
2017-05-05 18:52 - 2017-05-05 18:52 - 00000212 _____ C:\Users\Pascal\Desktop\Prey.url
2017-05-05 17:05 - 2017-05-05 17:05 - 00000212 _____ C:\Users\Pascal\Desktop\Styx Shards of Darkness.url
2017-05-05 16:28 - 2017-05-22 18:12 - 00000000 ___RD C:\Users\Pascal\Desktop\FiveM
2017-05-05 16:28 - 2017-05-05 16:28 - 00000000 ____D C:\Users\Pascal\Downloads\FiveM.app
2017-05-05 13:23 - 2017-05-27 12:09 - 00000080 _____ C:\Users\Pascal\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2017-05-04 21:51 - 2017-05-04 21:51 - 09390672 _____ (Piriform Ltd) C:\Users\Pascal\Downloads\ccsetup529.exe
2017-05-04 16:05 - 2017-05-04 18:17 - 41294497 _____ C:\Users\Pascal\Downloads\Flechten Daid (2).pptx
2017-05-02 20:42 - 2017-05-02 20:42 - 00000212 _____ C:\Users\Pascal\Desktop\Little Nightmares.url
2017-05-02 19:00 - 2017-05-02 19:00 - 00000736 _____ C:\Users\Pascal\Desktop\GTA Network.lnk
2017-05-02 18:59 - 2017-05-02 19:00 - 69323802 _____ C:\Users\Pascal\Downloads\GTANSetup.zip
2017-05-02 14:29 - 2017-05-02 14:29 - 06282638 _____ C:\Users\Pascal\Downloads\soehandling.zip
2017-04-29 18:08 - 2017-04-29 18:08 - 00000000 ____D C:\Users\Pascal\AppData\LocalLow\Kyle Champ
2017-04-29 18:06 - 2017-04-29 18:06 - 00000212 _____ C:\Users\Pascal\Desktop\ShellShock Live.url
2017-04-28 21:47 - 2017-04-28 21:47 - 17866872 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.3.0.504).exe
2017-04-27 08:42 - 2017-04-27 08:42 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Google

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 14:06 - 2014-09-05 23:06 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Spotify
2017-05-27 14:05 - 2017-04-18 15:35 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8DB2EA9F-FDA0-4CD1-B8F0-3B7DEF1B6AB2}
2017-05-27 14:01 - 2016-01-06 13:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-05-27 13:01 - 2014-09-05 23:07 - 00000000 ____D C:\Users\Pascal\AppData\Local\Spotify
2017-05-27 10:47 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 10:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-27 10:44 - 2017-04-18 15:28 - 00000000 ____D C:\Users\Pascal
2017-05-27 00:26 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-26 00:11 - 2014-09-05 17:20 - 00000000 ____D C:\Users\Pascal\AppData\Local\Packages
2017-05-25 20:10 - 2015-12-30 21:43 - 00000000 ____D C:\ProgramData\ProductData
2017-05-25 14:00 - 2014-09-05 20:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\TS3Client
2017-05-25 10:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-25 10:09 - 2014-09-05 17:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-25 09:53 - 2016-03-21 19:39 - 00000000 ____D C:\ProgramData\PDF Architect 4
2017-05-23 18:56 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-05-23 18:28 - 2014-09-07 18:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 18:26 - 2014-09-07 18:23 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 14:16 - 2017-04-18 15:40 - 02223946 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-23 14:16 - 2017-03-20 06:41 - 01002792 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-23 14:16 - 2017-03-20 06:41 - 00219952 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-23 14:14 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-23 14:14 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 17:44 - 2015-12-30 21:42 - 00000000 ____D C:\ProgramData\IObit
2017-05-17 17:42 - 2017-04-18 15:28 - 00000000 ____D C:\Program Files\AMD
2017-05-17 17:42 - 2015-12-30 21:26 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-05-17 17:41 - 2016-09-16 17:37 - 00000000 ____D C:\AMD
2017-05-16 15:37 - 2017-04-18 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-16 15:36 - 2017-04-18 15:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-16 15:36 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-05-16 12:33 - 2017-01-04 19:34 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 12:33 - 2017-01-04 19:34 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-13 15:37 - 2014-12-27 01:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-11 22:26 - 2015-07-29 16:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-11 18:58 - 2014-10-06 09:10 - 00000000 ____D C:\Users\Pascal\AppData\Local\ElevatedDiagnostics
2017-05-11 15:45 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-10 18:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 13:27 - 2016-11-20 23:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 13:26 - 2017-04-18 15:27 - 00391832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 23:26 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-09 22:12 - 2016-11-20 12:40 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-09 17:45 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-05-09 16:02 - 2017-04-18 15:35 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-05 21:03 - 2016-06-17 23:19 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Dual Monitor Tools
2017-05-05 20:49 - 2016-06-25 11:44 - 00000000 ____D C:\Users\Pascal\AppData\Local\UnrealEngine
2017-05-04 21:51 - 2015-02-15 13:33 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-05-03 21:21 - 2015-03-29 11:59 - 00000000 ____D C:\Users\Pascal\Desktop\Schulsachen
2017-05-03 20:30 - 2017-04-18 16:25 - 00000000 ____D C:\Windows.old
2017-05-02 10:40 - 2017-04-17 15:17 - 00000000 ____D C:\Users\Pascal\AppData\Local\FiveM
2017-04-30 16:24 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-29 00:27 - 2017-04-18 15:35 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 00:27 - 2017-04-18 15:35 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-19 23:07 - 2015-01-08 22:51 - 0001470 _____ () C:\Users\Pascal\AppData\Roaming\SpeedRunnersLog.txt
2015-06-06 19:02 - 2015-06-06 19:02 - 0001457 _____ () C:\Users\Pascal\AppData\Local\recently-used.xbel
2015-09-05 23:10 - 2015-09-05 23:10 - 0007602 _____ () C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
2014-11-03 17:59 - 2014-11-03 18:01 - 0000000 _____ () C:\Users\Pascal\AppData\Local\{D225EC80-495D-4D31-93CB-8D9B23232D0F}

Einige Dateien in TEMP:
====================
2017-04-21 15:30 - 2017-04-21 15:30 - 0739904 _____ (Oracle Corporation) C:\Users\Pascal\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-17 18:51

==================== Ende von FRST.txt ============================

M-K-D-B · 27.05.2017, 13:28

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
- Chrome Einstellungen
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
Starte den Rechner im Anschluss neu auf.
Downloade dir den MBAM Uninstaller auf deinen Desktop.
Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

Seehmer · 27.05.2017, 13:28

14:18:10.0501 0x2df0 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
14:18:13.0263 0x2df0 ============================================================
14:18:13.0263 0x2df0 Current date / time: 2017/05/27 14:18:13.0263
14:18:13.0264 0x2df0 SystemInfo:
14:18:13.0264 0x2df0
14:18:13.0264 0x2df0 OS Version: 10.0.15063 ServicePack: 0.0
14:18:13.0265 0x2df0 Product type: Workstation
14:18:13.0265 0x2df0 ComputerName: PASCAL
14:18:13.0265 0x2df0 UserName: Pascal
14:18:13.0265 0x2df0 Windows directory: C:\WINDOWS
14:18:13.0265 0x2df0 System windows directory: C:\WINDOWS
14:18:13.0265 0x2df0 Running under WOW64
14:18:13.0265 0x2df0 Processor architecture: Intel x64
14:18:13.0265 0x2df0 Number of processors: 4
14:18:13.0265 0x2df0 Page size: 0x1000
14:18:13.0265 0x2df0 Boot type: Normal boot
14:18:13.0265 0x2df0 CodeIntegrityOptions = 0x00000001
14:18:13.0265 0x2df0 ============================================================
14:18:13.0337 0x2df0 KLMD registered as C:\WINDOWS\system32\drivers\37955704.sys
14:18:13.0337 0x2df0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
14:18:13.0451 0x2df0 System UUID: {6A715DA1-8306-DD66-FAD3-BB4A21C958D5}
14:18:13.0825 0x2df0 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:18:13.0825 0x2df0 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:18:13.0826 0x2df0 Drive \Device\Harddisk2\DR2 - Size: 0x22EF13E000 ( 139.74 Gb ), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:18:13.0836 0x2df0 ============================================================
14:18:13.0836 0x2df0 \Device\Harddisk0\DR0:
14:18:13.0836 0x2df0 MBR partitions:
14:18:13.0836 0x2df0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDEB23B0
14:18:13.0836 0x2df0 \Device\Harddisk1\DR1:
14:18:13.0837 0x2df0 MBR partitions:
14:18:13.0837 0x2df0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:18:13.0837 0x2df0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800
14:18:13.0837 0x2df0 \Device\Harddisk2\DR2:
14:18:13.0837 0x2df0 MBR partitions:
14:18:13.0837 0x2df0 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x11777800
14:18:13.0837 0x2df0 ============================================================
14:18:13.0838 0x2df0 C: <-> \Device\Harddisk0\DR0\Partition1
14:18:13.0844 0x2df0 H: <-> \Device\Harddisk2\DR2\Partition1
14:18:13.0879 0x2df0 J: <-> \Device\Harddisk1\DR1\Partition1
14:18:13.0900 0x2df0 L: <-> \Device\Harddisk1\DR1\Partition2
14:18:13.0900 0x2df0 ============================================================
14:18:13.0900 0x2df0 Initialize success
14:18:13.0900 0x2df0 ============================================================
14:18:57.0452 0x24a8 ============================================================
14:18:57.0452 0x24a8 Scan started
14:18:57.0452 0x24a8 Mode: Manual; SigCheck; TDLFS;
14:18:57.0452 0x24a8 ============================================================
14:18:57.0452 0x24a8 KSN ping started
14:18:57.0522 0x24a8 KSN ping finished: true
14:18:58.0853 0x24a8 ================ Scan system memory ========================
14:18:58.0853 0x24a8 System memory - ok
14:18:58.0854 0x24a8 ================ Scan services =============================
14:18:58.0895 0x24a8 1394ohci - ok
14:18:58.0898 0x24a8 3ware - ok
14:18:58.0900 0x24a8 ACPI - ok
14:18:58.0904 0x24a8 [ 2EA3EB3E69B6480AB112E876F3096312, 4A22343D8F261BE90F7287318EAC5B187F49D1C375174E4B526A0F3A27CD8346 ] AcpiCtlDrv C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys
14:18:58.0932 0x24a8 AcpiCtlDrv - ok
14:18:58.0953 0x24a8 AcpiDev - ok
14:18:58.0957 0x24a8 acpiex - ok
14:18:58.0960 0x24a8 acpipagr - ok
14:18:58.0964 0x24a8 AcpiPmi - ok
14:18:58.0966 0x24a8 acpitime - ok
14:18:58.0993 0x24a8 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:18:59.0004 0x24a8 AdobeFlashPlayerUpdateSvc - ok
14:18:59.0008 0x24a8 ADP80XX - ok
14:18:59.0015 0x24a8 AFD - ok
14:18:59.0017 0x24a8 ahcache - ok
14:18:59.0021 0x24a8 AJRouter - ok
14:18:59.0024 0x24a8 ALG - ok
14:18:59.0038 0x24a8 [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:18:59.0054 0x24a8 AMD External Events Utility - ok
14:18:59.0059 0x24a8 AmdK8 - ok
14:18:59.0062 0x24a8 [ 275B6F698CBEC36C42D3ABD7EE049BA1, C6CE3514947F67410B34E8973C87996A14FF485A2E5C7E5BA4FE276FB893D51C ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
14:18:59.0069 0x24a8 amdkmafd - ok
14:18:59.0084 0x24a8 amdkmdag - ok
14:18:59.0095 0x24a8 [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
14:18:59.0108 0x24a8 amdkmdap - ok
14:18:59.0113 0x24a8 AmdPPM - ok
14:18:59.0116 0x24a8 amdsata - ok
14:18:59.0122 0x24a8 amdsbs - ok
14:18:59.0125 0x24a8 amdxata - ok
14:18:59.0130 0x24a8 [ 809D92855656EFC1D71C980582F7FF8B, 01B551CEC0CFD50CA88EB49AA3F68EEEAE34DFE31E6CA37DA106B3C49CF7FA81 ] AmUStor C:\WINDOWS\system32\drivers\AmUStor.SYS
14:18:59.0136 0x24a8 AmUStor - ok
14:18:59.0139 0x24a8 AppID - ok
14:18:59.0144 0x24a8 AppIDSvc - ok
14:18:59.0146 0x24a8 Appinfo - ok
14:18:59.0149 0x24a8 applockerfltr - ok
14:18:59.0151 0x24a8 AppMgmt - ok
14:18:59.0154 0x24a8 AppReadiness - ok
14:18:59.0156 0x24a8 AppVClient - ok
14:18:59.0159 0x24a8 AppvStrm - ok
14:18:59.0161 0x24a8 AppvVemgr - ok
14:18:59.0168 0x24a8 AppvVfs - ok
14:18:59.0170 0x24a8 AppXSvc - ok
14:18:59.0173 0x24a8 arcsas - ok
14:18:59.0176 0x24a8 AsyncMac - ok
14:18:59.0179 0x24a8 atapi - ok
14:18:59.0185 0x24a8 [ 482D2BAB840034F65046D0F2F42E2BEB, 3365F78C05D26BFA6375712C4DC0FA548F876B9A52F25AE360F7437E3183B973 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
14:18:59.0198 0x24a8 AtiHDAudioService - ok
14:18:59.0202 0x24a8 AudioEndpointBuilder - ok
14:18:59.0205 0x24a8 Audiosrv - ok
14:18:59.0215 0x24a8 [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
14:18:59.0224 0x24a8 AVP17.0.0 - ok
14:18:59.0227 0x24a8 AxInstSV - ok
14:18:59.0230 0x24a8 b06bdrv - ok
14:18:59.0234 0x24a8 BasicDisplay - ok
14:18:59.0238 0x24a8 BasicRender - ok
14:18:59.0243 0x24a8 bcmfn2 - ok
14:18:59.0246 0x24a8 [ 7A3593DC24D0030CD4B0D92355768D63, BAAA0C9A4FC825AA509C058A7F3E3E8F1395831C1A4FE386F5B498E2440E2F84 ] bcmsmbsp C:\WINDOWS\System32\drivers\bcmsmbsp.sys
14:18:59.0252 0x24a8 bcmsmbsp - ok
14:18:59.0256 0x24a8 BDESVC - ok
14:18:59.0259 0x24a8 Beep - ok
14:18:59.0287 0x24a8 [ 77551F11061A94D76070B81EC3925C45, 29732AA704A9135572C836E6C8A08AB5A332F602E267FB5D2916C0A09189120A ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:18:59.0315 0x24a8 BEService - ok
14:18:59.0319 0x24a8 BFE - ok
14:18:59.0323 0x24a8 [ B354261777DE2C999AB54651D0994F76, F9A2BA1766D0AF47EC95F57A97448615B4775EE46538256F577CA7E6C80EF85E ] BfLwf C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys
14:18:59.0328 0x24a8 BfLwf - ok
14:18:59.0331 0x24a8 BITS - ok
14:18:59.0341 0x24a8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:18:59.0352 0x24a8 Bonjour Service - ok
14:18:59.0355 0x24a8 bowser - ok
14:18:59.0357 0x24a8 BrokerInfrastructure - ok
14:18:59.0360 0x24a8 Browser - ok
14:18:59.0362 0x24a8 BthAvrcpTg - ok
14:18:59.0365 0x24a8 BthHFEnum - ok
14:18:59.0370 0x24a8 bthhfhid - ok
14:18:59.0372 0x24a8 BthHFSrv - ok
14:18:59.0375 0x24a8 BTHMODEM - ok
14:18:59.0378 0x24a8 bthserv - ok
14:18:59.0380 0x24a8 buttonconverter - ok
14:18:59.0384 0x24a8 CAD - ok
14:18:59.0389 0x24a8 CapImg - ok
14:18:59.0391 0x24a8 cdfs - ok
14:18:59.0394 0x24a8 CDPSvc - ok
14:18:59.0396 0x24a8 CDPUserSvc - ok
14:18:59.0402 0x24a8 cdrom - ok
14:18:59.0404 0x24a8 CertPropSvc - ok
14:18:59.0406 0x24a8 cht4iscsi - ok
14:18:59.0409 0x24a8 cht4vbd - ok
14:18:59.0411 0x24a8 circlass - ok
14:18:59.0413 0x24a8 CldFlt - ok
14:18:59.0419 0x24a8 CLFS - ok
14:18:59.0481 0x24a8 [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
14:18:59.0547 0x24a8 ClickToRunSvc - ok
14:18:59.0556 0x24a8 ClipSVC - ok
14:18:59.0559 0x24a8 clreg - ok
14:18:59.0565 0x24a8 CmBatt - ok
14:18:59.0572 0x24a8 [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
14:18:59.0582 0x24a8 cm_km - ok
14:18:59.0586 0x24a8 CNG - ok
14:18:59.0589 0x24a8 cnghwassist - ok
14:18:59.0603 0x24a8 CompositeBus - ok
14:18:59.0606 0x24a8 COMSysApp - ok
14:18:59.0609 0x24a8 condrv - ok
14:18:59.0612 0x24a8 CoreMessagingRegistrar - ok
14:18:59.0626 0x24a8 [ 29872C7376C42E2A64FA838DAD98AA11, A072197177AAD26C31960694E38E2CAE85AFBAB070929E67E331B99D3A418CF4 ] cpuz140 C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys
14:18:59.0632 0x24a8 cpuz140 - ok
14:18:59.0637 0x24a8 CryptSvc - ok
14:18:59.0640 0x24a8 CSC - ok
14:18:59.0643 0x24a8 CscService - ok
14:18:59.0648 0x24a8 dam - ok
14:18:59.0652 0x24a8 DcomLaunch - ok
14:18:59.0655 0x24a8 defragsvc - ok
14:18:59.0659 0x24a8 DeviceAssociationService - ok
14:18:59.0661 0x24a8 DeviceInstall - ok
14:18:59.0665 0x24a8 DevicesFlowUserSvc - ok
14:18:59.0672 0x24a8 DevQueryBroker - ok
14:18:59.0674 0x24a8 Dfsc - ok
14:18:59.0677 0x24a8 Dhcp - ok
14:18:59.0680 0x24a8 diagnosticshub.standardcollector.service - ok
14:18:59.0683 0x24a8 DiagTrack - ok
14:18:59.0686 0x24a8 Disk - ok
14:18:59.0690 0x24a8 DmEnrollmentSvc - ok
14:18:59.0693 0x24a8 dmvsc - ok
14:18:59.0696 0x24a8 dmwappushservice - ok
14:18:59.0698 0x24a8 Dnscache - ok
14:18:59.0702 0x24a8 dot3svc - ok
14:18:59.0705 0x24a8 DPS - ok
14:18:59.0711 0x24a8 drmkaud - ok
14:18:59.0713 0x24a8 DsmSvc - ok
14:18:59.0715 0x24a8 DsSvc - ok
14:18:59.0718 0x24a8 DusmSvc - ok
14:18:59.0720 0x24a8 DXGKrnl - ok
14:18:59.0722 0x24a8 EapHost - ok
14:18:59.0724 0x24a8 EasyAntiCheat - ok
14:18:59.0727 0x24a8 ebdrv - ok
14:18:59.0760 0x24a8 [ 30A6B7428906454B2B2E607E05F6E5BC, EA2A1629B79515D4ACEAA768C3EDF73776D67F56B1ACD9B6B12E18CBF5049086 ] ECOSERVICE C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
14:18:59.0798 0x24a8 ECOSERVICE - ok
14:18:59.0806 0x24a8 EFS - ok
14:18:59.0809 0x24a8 EhStorClass - ok
14:18:59.0812 0x24a8 EhStorTcgDrv - ok
14:18:59.0815 0x24a8 embeddedmode - ok
14:18:59.0821 0x24a8 EntAppSvc - ok
14:18:59.0823 0x24a8 ErrDev - ok
14:18:59.0837 0x24a8 [ 9D1351BCB5C00C2730B4FACE9DA69704, 9DE6A821239A64027999C01F684F0A54FB721F49A98318E9F4A68B2F7403CAAF ] ESEADriver2 C:\Users\Pascal\AppData\Local\Temp\ESEADriver2.sys
14:18:59.0852 0x24a8 ESEADriver2 - ok
14:18:59.0858 0x24a8 EventSystem - ok
14:18:59.0861 0x24a8 exfat - ok
14:18:59.0865 0x24a8 fastfat - ok
14:18:59.0870 0x24a8 Fax - ok
14:18:59.0873 0x24a8 fdc - ok
14:18:59.0877 0x24a8 fdPHost - ok
14:18:59.0879 0x24a8 FDResPub - ok
14:18:59.0881 0x24a8 fhsvc - ok
14:18:59.0884 0x24a8 FileCrypt - ok
14:18:59.0890 0x24a8 FileInfo - ok
14:18:59.0893 0x24a8 Filetrace - ok
14:18:59.0895 0x24a8 flpydisk - ok
14:18:59.0898 0x24a8 FltMgr - ok
14:18:59.0901 0x24a8 FontCache - ok
14:18:59.0904 0x24a8 FontCache3.0.0.0 - ok
14:18:59.0907 0x24a8 FrameServer - ok
14:18:59.0912 0x24a8 FsDepends - ok
14:18:59.0915 0x24a8 Fs_Rec - ok
14:18:59.0917 0x24a8 fvevol - ok
14:18:59.0920 0x24a8 [ 3EB903DA33CB9E11BDCD62F38430DB40, 14CA13E79FBB4EF8CCA530B7AD8F5B579C59F9589B86CABEFDA152359E3D52B6 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
14:18:59.0925 0x24a8 GamingApp_Service - ok
14:18:59.0929 0x24a8 gencounter - ok
14:18:59.0931 0x24a8 genericusbfn - ok
14:18:59.0934 0x24a8 GPIOClx0101 - ok
14:18:59.0937 0x24a8 gpsvc - ok
14:18:59.0939 0x24a8 GpuEnergyDrv - ok
14:18:59.0944 0x24a8 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:18:59.0950 0x24a8 gupdate - ok
14:18:59.0954 0x24a8 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:18:59.0960 0x24a8 gupdatem - ok
14:18:59.0964 0x24a8 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\System32\drivers\Hamdrv.sys
14:18:59.0974 0x24a8 Hamachi - ok
14:18:59.0977 0x24a8 HDAudBus - ok
14:18:59.0979 0x24a8 HidBatt - ok
14:18:59.0982 0x24a8 HidBth - ok
14:18:59.0984 0x24a8 hidi2c - ok
14:18:59.0986 0x24a8 hidinterrupt - ok
14:18:59.0989 0x24a8 HidIr - ok
14:18:59.0991 0x24a8 hidserv - ok
14:18:59.0997 0x24a8 HidUsb - ok
14:19:00.0000 0x24a8 HomeGroupListener - ok
14:19:00.0002 0x24a8 HomeGroupProvider - ok
14:19:00.0005 0x24a8 HpSAMD - ok
14:19:00.0007 0x24a8 HTTP - ok
14:19:00.0010 0x24a8 HvHost - ok
14:19:00.0016 0x24a8 hvservice - ok
14:19:00.0035 0x24a8 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
14:19:00.0040 0x24a8 HWiNFO32 - ok
14:19:00.0044 0x24a8 hwpolicy - ok
14:19:00.0046 0x24a8 hyperkbd - ok
14:19:00.0049 0x24a8 i8042prt - ok
14:19:00.0051 0x24a8 iagpio - ok
14:19:00.0054 0x24a8 iai2c - ok
14:19:00.0060 0x24a8 iaLPSS2i_GPIO2 - ok
14:19:00.0062 0x24a8 iaLPSS2i_GPIO2_BXT_P - ok
14:19:00.0065 0x24a8 iaLPSS2i_I2C - ok
14:19:00.0068 0x24a8 iaLPSS2i_I2C_BXT_P - ok
14:19:00.0071 0x24a8 iaLPSSi_GPIO - ok
14:19:00.0074 0x24a8 iaLPSSi_I2C - ok
14:19:00.0101 0x24a8 [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
14:19:00.0132 0x24a8 iaStorA - ok
14:19:00.0138 0x24a8 iaStorAV - ok
14:19:00.0140 0x24a8 iaStorV - ok
14:19:00.0144 0x24a8 ibbus - ok
14:19:00.0149 0x24a8 [ F7A309E987946D7449841D7074FB6599, 9C3BDD6606E42344459CF2FA5BF6602CDBD2FD2511C9A6FE7E39642EB2BEE288 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:19:00.0156 0x24a8 ICCS - ok
14:19:00.0160 0x24a8 icssvc - ok
14:19:00.0163 0x24a8 IKEEXT - ok
14:19:00.0169 0x24a8 IndirectKmd - ok
14:19:00.0175 0x24a8 [ 4709FA618952E381ED9BF40B524E8EAC, FA6B7EEA1F122BE8731C4B26F5BA21F5B73F19BBD85F938AFF66E8558C793682 ] INETMON C:\WINDOWS\System32\Drivers\INETMON.sys
14:19:00.0180 0x24a8 INETMON - ok
14:19:00.0264 0x24a8 [ 6CFF78A03636829B03B23D0B9A33BD24, 131615E8038FAF0B055983BB48D3C4F230398DF2EFC5F8BADC74882E1EE95D9E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:19:00.0354 0x24a8 IntcAzAudAddService - ok
14:19:00.0379 0x24a8 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:19:00.0397 0x24a8 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:19:00.0401 0x24a8 intelide - ok
14:19:00.0404 0x24a8 intelpep - ok
14:19:00.0407 0x24a8 intelppm - ok
14:19:00.0416 0x24a8 [ CD6FE4D2E29D70D9E2AA587DE5978A15, 03BA3338E0178FCB6FC7792FE4BB2B836CEA8B791D53DD4E273AB48621397DC5 ] IObitUnSvr C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
14:19:00.0426 0x24a8 IObitUnSvr - ok
14:19:00.0430 0x24a8 [ B279592CEA84E86A61A317BC5ABF7FFF, F56FA4A336D4EB6BFAF5D326575A3130D69F2AA35E689896B21EBBD016C75B6C ] iocbios2 C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
14:19:00.0436 0x24a8 iocbios2 - ok
14:19:00.0445 0x24a8 iorate - ok
14:19:00.0448 0x24a8 IpFilterDriver - ok
14:19:00.0452 0x24a8 iphlpsvc - ok
14:19:00.0455 0x24a8 IPMIDRV - ok
14:19:00.0458 0x24a8 IPNAT - ok
14:19:00.0462 0x24a8 IpxlatCfgSvc - ok
14:19:00.0466 0x24a8 irda - ok
14:19:00.0468 0x24a8 IRENUM - ok
14:19:00.0471 0x24a8 irmon - ok
14:19:00.0476 0x24a8 isapnp - ok
14:19:00.0479 0x24a8 iScsiPrt - ok
14:19:00.0482 0x24a8 [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT C:\WINDOWS\System32\drivers\ISCTD.sys
14:19:00.0488 0x24a8 ISCT - ok
14:19:00.0494 0x24a8 [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:19:00.0501 0x24a8 jhi_service - ok
14:19:00.0504 0x24a8 kbdclass - ok
14:19:00.0507 0x24a8 kbdhid - ok
14:19:00.0510 0x24a8 kdnic - ok
14:19:00.0516 0x24a8 [ EB62EE6D52F0D6B76256DBE71C07E26F, D92F2D9B1779DC52918CB5D9F212F62F62E40F7EBB81A865F090B071BE69DE77 ] Ke2200 C:\WINDOWS\System32\drivers\e22w8x64.sys
14:19:00.0523 0x24a8 Ke2200 - ok
14:19:00.0526 0x24a8 KeyIso - ok
14:19:00.0530 0x24a8 KillerEth - ok
14:19:00.0543 0x24a8 [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
14:19:00.0556 0x24a8 kl1 - ok
14:19:00.0561 0x24a8 [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
14:19:00.0568 0x24a8 klbackupdisk - ok
14:19:00.0572 0x24a8 [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
14:19:00.0578 0x24a8 klbackupflt - ok
14:19:00.0582 0x24a8 [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
14:19:00.0589 0x24a8 kldisk - ok
14:19:00.0592 0x24a8 [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
14:19:00.0601 0x24a8 klelam - ok
14:19:00.0607 0x24a8 [ FA0253329B8951509D9B5A476CCD41D4, 1981BFCBEB8AF7D677791E1D46AD4434DA3CE0AC2A5CFB26916821FAB45EA757 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
14:19:00.0615 0x24a8 klflt - ok
14:19:00.0626 0x24a8 [ 432A489DEF978702210732364E7CF486, 0D911843EB49F70BC60AEB56DD66BBC328E065F6AD2ED4EC7FCCD30C61A3B017 ] klhk C:\WINDOWS\System32\drivers\klhk.sys
14:19:00.0639 0x24a8 klhk - ok
14:19:00.0649 0x24a8 [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
14:19:00.0657 0x24a8 klids - ok
14:19:00.0675 0x24a8 [ 4DF87FF594381901C224866A61A25B7B, AFAF93F4C08B481F0203ECFB2B4F0997728E9C91B694CB2BF9BBBF4889EFC48B ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
14:19:00.0696 0x24a8 KLIF - ok
14:19:00.0700 0x24a8 [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
14:19:00.0707 0x24a8 KLIM6 - ok
14:19:00.0711 0x24a8 [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
14:19:00.0717 0x24a8 klkbdflt - ok
14:19:00.0721 0x24a8 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
14:19:00.0727 0x24a8 klmouflt - ok
14:19:00.0731 0x24a8 [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
14:19:00.0737 0x24a8 klpd - ok
14:19:00.0741 0x24a8 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\WINDOWS\System32\drivers\kltap.sys
14:19:00.0747 0x24a8 kltap - ok
14:19:00.0754 0x24a8 [ 097D722294B9C1FA6E514A088F2E6B6E, FB0492CAF45FDF7F656CFF6662309435679C946269577ECF76A3077B7D7F940B ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
14:19:00.0764 0x24a8 klupd_klif_arkmon - ok
14:19:00.0769 0x24a8 [ 34D207C9300529BE5E29267922483778, 6F2888A3E649B78477A568E8F8A2527493D9D0D1FD13822E5D90AE575D2041D2 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
14:19:00.0776 0x24a8 klupd_klif_kimul - ok
14:19:00.0783 0x24a8 [ 1A4847813BF6A06C6D3D65BA7B59A3BD, ED7895487E53288446C21505F1B8554E94807638F335867FDE66B5FC460F7D1A ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
14:19:00.0793 0x24a8 klupd_klif_klark - ok
14:19:00.0798 0x24a8 [ 37B7BFC87ABE4C881FA2F9830407FDFD, EB8AF1EA83C378E4F079822221383FABDAB9000122434D0951929C01CF961F95 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
14:19:00.0806 0x24a8 klupd_klif_klbg - ok
14:19:00.0813 0x24a8 [ 2AAA2931E01B8D8D0BC3929F122C00D8, A2B7887BBE70981DC7FB965E17B2DB098EBC52F2FC53F20D9EC9E6EA9238F63C ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
14:19:00.0821 0x24a8 klupd_klif_mark - ok
14:19:00.0827 0x24a8 [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
14:19:00.0832 0x24a8 klvssbrigde64 - ok
14:19:00.0837 0x24a8 [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
14:19:00.0843 0x24a8 klwfp - ok
14:19:00.0849 0x24a8 [ 4799405773BB400A2FF96663CF0EE4A2, F7650B80AC388675724D9A43D709FF9CCDE99374D7C5E3B900F61FC61D6816D2 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
14:19:00.0856 0x24a8 Klwtp - ok
14:19:00.0862 0x24a8 [ 098D3EBDC599E05449A3BFB5BB519FE0, 00A02DE53312D4DF52E26E14E0E803255DF5AFAE95455EAE5A004F9E84C8B2F5 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
14:19:00.0870 0x24a8 kneps - ok
14:19:00.0877 0x24a8 [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
14:19:00.0885 0x24a8 KSDE1.0.0 - ok
14:19:00.0888 0x24a8 KSecDD - ok
14:19:00.0891 0x24a8 KSecPkg - ok
14:19:00.0893 0x24a8 ksthunk - ok
14:19:00.0896 0x24a8 KtmRm - ok
14:19:00.0901 0x24a8 [ 31AEF4DF2E06EC0F1A65EC6396771FE6, 7F6FC30A2E89D1B813152C154EDD62F97439A0B29152D4CFE6EC3948F387360C ] ladfGSS C:\WINDOWS\system32\drivers\ladfGSS.sys
14:19:00.0907 0x24a8 ladfGSS - ok
14:19:00.0916 0x24a8 [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
14:19:00.0926 0x24a8 LADF_CaptureOnly - ok
14:19:00.0933 0x24a8 [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
14:19:00.0939 0x24a8 LADF_RenderOnly - ok
14:19:00.0942 0x24a8 LanmanServer - ok
14:19:00.0946 0x24a8 LanmanWorkstation - ok
14:19:00.0950 0x24a8 lfsvc - ok
14:19:00.0956 0x24a8 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
14:19:00.0964 0x24a8 LGBusEnum - ok
14:19:00.0969 0x24a8 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
14:19:00.0978 0x24a8 LGJoyXlCore - ok
14:19:00.0981 0x24a8 [ 07B1C1927BAE6431D3DFB1816DF05BBA, 9B296F6E801D14CE89F5E3EA9B3962EE99E1D3E22077D075F5B0EE4FE3CAB65E ] lgLowAudio C:\WINDOWS\system32\drivers\lgLowAudio.sys
14:19:00.0987 0x24a8 lgLowAudio - ok
14:19:00.0991 0x24a8 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys
14:19:00.0995 0x24a8 LGSUsbFilt - ok
14:19:00.0999 0x24a8 LicenseManager - ok
14:19:01.0001 0x24a8 lltdio - ok
14:19:01.0004 0x24a8 lltdsvc - ok
14:19:01.0007 0x24a8 lmhosts - ok
14:19:01.0015 0x24a8 [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:19:01.0025 0x24a8 LMS - ok
14:19:01.0030 0x24a8 LSI_SAS - ok
14:19:01.0032 0x24a8 LSI_SAS2i - ok
14:19:01.0035 0x24a8 LSI_SAS3i - ok
14:19:01.0037 0x24a8 LSI_SSS - ok
14:19:01.0039 0x24a8 LSM - ok
14:19:01.0042 0x24a8 luafv - ok
14:19:01.0044 0x24a8 MapsBroker - ok
14:19:01.0046 0x24a8 mausbhost - ok
14:19:01.0049 0x24a8 mausbip - ok
14:19:01.0055 0x24a8 [ 7FAC4CB1D45F73A0DF880D74E33F5E30, 64F1E1779A3100814ED3F83BCA4F3175FC1AB301DD3EF048B34CCD10097F63A0 ] MBfilt C:\WINDOWS\system32\drivers\MBfilt64.sys
14:19:01.0060 0x24a8 MBfilt - ok
14:19:01.0063 0x24a8 megasas - ok
14:19:01.0066 0x24a8 megasas2i - ok
14:19:01.0068 0x24a8 megasr - ok
14:19:01.0074 0x24a8 [ 9D1B63E0FA537C3E77D4EAB73A299A34, A9816444F5984AA9ED57644746E9896952DBEAF4ED57820CC30D340A1046906C ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
14:19:01.0086 0x24a8 MEIx64 - ok
14:19:01.0089 0x24a8 MessagingService - ok
14:19:01.0093 0x24a8 mlx4_bus - ok
14:19:01.0096 0x24a8 MMCSS - ok
14:19:01.0098 0x24a8 Modem - ok
14:19:01.0101 0x24a8 monitor - ok
14:19:01.0103 0x24a8 mouclass - ok
14:19:01.0105 0x24a8 mouhid - ok
14:19:01.0108 0x24a8 mountmgr - ok
14:19:01.0116 0x24a8 [ 52FB4A9FADED881C00ECEF4F64CBF2BE, DD1D9D919634CBAC755BE1D1AA73314CB7D547084188B40BC13496B42022ADCE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:19:01.0123 0x24a8 MozillaMaintenance - ok
14:19:01.0126 0x24a8 mpsdrv - ok
14:19:01.0129 0x24a8 MpsSvc - ok
14:19:01.0132 0x24a8 MRxDAV - ok
14:19:01.0134 0x24a8 mrxsmb - ok
14:19:01.0136 0x24a8 mrxsmb10 - ok
14:19:01.0142 0x24a8 mrxsmb20 - ok
14:19:01.0144 0x24a8 MsBridge - ok
14:19:01.0146 0x24a8 MSDTC - ok
14:19:01.0150 0x24a8 Msfs - ok
14:19:01.0153 0x24a8 msgpiowin32 - ok
14:19:01.0155 0x24a8 mshidkmdf - ok
14:19:01.0158 0x24a8 mshidumdf - ok
14:19:01.0191 0x24a8 [ CB411D5A38C879075BCD71FAF635467D, D795E7391471A5AAC1CBE43594A1492D14D2F31DB4F368AF8C83DBC4B31157E1 ] MSIBIOSData_CC C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
14:19:01.0246 0x24a8 MSIBIOSData_CC - detected UnsignedFile.Multi.Generic ( 1 )
14:19:01.0313 0x24a8 Detect skipped due to KSN trusted
14:19:01.0313 0x24a8 MSIBIOSData_CC - ok
14:19:01.0379 0x24a8 [ 87AA44C0CF8794AD597F2577F2D486DE, 7CFEC23E0E4C6CFD40F70F60CCB1C7E060CCA8084D54A5D83F3F513193C357BF ] MSIClock_CC C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
14:19:01.0443 0x24a8 MSIClock_CC - ok
14:19:01.0481 0x24a8 [ 81A797E4744E4685A20E1B15E0B755A3, 84327BA73DD17DC4B2552EF01B8DE975CE1DBCB15248DF055BCB443D542BD8F0 ] MSICOMM_CC C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
14:19:01.0533 0x24a8 MSICOMM_CC - detected UnsignedFile.Multi.Generic ( 1 )
14:19:01.0602 0x24a8 Detect skipped due to KSN trusted
14:19:01.0602 0x24a8 MSICOMM_CC - ok
14:19:01.0636 0x24a8 [ D74E5BC84B7138730023570421BF7ADD, 3D2F7C7D7B494F30C5D3C5D23035A7385E39CCADA152F5430E1FFF1215B89916 ] MSICTL_CC C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
14:19:01.0685 0x24a8 MSICTL_CC - detected UnsignedFile.Multi.Generic ( 1 )
14:19:01.0751 0x24a8 Detect skipped due to KSN trusted
14:19:01.0751 0x24a8 MSICTL_CC - ok
14:19:01.0790 0x24a8 [ 3CD1BB157251A332799FE46785CA1E68, 630063216FED9D4A2AE7DC1AD7CC4502373572FCE488813B391682FFA106D838 ] MSIDDR_CC C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
14:19:01.0828 0x24a8 MSIDDR_CC - ok
14:19:01.0835 0x24a8 msisadrv - ok
14:19:01.0837 0x24a8 MSiSCSI - ok
14:19:01.0840 0x24a8 msiserver - ok
14:19:01.0873 0x24a8 [ 14E2C4AD6D329509306C821BF1ECD909, CCD3FFDF2DE19A62F0B548DBF4EB27E88A6FB5708E0AC8053BF959149269CEC2 ] MSISMB_CC C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
14:19:01.0922 0x24a8 MSISMB_CC - detected UnsignedFile.Multi.Generic ( 1 )
14:19:01.0991 0x24a8 Detect skipped due to KSN trusted
14:19:01.0991 0x24a8 MSISMB_CC - ok
14:19:02.0007 0x24a8 [ AAEB16B5E0CC888D6FBA0E7D0248D4AB, 95710C63120715C9922AF69C4E7ED8A5F7632EF4D764D6D079AD3AF3852D80A8 ] MSISuperIO_CC C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
14:19:02.0023 0x24a8 MSISuperIO_CC - detected UnsignedFile.Multi.Generic ( 1 )
14:19:02.0089 0x24a8 Detect skipped due to KSN trusted
14:19:02.0089 0x24a8 MSISuperIO_CC - ok
14:19:02.0095 0x24a8 [ 629CC5BE3BD275ECD8BBDBEC412C3C8A, 8E115809735AB0C578D1CB024D2162FB97EB884C8CF0324D6BCF6CCC0F248E7D ] MSI_FastBoot C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
14:19:02.0100 0x24a8 MSI_FastBoot - ok
14:19:02.0105 0x24a8 [ 8D682150F4FC7740D2D507D96E0726BF, 69226F2FA69562C6990309111B3C0319E7313D16BEAEF5B47F3AFB016F3EC756 ] MSI_LiveUpdate_Service C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
14:19:02.0110 0x24a8 MSI_LiveUpdate_Service - ok
14:19:02.0116 0x24a8 [ 6AFCD25B843D0C731B6987E39995AE72, FD0F2E15B0CEB1E558BD8A02D59B9002706A003049678281A446BC4398862B70 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
14:19:02.0122 0x24a8 MSI_SuperCharger - ok
14:19:02.0125 0x24a8 [ A7EDADFB0AE38AE6F0488F0F2448D8B5, 7DC08FF24CC4E2071BF8E876976B22E810A8A407FADE403D119F75AD50088105 ] MSI_Trigger_Service C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
14:19:02.0130 0x24a8 MSI_Trigger_Service - ok
14:19:02.0132 0x24a8 MSKSSRV - ok
14:19:02.0134 0x24a8 MsLldp - ok
14:19:02.0137 0x24a8 MSPCLOCK - ok
14:19:02.0140 0x24a8 MSPQM - ok
14:19:02.0142 0x24a8 MsRPC - ok
14:19:02.0145 0x24a8 MsSecFlt - ok
14:19:02.0148 0x24a8 mssmbios - ok
14:19:02.0150 0x24a8 MSTEE - ok
14:19:02.0157 0x24a8 MTConfig - ok
14:19:02.0159 0x24a8 Mup - ok
14:19:02.0161 0x24a8 mvumis - ok
14:19:02.0165 0x24a8 NativeWifiP - ok
14:19:02.0167 0x24a8 NaturalAuthentication - ok
14:19:02.0170 0x24a8 NcaSvc - ok
14:19:02.0172 0x24a8 NcbService - ok
14:19:02.0175 0x24a8 NcdAutoSetup - ok
14:19:02.0177 0x24a8 ndfltr - ok
14:19:02.0180 0x24a8 NDIS - ok
14:19:02.0183 0x24a8 NdisCap - ok
14:19:02.0186 0x24a8 NdisImPlatform - ok
14:19:02.0191 0x24a8 NdisTapi - ok
14:19:02.0193 0x24a8 Ndisuio - ok
14:19:02.0196 0x24a8 NdisVirtualBus - ok
14:19:02.0198 0x24a8 NdisWan - ok
14:19:02.0201 0x24a8 ndiswanlegacy - ok
14:19:02.0204 0x24a8 ndproxy - ok
14:19:02.0207 0x24a8 Ndu - ok
14:19:02.0214 0x24a8 NetAdapterCx - ok
14:19:02.0216 0x24a8 NetBIOS - ok
14:19:02.0219 0x24a8 NetBT - ok
14:19:02.0222 0x24a8 Netlogon - ok
14:19:02.0224 0x24a8 Netman - ok
14:19:02.0231 0x24a8 netprofm - ok
14:19:02.0234 0x24a8 NetSetupSvc - ok
14:19:02.0240 0x24a8 NetTcpPortSharing - ok
14:19:02.0242 0x24a8 netvsc - ok
14:19:02.0246 0x24a8 NgcCtnrSvc - ok
14:19:02.0249 0x24a8 NgcSvc - ok
14:19:02.0253 0x24a8 NlaSvc - ok
14:19:02.0256 0x24a8 Npfs - ok
14:19:02.0258 0x24a8 npggsvc - ok
14:19:02.0262 0x24a8 npsvctrig - ok
14:19:02.0264 0x24a8 nsi - ok
14:19:02.0266 0x24a8 nsiproxy - ok
14:19:02.0274 0x24a8 NTFS - ok
14:19:02.0277 0x24a8 [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
14:19:02.0281 0x24a8 NTIOLib_1_0_3 - ok
14:19:02.0283 0x24a8 [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys
14:19:02.0289 0x24a8 NTIOLib_1_0_4 - ok
14:19:02.0292 0x24a8 [ 9638F265B1DDD5DA6ECDF5C0619DCBE6, 3D9E83B189FCF5C3541C62D1F54A0DA0A4E5B62C3243D2989AFC46644056C8E3 ] NTIOLib_ECO C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys
14:19:02.0297 0x24a8 NTIOLib_ECO - ok
14:19:02.0299 0x24a8 [ 992DED5B623BE3C228F32EDB4CA3F2D2, 47F0CDAA2359A63AD1389EF4A635F1F6EEE1F63BDF6EF177F114BDCDADC2E005 ] NTIOLib_FastBoot C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
14:19:02.0303 0x24a8 NTIOLib_FastBoot - ok
14:19:02.0307 0x24a8 [ 361A598D8BB92C13B18ABB7CAC850B01, EF86C4E5EE1DBC4F81CD864E8CD2F4A2A85EE4475B9A9AB698A4AE1CC71FBEB0 ] NTIOLib_MB C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys
14:19:02.0311 0x24a8 NTIOLib_MB - ok
14:19:02.0313 0x24a8 [ 95E4C7B0384DA89DCE8EA6F31C3613D9, CF4B5FA853CE809F1924DF3A3AE3C4E191878C4EA5248D8785DC7E51807A512B ] NTIOLib_MSIClock_CC C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys
14:19:02.0318 0x24a8 NTIOLib_MSIClock_CC - ok
14:19:02.0320 0x24a8 [ A711E6AB17802FABF2E69E0CD57C54CD, A9706E320179993DADE519A83061477ACE195DAA1B788662825484813001F526 ] NTIOLib_MSICOMM_CC C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys
14:19:02.0324 0x24a8 NTIOLib_MSICOMM_CC - ok
14:19:02.0327 0x24a8 [ E9A30EDEF1105B8A64218F892B2E56ED, E83908EBA2501A00EF9E74E7D1C8B4FF1279F1CD6051707FD51824F87E4378FA ] NTIOLib_MSICPU_CC C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys
14:19:02.0331 0x24a8 NTIOLib_MSICPU_CC - ok
14:19:02.0335 0x24a8 [ 6CCE5BB9C8C2A8293DF2D3B1897941A2, 9254F012009D55F555418FF85F7D93B184AB7CB0E37AECDFDAB62CFE94DEA96B ] NTIOLib_MSIDDR_CC C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys
14:19:02.0339 0x24a8 NTIOLib_MSIDDR_CC - ok
14:19:02.0341 0x24a8 [ 63E333D64A8716E1AE59F914CB686AE8, 3124B0411B8077605DB2A9B7909D8240E0D554496600E2706E531C93C931E1B5 ] NTIOLib_MSIFrequency_CC C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys
14:19:02.0346 0x24a8 NTIOLib_MSIFrequency_CC - ok
14:19:02.0348 0x24a8 [ 68DDE686D6999AD2E5D182B20403240B, 591BD5E92DFA0117B3DAA29750E73E2DB25BAA717C31217539D30FFB1F7F3A52 ] NTIOLib_MSIRatio_CC C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys
14:19:02.0352 0x24a8 NTIOLib_MSIRatio_CC - ok
14:19:02.0354 0x24a8 [ 3DBF69F935EA48571EA6B0F5A2878896, E005E8D183E853A27AD3BB56F25489F369C11B0D47E3D4095AAD9291B3343BF1 ] NTIOLib_MSISMB_CC C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys
14:19:02.0358 0x24a8 NTIOLib_MSISMB_CC - ok
14:19:02.0361 0x24a8 [ DD04CD3DE0C19BEDE84E9C95A86B3CA8, CD4A249C3EF65AF285D0F8F30A8A96E83688486AAB515836318A2559757A89BB ] NTIOLib_MSISuperIO_CC C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys
14:19:02.0364 0x24a8 NTIOLib_MSISuperIO_CC - ok
14:19:02.0367 0x24a8 Null - ok
14:19:02.0370 0x24a8 nvdimmn - ok
14:19:02.0373 0x24a8 nvraid - ok
14:19:02.0375 0x24a8 nvstor - ok
14:19:02.0391 0x24a8 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
14:19:02.0416 0x24a8 nvsvc - ok
14:19:02.0421 0x24a8 OneSyncSvc - ok
14:19:02.0505 0x24a8 [ 166D7EDCED2726D68E92F1EE363D54D1, 0983FB454EC8E82AE8709D0348D9819F026AFBFC465F0876AD1B825612AA499A ] Origin Client Service L:\Programme\Origin\OriginClientService.exe
14:19:02.0540 0x24a8 Origin Client Service - ok
14:19:02.0600 0x24a8 [ 3458347B7D15E95F0A073F0E5BB4CB5C, 0A87B66B8D713AC4BD976E596BD33C389E34C766F399208E495327D36E6691C6 ] Origin Web Helper Service L:\Programme\Origin\OriginWebHelperService.exe
14:19:02.0636 0x24a8 Origin Web Helper Service - ok
14:19:02.0647 0x24a8 [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:19:02.0656 0x24a8 ose - ok
14:19:02.0659 0x24a8 p2pimsvc - ok
14:19:02.0662 0x24a8 p2psvc - ok
14:19:02.0664 0x24a8 Parport - ok
14:19:02.0667 0x24a8 partmgr - ok
14:19:02.0669 0x24a8 PcaSvc - ok
14:19:02.0671 0x24a8 pci - ok
14:19:02.0674 0x24a8 pciide - ok
14:19:02.0676 0x24a8 pcmcia - ok
14:19:02.0679 0x24a8 pcw - ok
14:19:02.0685 0x24a8 pdc - ok
14:19:02.0687 0x24a8 PEAUTH - ok
14:19:02.0690 0x24a8 PeerDistSvc - ok
14:19:02.0693 0x24a8 percsas2i - ok
14:19:02.0695 0x24a8 percsas3i - ok
14:19:02.0715 0x24a8 PerfHost - ok
14:19:02.0723 0x24a8 PhoneSvc - ok
14:19:02.0726 0x24a8 PimIndexMaintenanceSvc - ok
14:19:02.0729 0x24a8 pla - ok
14:19:02.0732 0x24a8 PlugPlay - ok
14:19:02.0734 0x24a8 pmem - ok
14:19:02.0736 0x24a8 PNRPAutoReg - ok
14:19:02.0738 0x24a8 PNRPsvc - ok
14:19:02.0741 0x24a8 PolicyAgent - ok
14:19:02.0744 0x24a8 Power - ok
14:19:02.0747 0x24a8 PptpMiniport - ok
14:19:02.0796 0x24a8 [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:19:02.0869 0x24a8 PrintNotify - ok
14:19:02.0878 0x24a8 Processor - ok
14:19:02.0881 0x24a8 ProfSvc - ok
14:19:02.0883 0x24a8 Psched - ok
14:19:02.0891 0x24a8 [ 488936C5C09AC64F35DC817BFE34F3D9, 43DE318D50F30B54EF2BC635AA6FD2179073444F8E78F978D9F87A1F31A6EA26 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
14:19:02.0902 0x24a8 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
14:19:02.0968 0x24a8 Detect skipped due to KSN trusted
14:19:02.0968 0x24a8 Qualcomm Atheros Killer Service V2 - ok
14:19:02.0974 0x24a8 QWAVE - ok
14:19:02.0977 0x24a8 QWAVEdrv - ok
14:19:02.0979 0x24a8 RasAcd - ok
14:19:02.0981 0x24a8 RasAgileVpn - ok
14:19:02.0984 0x24a8 RasAuto - ok
14:19:02.0986 0x24a8 Rasl2tp - ok
14:19:02.0988 0x24a8 RasMan - ok
14:19:02.0990 0x24a8 RasPppoe - ok
14:19:02.0992 0x24a8 RasSstp - ok
14:19:02.0995 0x24a8 rdbss - ok
14:19:02.0999 0x24a8 rdpbus - ok
14:19:03.0001 0x24a8 RDPDR - ok
14:19:03.0005 0x24a8 RdpVideoMiniport - ok
14:19:03.0007 0x24a8 rdyboost - ok
14:19:03.0010 0x24a8 ReFS - ok
14:19:03.0012 0x24a8 ReFSv1 - ok
14:19:03.0016 0x24a8 RemoteAccess - ok
14:19:03.0018 0x24a8 RemoteRegistry - ok
14:19:03.0025 0x24a8 RetailDemo - ok
14:19:03.0027 0x24a8 RmSvc - ok
14:19:03.0029 0x24a8 RpcEptMapper - ok
14:19:03.0032 0x24a8 RpcLocator - ok
14:19:03.0034 0x24a8 RpcSs - ok
14:19:03.0036 0x24a8 rspndr - ok
14:19:03.0039 0x24a8 s3cap - ok
14:19:03.0041 0x24a8 SamSs - ok
14:19:03.0044 0x24a8 sbp2port - ok
14:19:03.0046 0x24a8 SCardSvr - ok
14:19:03.0048 0x24a8 ScDeviceEnum - ok
14:19:03.0050 0x24a8 scfilter - ok
14:19:03.0053 0x24a8 Schedule - ok
14:19:03.0059 0x24a8 scmbus - ok
14:19:03.0062 0x24a8 SCPolicySvc - ok
14:19:03.0065 0x24a8 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys
14:19:03.0071 0x24a8 ScreamBAudioSvc - ok
14:19:03.0074 0x24a8 sdbus - ok
14:19:03.0077 0x24a8 SDFRd - ok
14:19:03.0079 0x24a8 SDRSVC - ok
14:19:03.0085 0x24a8 sdstor - ok
14:19:03.0088 0x24a8 seclogon - ok
14:19:03.0090 0x24a8 SecurityHealthService - ok
14:19:03.0093 0x24a8 SEMgrSvc - ok
14:19:03.0095 0x24a8 SENS - ok
14:19:03.0098 0x24a8 Sense - ok
14:19:03.0100 0x24a8 SensorDataService - ok
14:19:03.0103 0x24a8 SensorService - ok
14:19:03.0105 0x24a8 SensrSvc - ok
14:19:03.0107 0x24a8 SerCx - ok
14:19:03.0109 0x24a8 SerCx2 - ok
14:19:03.0112 0x24a8 Serenum - ok
14:19:03.0114 0x24a8 Serial - ok
14:19:03.0116 0x24a8 sermouse - ok
14:19:03.0122 0x24a8 SessionEnv - ok
14:19:03.0124 0x24a8 sfloppy - ok
14:19:03.0126 0x24a8 SharedAccess - ok
14:19:03.0129 0x24a8 ShellHWDetection - ok
14:19:03.0135 0x24a8 shpamsvc - ok
14:19:03.0137 0x24a8 SiSRaid2 - ok
14:19:03.0139 0x24a8 SiSRaid4 - ok
14:19:03.0142 0x24a8 smphost - ok
14:19:03.0144 0x24a8 SmsRouter - ok
14:19:03.0148 0x24a8 SNMPTRAP - ok
14:19:03.0153 0x24a8 [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
14:19:03.0159 0x24a8 Sony PC Companion - ok
14:19:03.0163 0x24a8 spaceport - ok
14:19:03.0165 0x24a8 SpatialGraphFilter - ok
14:19:03.0168 0x24a8 SpbCx - ok
14:19:03.0171 0x24a8 spectrum - ok
14:19:03.0174 0x24a8 Spooler - ok
14:19:03.0179 0x24a8 sppsvc - ok
14:19:03.0181 0x24a8 srv - ok
14:19:03.0184 0x24a8 srv2 - ok
14:19:03.0187 0x24a8 srvnet - ok
14:19:03.0190 0x24a8 [ 5BF0F8641A219B9E24A4841DA318416F, 2B7A9EF7E83A3C8D7ADEAB4C9FDC0234EFB60AB09D2D08BC0297FFA654D1B454 ] ssdevfactory C:\WINDOWS\System32\drivers\ssdevfactory.sys
14:19:03.0195 0x24a8 ssdevfactory - ok
14:19:03.0198 0x24a8 SSDPSRV - ok
14:19:03.0201 0x24a8 SstpSvc - ok
14:19:03.0204 0x24a8 StateRepository - ok
14:19:03.0231 0x24a8 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:19:03.0259 0x24a8 Steam Client Service - ok
14:19:03.0265 0x24a8 stexstor - ok
14:19:03.0268 0x24a8 stisvc - ok
14:19:03.0271 0x24a8 storahci - ok
14:19:03.0274 0x24a8 storflt - ok
14:19:03.0276 0x24a8 stornvme - ok
14:19:03.0279 0x24a8 storqosflt - ok
14:19:03.0282 0x24a8 StorSvc - ok
14:19:03.0284 0x24a8 storufs - ok
14:19:03.0286 0x24a8 storvsc - ok
14:19:03.0289 0x24a8 svsvc - ok
14:19:03.0295 0x24a8 swenum - ok
14:19:03.0298 0x24a8 swprv - ok
14:19:03.0301 0x24a8 Synth3dVsc - ok
14:19:03.0305 0x24a8 SysMain - ok
14:19:03.0308 0x24a8 SystemEventsBroker - ok
14:19:03.0311 0x24a8 TabletInputService - ok
14:19:03.0316 0x24a8 [ 5B4A09AB34D0205C616C4D247AD29F57, B1DBDD5E2149114E1DCC56DAB00876AAE1FBFC5D4063D3F5A59D8C66918EF693 ] tap-tb-0901 C:\WINDOWS\System32\drivers\tap-tb-0901.sys
14:19:03.0322 0x24a8 tap-tb-0901 - ok
14:19:03.0326 0x24a8 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
14:19:03.0332 0x24a8 tap0901 - ok
14:19:03.0336 0x24a8 [ DABC1C08AD2CD6578A1B49C38366110A, D1D4D5ACF2A4847F6E3F35B10658F01E1BA3901436E00BFF09F4871BBC5AFBEB ] tap0901_openvpn_accl C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys
14:19:03.0342 0x24a8 tap0901_openvpn_accl - ok
14:19:03.0346 0x24a8 TapiSrv - ok
14:19:03.0348 0x24a8 Tcpip - ok
14:19:03.0351 0x24a8 Tcpip6 - ok
14:19:03.0357 0x24a8 tcpipreg - ok
14:19:03.0360 0x24a8 tdx - ok
14:19:03.0363 0x24a8 terminpt - ok
14:19:03.0366 0x24a8 TermService - ok
14:19:03.0369 0x24a8 Themes - ok
14:19:03.0372 0x24a8 TieringEngineService - ok
14:19:03.0378 0x24a8 tiledatamodelsvc - ok
14:19:03.0380 0x24a8 TimeBrokerSvc - ok
14:19:03.0383 0x24a8 TokenBroker - ok
14:19:03.0385 0x24a8 TPM - ok
14:19:03.0388 0x24a8 TrkWks - ok
14:19:03.0390 0x24a8 TrustedInstaller - ok
14:19:03.0397 0x24a8 TsUsbFlt - ok
14:19:03.0400 0x24a8 TsUsbGD - ok
14:19:03.0403 0x24a8 tsusbhub - ok
14:19:03.0406 0x24a8 tzautoupdate - ok
14:19:03.0409 0x24a8 UASPStor - ok
14:19:03.0412 0x24a8 UcmCx0101 - ok
14:19:03.0414 0x24a8 UcmTcpciCx0101 - ok
14:19:03.0420 0x24a8 UcmUcsi - ok
14:19:03.0422 0x24a8 Ucx01000 - ok
14:19:03.0425 0x24a8 UdeCx - ok
14:19:03.0428 0x24a8 udfs - ok
14:19:03.0430 0x24a8 UEFI - ok
14:19:03.0432 0x24a8 UevAgentDriver - ok
14:19:03.0435 0x24a8 UevAgentService - ok
14:19:03.0437 0x24a8 Ufx01000 - ok
14:19:03.0439 0x24a8 UfxChipidea - ok
14:19:03.0442 0x24a8 ufxsynopsys - ok
14:19:03.0447 0x24a8 UI0Detect - ok
14:19:03.0448 0x24a8 umbus - ok
14:19:03.0451 0x24a8 UmPass - ok
14:19:03.0454 0x24a8 UmRdpService - ok
14:19:03.0456 0x24a8 UnistoreSvc - ok
14:19:03.0460 0x24a8 upnphost - ok
14:19:03.0462 0x24a8 UrsChipidea - ok
14:19:03.0468 0x24a8 UrsCx01000 - ok
14:19:03.0471 0x24a8 UrsSynopsys - ok
14:19:03.0473 0x24a8 usbaudio - ok
14:19:03.0476 0x24a8 usbccgp - ok
14:19:03.0479 0x24a8 usbcir - ok
14:19:03.0481 0x24a8 usbehci - ok
14:19:03.0483 0x24a8 usbhub - ok
14:19:03.0488 0x24a8 USBHUB3 - ok
14:19:03.0491 0x24a8 usbohci - ok
14:19:03.0493 0x24a8 usbprint - ok
14:19:03.0496 0x24a8 usbser - ok
14:19:03.0498 0x24a8 USBSTOR - ok
14:19:03.0501 0x24a8 usbuhci - ok
14:19:03.0503 0x24a8 USBXHCI - ok
14:19:03.0506 0x24a8 UserDataSvc - ok
14:19:03.0509 0x24a8 UserManager - ok
14:19:03.0512 0x24a8 UsoSvc - ok
14:19:03.0514 0x24a8 VaultSvc - ok
14:19:03.0516 0x24a8 vdrvroot - ok
14:19:03.0524 0x24a8 vds - ok
14:19:03.0526 0x24a8 VerifierExt - ok
14:19:03.0529 0x24a8 vhdmp - ok
14:19:03.0531 0x24a8 vhf - ok
14:19:03.0533 0x24a8 vmbus - ok
14:19:03.0536 0x24a8 VMBusHID - ok
14:19:03.0538 0x24a8 vmgid - ok
14:19:03.0540 0x24a8 vmicguestinterface - ok
14:19:03.0542 0x24a8 vmicheartbeat - ok
14:19:03.0545 0x24a8 vmickvpexchange - ok
14:19:03.0547 0x24a8 vmicrdv - ok
14:19:03.0549 0x24a8 vmicshutdown - ok
14:19:03.0551 0x24a8 vmictimesync - ok
14:19:03.0554 0x24a8 vmicvmsession - ok
14:19:03.0556 0x24a8 vmicvss - ok
14:19:03.0558 0x24a8 volmgr - ok
14:19:03.0561 0x24a8 volmgrx - ok
14:19:03.0563 0x24a8 volsnap - ok
14:19:03.0565 0x24a8 volume - ok
14:19:03.0573 0x24a8 vpci - ok
14:19:03.0576 0x24a8 vsmraid - ok
14:19:03.0578 0x24a8 VSS - ok
14:19:03.0581 0x24a8 VSTXRAID - ok
14:19:03.0583 0x24a8 vwifibus - ok
14:19:03.0585 0x24a8 vwififlt - ok
14:19:03.0588 0x24a8 W32Time - ok
14:19:03.0594 0x24a8 WacomPen - ok
14:19:03.0596 0x24a8 WalletService - ok
14:19:03.0598 0x24a8 wanarp - ok
14:19:03.0601 0x24a8 wanarpv6 - ok
14:19:03.0603 0x24a8 wbengine - ok
14:19:03.0606 0x24a8 WbioSrvc - ok
14:19:03.0608 0x24a8 wcifs - ok
14:19:03.0611 0x24a8 Wcmsvc - ok
14:19:03.0613 0x24a8 wcncsvc - ok
14:19:03.0615 0x24a8 wcnfs - ok
14:19:03.0618 0x24a8 WdBoot - ok
14:19:03.0620 0x24a8 Wdf01000 - ok
14:19:03.0622 0x24a8 WdFilter - ok
14:19:03.0628 0x24a8 WdiServiceHost - ok
14:19:03.0630 0x24a8 WdiSystemHost - ok
14:19:03.0633 0x24a8 wdiwifi - ok
14:19:03.0636 0x24a8 WdNisDrv - ok
14:19:03.0638 0x24a8 WdNisSvc - ok
14:19:03.0641 0x24a8 WebClient - ok
14:19:03.0643 0x24a8 Wecsvc - ok
14:19:03.0646 0x24a8 WEPHOSTSVC - ok
14:19:03.0649 0x24a8 wercplsupport - ok
14:19:03.0651 0x24a8 WerSvc - ok
14:19:03.0653 0x24a8 WFDSConMgrSvc - ok
14:19:03.0656 0x24a8 WFPLWFS - ok
14:19:03.0658 0x24a8 WiaRpc - ok
14:19:03.0664 0x24a8 WIMMount - ok
14:19:03.0666 0x24a8 WinDefend - ok
14:19:03.0671 0x24a8 WindowsTrustedRT - ok
14:19:03.0673 0x24a8 WindowsTrustedRTProxy - ok
14:19:03.0676 0x24a8 WinHttpAutoProxySvc - ok
14:19:03.0682 0x24a8 WinMad - ok
14:19:03.0688 0x24a8 Winmgmt - ok
14:19:03.0690 0x24a8 WinNat - ok
14:19:03.0695 0x24a8 WinRM - ok
14:19:03.0700 0x24a8 WINUSB - ok
14:19:03.0703 0x24a8 WinVerbs - ok
14:19:03.0706 0x24a8 wisvc - ok
14:19:03.0710 0x24a8 [ 8C17F3795DAE9A0ECDE4B3A3B0740E5F, 65807F2EEB7E60E1A7EFB4AEC9BB20C7121E8754E9001616DF919E5EA8B7C541 ] wjimfvo C:\WINDOWS\system32\drivers\tmdfeg.sys
14:19:03.0716 0x24a8 wjimfvo - ok
14:19:03.0719 0x24a8 WlanSvc - ok
14:19:03.0722 0x24a8 wlidsvc - ok
14:19:03.0724 0x24a8 wlpasvc - ok
14:19:03.0727 0x24a8 WmiAcpi - ok
14:19:03.0733 0x24a8 wmiApSrv - ok
14:19:03.0735 0x24a8 WMPNetworkSvc - ok
14:19:03.0741 0x24a8 [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
14:19:03.0753 0x24a8 Wof - ok
14:19:03.0757 0x24a8 workfolderssvc - ok
14:19:03.0760 0x24a8 WPDBusEnum - ok
14:19:03.0763 0x24a8 WpdUpFltr - ok
14:19:03.0768 0x24a8 WpnService - ok
14:19:03.0770 0x24a8 WpnUserService - ok
14:19:03.0774 0x24a8 ws2ifsl - ok
14:19:03.0783 0x24a8 [ 198E8FA1545F8C08BB6B9F34D00E00FC, 42B4502F12E0B858D67B878A2C319D31266C3FCA9E87769C6A402C23E6CD3748 ] WsAppService C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
14:19:03.0794 0x24a8 WsAppService - detected UnsignedFile.Multi.Generic ( 1 )
14:19:03.0863 0x24a8 Detect skipped due to KSN trusted
14:19:03.0863 0x24a8 WsAppService - ok
14:19:03.0868 0x24a8 wscsvc - ok
14:19:03.0871 0x24a8 WSDPrintDevice - ok
14:19:03.0874 0x24a8 WSearch - ok
14:19:03.0878 0x24a8 wuauserv - ok
14:19:03.0880 0x24a8 WudfPf - ok
14:19:03.0883 0x24a8 WUDFRd - ok
14:19:03.0885 0x24a8 wudfsvc - ok
14:19:03.0887 0x24a8 WUDFWpdFs - ok
14:19:03.0893 0x24a8 WwanSvc - ok
14:19:03.0895 0x24a8 xbgm - ok
14:19:03.0899 0x24a8 XblAuthManager - ok
14:19:03.0902 0x24a8 XblGameSave - ok
14:19:03.0904 0x24a8 xboxgip - ok
14:19:03.0907 0x24a8 XboxGipSvc - ok
14:19:03.0913 0x24a8 XboxNetApiSvc - ok
14:19:03.0915 0x24a8 xinputhid - ok
14:19:03.0919 0x24a8 [ FA4E078ECB0D7651747198CED1DC8B2A, F2FEFD685E5BC0323290AF6DFC25009712EA3389456DAABA4F3B1B4292E6DA98 ] XTU3SERVICE C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
14:19:03.0924 0x24a8 XTU3SERVICE - ok
14:19:03.0924 0x24a8 ================ Scan global ===============================
14:19:03.0935 0x24a8 [ Global ] - ok
14:19:03.0936 0x24a8 ================ Scan MBR ==================================
14:19:03.0937 0x24a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:19:04.0011 0x24a8 \Device\Harddisk0\DR0 - ok
14:19:04.0019 0x24a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:19:04.0186 0x24a8 \Device\Harddisk1\DR1 - ok
14:19:04.0187 0x24a8 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
14:19:04.0243 0x24a8 \Device\Harddisk2\DR2 - ok
14:19:04.0244 0x24a8 ================ Scan VBR ==================================
14:19:04.0247 0x24a8 [ 056A28E200A1056FE8961E30913016F3 ] \Device\Harddisk0\DR0\Partition1
14:19:04.0248 0x24a8 \Device\Harddisk0\DR0\Partition1 - ok
14:19:04.0250 0x24a8 [ 5A46AA121BF6CD75D05889E3F7E24BB6 ] \Device\Harddisk1\DR1\Partition1
14:19:04.0251 0x24a8 \Device\Harddisk1\DR1\Partition1 - ok
14:19:04.0252 0x24a8 [ 6C03E13563C53B4EC25091E7EB80A77E ] \Device\Harddisk1\DR1\Partition2
14:19:04.0253 0x24a8 \Device\Harddisk1\DR1\Partition2 - ok
14:19:04.0255 0x24a8 [ 8E93E34CFD4D9FAE132504E707FBBA48 ] \Device\Harddisk2\DR2\Partition1
14:19:04.0256 0x24a8 \Device\Harddisk2\DR2\Partition1 - ok
14:19:04.0256 0x24a8 ================ Scan generic autorun ======================
14:19:04.0257 0x24a8 SecurityHealth - ok
14:19:04.0395 0x24a8 [ 2CE31080DCDA6046AAEDFBDC0559901C, 777F1D74CAB2F6300E85A53EAC886649C1946A4DFA96FB2B57578025BDA7AA54 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:19:04.0554 0x24a8 RTHDVCPL - ok
14:19:04.0565 0x24a8 MBCfg64 - ok
14:19:04.0580 0x24a8 [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
14:19:04.0596 0x24a8 StartCCC - ok
14:19:04.0621 0x24a8 [ CF7604160B828C019C287B61CA6FA4BB, 8BA5AF5D47567539A00CF1D38131D31DFD045EC2ACD50B771BFB82D09ACF2D8C ] C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
14:19:04.0659 0x24a8 Sound Blaster Cinema 2 - detected UnsignedFile.Multi.Generic ( 1 )
14:19:04.0728 0x24a8 Detect skipped due to KSN trusted
14:19:04.0728 0x24a8 Sound Blaster Cinema 2 - ok
14:19:04.0732 0x24a8 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\WINDOWS\UpdReg.EXE
14:19:04.0738 0x24a8 UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
14:19:04.0805 0x24a8 Detect skipped due to KSN trusted
14:19:04.0805 0x24a8 UpdReg - ok
14:19:04.0824 0x24a8 [ B0FCC4B7BB21FA6112532D424EE1B1AD, 294EAD47F50C69A61D97AFB1A07BBC37D3FCA5F6DAABD05FF7372B282C2CD4EB ] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
14:19:04.0846 0x24a8 Super Charger - ok
14:19:04.0861 0x24a8 [ 6143A70622AD25BD935BDC717ECADB9B, 2CEF01C7AFDF11A82179E7D0365659435F59C5B59B71475B0DA2B056B818AC3A ] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
14:19:04.0877 0x24a8 Fast Boot - ok
14:19:04.0888 0x24a8 [ 124C49822A42A3CDC59723CB3B2E9CA7, 6763989E2C0A504701A1E63C08E6F647F0B548BA7847CCB0EC512072454DE382 ] C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe
14:19:04.0902 0x24a8 Live Update - ok
14:19:04.0915 0x24a8 [ 73A0709DCF00F11F219BB55DF3FB2678, 23B5D416A10A2D5D5B6A7876B0085A03E56C53D2D15418063B74F8CB7A1A7150 ] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
14:19:04.0932 0x24a8 Command Center - ok
14:19:04.0944 0x24a8 [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:19:04.0958 0x24a8 SunJavaUpdateSched - ok
14:19:04.0978 0x24a8 OneDriveSetup - ok
14:19:04.0979 0x24a8 OneDriveSetup - ok
14:19:04.0985 0x24a8 [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
14:19:04.0994 0x24a8 BingSvc - ok
14:19:04.0998 0x24a8 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe
14:19:05.0005 0x24a8 Dropbox Update - ok
14:19:05.0029 0x24a8 [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Pascal\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:19:05.0060 0x24a8 OneDrive - ok
14:19:05.0087 0x24a8 [ B2C5237118425BF96D71CA9264673CF7, A39DEA103D0D7CD732013CF816BDB05E0B7FB7C5FF1099D7CD773CCC60DE5F32 ] C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:19:05.0115 0x24a8 Spotify Web Helper - ok
14:19:05.0267 0x24a8 [ 638AE77DC319958727FBEA403D37B2D6, FF40F8D0A0EA99478BF46656FDB7BB37CED75375F4FD149E3FE2393749120D39 ] C:\Program Files\CCleaner\CCleaner64.exe
14:19:05.0426 0x24a8 CCleaner Monitoring - ok
14:19:05.0581 0x24a8 [ EB890DA4D7F2E4588D27963B1D1CF8A4, 0890188722C851A29CFC1D48C4644C32FB353A14452A0A4E794216E5978333CF ] L:\Programme\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
14:19:05.0603 0x24a8 WallpaperEngine - detected UnsignedFile.Multi.Generic ( 1 )
14:19:05.0670 0x24a8 Detect skipped due to KSN trusted
14:19:05.0670 0x24a8 WallpaperEngine - ok
14:19:05.0671 0x24a8 Waiting for KSN requests completion. In queue: 85
14:19:06.0682 0x24a8 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41000 ( enabled : updated )
14:19:06.0688 0x24a8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
14:19:06.0689 0x24a8 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x40010 ( disabled )
14:19:06.0696 0x24a8 Win FW state via NFP2: enabled ( trusted )
14:19:06.0809 0x24a8 ============================================================
14:19:06.0809 0x24a8 Scan finished
14:19:06.0809 0x24a8 ============================================================
14:19:06.0816 0x1f58 Detected object count: 0
14:19:06.0816 0x1f58 Actual detected object count: 0

M-K-D-B · 27.05.2017, 13:30

Servus,

so geht es weiter

Seehmer · 27.05.2017, 14:06

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.046 - Bericht erstellt am 27/05/2017 um 14:53:30
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-26.6 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Pascal - PASCAL
# Gestartet von : C:\Users\Pascal\Downloads\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Pascal\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Users\Pascal\AppData\Roaming\RHEng
[-] Ordner gelöscht: C:\ProgramData\IObit\ASCDownloader
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\IOBIT\ASC
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Reimage
[-] Wert gelöscht: HKU\S-1-5-21-1229423121-489186376-597309758-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Advanced SystemCare 10]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Schlüssel gelöscht: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\eiibddcohpjhajbnfkpboacmohommppp


***** [ Browser ] *****

[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: sweet-page.com
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: binkiland.com
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: sweet-page
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: conduit.search
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: funmoods.com
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: babylon.com
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: mystartsearch.com
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: mystart.incredibar.com/mb201
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: search.conduit.com
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: trovi.search
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2467A2B3-0253-422E-9236-CC5F6822DB51&SSPV=
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://searchfunmoods.com/?f=1&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtBtBtCyDzz0B0FtBzytCyC0AyE0AtN0D0Tzu0CyEyBzytN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1493526372&ir=
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP622969F6-4F05-4630-B4EE-4D8B2DB4F654&SSPV=
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://www.sweet-page.com/?type=hp&ts=1395233957&from=slbnew&uid=WDCXWD5000AAKS-22V1A0_WD-WCAWFD65254052540
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://www.sweet-page.com/?type=hp&ts=1395234093&from=slbnew&uid=WDCXWD5000AAKS-22V1A0_WD-WCAWFD65254052540
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: eiibddcohpjhajbnfkpboacmohommppp
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: fmlgoencnlndpglbocajlimaikjohmab
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: pilplloabdedfmialnfchjomjmpjcoej
[-] [C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default] [homepage] Gelöscht: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2467A2B3-0253-422E-9236-CC5F6822DB51&SSPV=


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5753 Bytes] - [27/05/2017 14:53:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [5578 Bytes] - [27/05/2017 14:50:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [5650 Bytes] - [27/05/2017 14:52:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5972 Bytes] ##########

--- --- ---

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 27.05.17
Scan-Zeit: 15:00
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.2032
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: PASCAL\Pascal

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 446441
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 2 Min., 3 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

(end)

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Pascal (Administrator) auf PASCAL (27-05-2017 15:04:21)
Gestartet von C:\Users\Pascal\Downloads
Geladene Profile: Pascal (Verfügbare Profile: Pascal)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
() C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Electronic Arts) L:\Programme\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ROCCAT GmbH) C:\Users\Pascal\Downloads\SWARM_v19201 (1)\data\SWARM_CONNECT\SwarmHW_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(© 2015 Microsoft Corporation) C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT) L:\Programme\ROCCAT_Swarm_Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-23] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe [579056 2014-03-28] (Micro-Star International)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2015-03-05] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [BingSvc] => C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-12-24] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Dropbox Update] => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-24] (Dropbox, Inc.)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Spotify Web Helper] => C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-25] (Spotify Ltd)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [WallpaperEngine] => L:\Programme\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [735232 2017-05-11] ()
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-03-25]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2017-03-13]
ShortcutTarget: ROCCAT Swarm.lnk -> L:\Programme\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8fee23f3-22fd-4b73-a7b9-9aea4d15184f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1229423121-489186376-597309758-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1229423121-489186376-597309758-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default [2017-05-04]
FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\user.js [2016-11-21]
FF Homepage: Mozilla\Firefox\Profiles\qh5dvH6z.default -> hxxps://www.reddit.com/r/all/
FF Extension: (Firefox Hotfix) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-16]
FF Extension: (BetterTTV) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox@betterttv.net.xpi [2016-09-19]
FF Extension: (Adblock Plus) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-16]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2467A2B3-0253-422E-9236-CC5F6822DB51&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP2467A2B3-0253-422E-9236-CC5F6822DB51&SSPV=","hxxp://searchfunmoods.com/?f=1&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtBtBtCyDzz0B0FtBzytCyC0AyE0AtN0D0Tzu0CyEyBzytN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=1493526372&ir=","hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=1bb522de-3707-eb1b-9375-91cd8ec09600&searchtype=hp&installDate={installDate}","hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP622969F6-4F05-4630-B4EE-4D8B2DB4F654&SSPV=","hxxp://www.sweet-page.com/?type=hp&ts=1395233957&from=slbnew&uid=WDCXWD5000AAKS-22V1A0_WD-WCAWFD65254052540","hxxp://www.sweet-page.com/?type=hp&ts=1395234093&from=slbnew&uid=WDCXWD5000AAKS-22V1A0_WD-WCAWFD65254052540","hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_6122d82720534cc28a7eaa44042bd4c5_39_1006_20140319_DE_cr_sp_sbinstall2"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default [2017-05-27]
CHR Extension: (Google Präsentationen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-27]
CHR Extension: (BetterTTV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-05-27]
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-27]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-27]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-27]
CHR Extension: (Google Tabellen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-27]
CHR Extension: (Kaspersky Protection) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-27]
CHR Extension: (Avira Browserschutz) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-05-27]
CHR Extension: (Google Docs Offline) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-27]
CHR Extension: (AdBlock) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-27]
CHR Extension: (Yahoo Partner) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-05-27]
CHR Extension: (LottaDeals) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigcbafcnfakaokfjaplokfbgmjldpfg [2017-05-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-27]
CHR Extension: (Weather Hub Pro) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajfkbekgfapaenbmngmilchlbejokcg [2017-05-27]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-27]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pajfkbekgfapaenbmngmilchlbejokcg] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-08-03] (EasyAntiCheat Ltd)
R2 ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2126448 2014-04-10] ()
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-12-31] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4035024 2015-03-10] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-12-31] () [Datei ist nicht signiert]
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704 2015-01-29] () [Datei ist nicht signiert]
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2249168 2015-03-10] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-12-31] () [Datei ist nicht signiert]
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2015-03-13] () [Datei ist nicht signiert]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; L:\Programme\Origin\OriginClientService.exe [2124296 2017-02-24] (Electronic Arts)
R2 Origin Web Helper Service; L:\Programme\Origin\OriginWebHelperService.exe [2185232 2017-02-24] (Electronic Arts)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [Datei ist nicht signiert]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-01-19] (Advanced Micro Devices)
S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-05-27] (CPUID)
R1 ESEADriver2; C:\Users\Pascal\AppData\Local\Temp\ESEADriver2.sys [330384 2017-04-21] () <==== ACHTUNG
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-30] (REALiX(tm))
S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [23936 2014-02-03] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-16] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-18] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-16] (AO Kaspersky Lab)
S1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-24] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-04-16] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-19] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-19] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-19] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45200 2016-02-16] (Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-27] (Malwarebytes)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [25088 2015-02-02] (SteelSeries ApS)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-06-24] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 aswbdisk; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 15:02 - 2017-05-27 15:02 - 00001381 _____ C:\Users\Pascal\Desktop\mbam.txt
2017-05-27 15:00 - 2017-05-27 15:00 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-27 15:00 - 2017-05-27 15:00 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-27 15:00 - 2017-05-27 15:00 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-27 14:59 - 2017-05-27 14:59 - 63364552 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-27 14:59 - 2017-05-27 14:59 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-27 14:59 - 2017-05-27 14:59 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-27 14:59 - 2017-05-27 14:59 - 00001926 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-27 14:59 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-27 14:58 - 2017-05-27 14:58 - 00000000 _____ C:\WINDOWS\cd_127
2017-05-27 14:57 - 2017-05-27 14:57 - 00566128 _____ (Malwarebytes) C:\Users\Pascal\Downloads\mbam-clean-2.3.0.1001.exe
2017-05-27 14:48 - 2017-05-27 14:48 - 04102600 _____ C:\Users\Pascal\Downloads\AdwCleaner_6.046.exe
2017-05-27 14:47 - 2017-05-27 14:53 - 00000000 ____D C:\AdwCleaner
2017-05-27 14:18 - 2017-05-27 14:29 - 00114264 _____ C:\TDSSKiller.3.1.0.15_27.05.2017_14.18.10_log.txt
2017-05-27 14:18 - 2017-05-27 14:18 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Pascal\Downloads\tdsskiller.exe
2017-05-27 14:13 - 2017-05-27 14:13 - 00061850 _____ C:\Users\Pascal\Downloads\Addition.txt
2017-05-27 14:12 - 2017-05-27 15:04 - 00033245 _____ C:\Users\Pascal\Downloads\FRST.txt
2017-05-27 14:12 - 2017-05-27 15:04 - 00000000 ____D C:\FRST
2017-05-27 14:12 - 2017-05-27 14:12 - 02429952 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2017-05-25 23:13 - 2017-05-25 23:13 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\424D3EFA.sys
2017-05-25 23:10 - 2017-05-25 23:10 - 22851472 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mbam-setup-2.2.1.1043.exe
2017-05-25 13:09 - 2017-05-25 13:09 - 00003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Pascal)
2017-05-24 12:19 - 2017-05-24 12:19 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-05-23 17:25 - 2017-05-23 17:25 - 00000212 _____ C:\Users\Pascal\Desktop\Rocket League.url
2017-05-23 14:14 - 2017-05-23 14:14 - 05545512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-05-23 14:13 - 2017-05-23 14:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-23 14:13 - 2017-05-23 14:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-23 14:13 - 2017-05-23 14:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-05-23 14:13 - 2017-05-23 14:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-05-23 13:27 - 2017-05-23 13:27 - 15721672 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.4.0.512).exe
2017-05-17 17:42 - 2017-05-17 17:42 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 17:42 - 2017-05-17 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 17:41 - 2017-05-23 14:14 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 13:11 - 2017-05-19 10:42 - 05222216 _____ C:\Users\Pascal\Desktop\Euthanasie.pptx
2017-05-13 15:37 - 2017-05-13 15:37 - 00000212 _____ C:\Users\Pascal\Desktop\DARK SOULS III.url
2017-05-12 20:05 - 2017-05-12 20:05 - 00000000 ____D C:\Users\Pascal\AppData\Local\Styx2
2017-05-11 22:25 - 2017-05-11 22:25 - 00000212 _____ C:\Users\Pascal\Desktop\Wallpaper Engine.url
2017-05-11 16:32 - 2017-05-11 16:32 - 19247873 _____ C:\Users\Pascal\Desktop\IrishBritish.mp4
2017-05-10 13:26 - 2017-04-19 08:12 - 00395226 __RSH C:\bootmgr
2017-05-10 13:26 - 2017-03-18 22:57 - 00000001 ___SH C:\BOOTNXT
2017-05-09 22:19 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-09 22:19 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-09 22:19 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 22:19 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 22:19 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 22:19 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 22:19 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 22:19 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 22:19 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 22:19 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 22:19 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 22:19 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 22:19 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 22:19 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 22:19 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 22:19 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 22:19 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 22:19 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 22:19 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 22:19 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 22:19 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 22:19 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 22:19 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 22:19 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 22:19 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 22:19 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 22:19 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 22:19 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 22:19 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 22:19 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-09 22:19 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-09 22:19 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-09 22:19 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-09 22:19 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-09 22:19 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-09 22:19 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-09 22:19 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-09 22:19 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-09 22:19 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-09 22:19 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-09 22:19 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-09 22:19 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-09 22:19 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-09 22:19 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-09 22:19 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-09 22:19 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-09 22:19 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-09 22:19 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-09 22:19 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-09 22:19 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-09 22:19 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-09 22:19 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-09 22:18 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 22:18 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 22:18 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 22:18 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 22:18 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 22:18 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 22:18 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 22:18 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 22:18 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 22:18 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 22:18 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 22:18 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 22:18 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 22:18 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 22:18 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 22:18 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 22:18 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 22:18 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 22:18 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 22:18 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 22:18 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 22:18 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 22:18 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 22:18 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 22:18 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 22:18 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 22:18 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 22:18 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 22:18 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 22:18 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 22:18 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 22:18 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 22:18 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 22:18 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 22:18 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 22:18 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 22:18 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 22:18 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 22:18 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 22:18 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 22:18 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 22:18 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 22:18 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 22:18 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 22:18 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 22:18 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 22:18 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 22:18 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 22:18 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 22:18 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 22:18 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 22:18 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 22:18 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 22:18 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 22:18 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 22:18 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 22:18 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 22:18 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 22:18 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 22:18 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 22:18 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 22:18 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-09 22:18 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-09 22:18 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-09 22:18 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-09 22:18 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-09 22:18 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-09 22:18 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-09 22:18 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-09 22:18 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-09 22:18 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-09 22:18 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-09 22:18 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-09 22:18 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-09 22:18 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-09 22:18 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-09 22:18 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-09 22:18 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-09 22:18 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-09 22:18 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-09 22:18 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-09 22:18 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-09 22:18 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-09 22:18 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-09 22:18 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-09 22:18 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-09 22:18 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-09 22:18 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-09 22:18 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-09 22:18 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-09 22:18 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-09 22:18 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-09 22:18 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-09 22:18 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-09 22:18 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-09 22:18 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-09 22:18 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-09 22:18 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-09 22:18 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-09 22:18 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-09 22:18 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-09 22:18 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-09 22:18 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-09 22:18 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-09 22:18 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-09 22:18 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-09 22:18 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-09 22:18 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-09 22:18 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-09 22:18 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-09 22:18 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-09 22:18 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-09 22:18 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-09 22:18 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-09 22:18 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-09 22:18 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-09 22:18 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-09 22:18 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-09 22:18 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-09 22:18 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-09 22:18 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-09 22:18 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-09 22:18 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-09 22:18 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-09 22:11 - 2017-05-09 22:11 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-05-09 22:11 - 2017-05-09 22:11 - 00001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-05-09 22:10 - 2017-05-09 22:11 - 00000000 ____D C:\Program Files (x86)\Windows Live
2017-05-09 22:10 - 2017-05-09 22:10 - 26689458 _____ (videowinsoft.com ) C:\Users\Pascal\Downloads\windows-movie-maker-2016.exe
2017-05-09 22:10 - 2017-05-09 22:10 - 00001317 _____ C:\Users\Public\Desktop\Windows Movie Maker.lnk
2017-05-09 22:10 - 2017-05-09 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2017-05-09 22:08 - 2017-05-09 22:08 - 00000000 ____D C:\Program Files (x86)\LottaDeals
2017-05-09 22:07 - 2017-05-09 22:12 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-09 22:07 - 2017-05-09 22:07 - 00000000 ____D C:\Program Files (x86)\WeatherHubPro
2017-05-09 21:50 - 2017-05-09 22:14 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\obs-studio
2017-05-09 17:45 - 2017-03-17 22:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-05-09 17:45 - 2017-03-17 21:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-05-09 17:45 - 2017-03-17 21:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-05-09 17:45 - 2017-03-17 21:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-05-09 17:45 - 2017-03-17 21:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-05-09 17:44 - 2017-05-09 17:44 - 00001053 _____ C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-09 17:40 - 2017-05-18 09:29 - 22120924 _____ C:\Users\Pascal\Desktop\Irelandpres.pptx
2017-05-09 16:10 - 2017-05-09 16:10 - 00000977 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-05-09 16:10 - 2017-05-09 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-05-09 16:08 - 2017-05-09 16:08 - 113034688 _____ (obsproject.com) C:\Users\Pascal\Downloads\OBS-Studio-18.0.1-Full-Installer.exe
2017-05-09 13:54 - 2017-05-09 13:54 - 00000000 ____D C:\Users\Pascal\Desktop\Stuff
2017-05-06 09:45 - 2017-05-06 09:47 - 00000000 ____D C:\Users\Pascal\Desktop\SPIELE ORDNER
2017-05-05 21:02 - 2017-05-05 21:02 - 00659456 _____ C:\Users\Pascal\Downloads\DualMonitorTools-2.5.msi
2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor Tools
2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\Program Files (x86)\Dual Monitor Tools
2017-05-05 18:52 - 2017-05-05 18:52 - 00000212 _____ C:\Users\Pascal\Desktop\Prey.url
2017-05-05 17:05 - 2017-05-05 17:05 - 00000212 _____ C:\Users\Pascal\Desktop\Styx Shards of Darkness.url
2017-05-05 16:28 - 2017-05-22 18:12 - 00000000 ___RD C:\Users\Pascal\Desktop\FiveM
2017-05-05 16:28 - 2017-05-05 16:28 - 00000000 ____D C:\Users\Pascal\Downloads\FiveM.app
2017-05-05 13:23 - 2017-05-27 12:09 - 00000080 _____ C:\Users\Pascal\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2017-05-04 21:51 - 2017-05-04 21:51 - 09390672 _____ (Piriform Ltd) C:\Users\Pascal\Downloads\ccsetup529.exe
2017-05-04 16:05 - 2017-05-04 18:17 - 41294497 _____ C:\Users\Pascal\Downloads\Flechten Daid (2).pptx
2017-05-02 20:42 - 2017-05-02 20:42 - 00000212 _____ C:\Users\Pascal\Desktop\Little Nightmares.url
2017-05-02 19:00 - 2017-05-02 19:00 - 00000736 _____ C:\Users\Pascal\Desktop\GTA Network.lnk
2017-05-02 18:59 - 2017-05-02 19:00 - 69323802 _____ C:\Users\Pascal\Downloads\GTANSetup.zip
2017-05-02 14:29 - 2017-05-02 14:29 - 06282638 _____ C:\Users\Pascal\Downloads\soehandling.zip
2017-04-29 18:08 - 2017-04-29 18:08 - 00000000 ____D C:\Users\Pascal\AppData\LocalLow\Kyle Champ
2017-04-29 18:06 - 2017-04-29 18:06 - 00000212 _____ C:\Users\Pascal\Desktop\ShellShock Live.url
2017-04-28 21:47 - 2017-04-28 21:47 - 17866872 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.3.0.504).exe
2017-04-27 08:42 - 2017-04-27 08:42 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Google

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 14:58 - 2017-04-18 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-27 14:58 - 2017-04-18 15:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-27 14:58 - 2017-04-18 15:28 - 00000000 ____D C:\Users\Pascal
2017-05-27 14:58 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-05-27 14:58 - 2016-01-06 13:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-05-27 14:53 - 2015-12-30 21:42 - 00000000 ____D C:\ProgramData\IObit
2017-05-27 14:51 - 2017-04-18 15:35 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8DB2EA9F-FDA0-4CD1-B8F0-3B7DEF1B6AB2}
2017-05-27 14:48 - 2014-09-05 23:07 - 00000000 ____D C:\Users\Pascal\AppData\Local\Spotify
2017-05-27 14:45 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-27 14:06 - 2014-09-05 23:06 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Spotify
2017-05-27 10:47 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 10:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 00:11 - 2014-09-05 17:20 - 00000000 ____D C:\Users\Pascal\AppData\Local\Packages
2017-05-25 20:10 - 2015-12-30 21:43 - 00000000 ____D C:\ProgramData\ProductData
2017-05-25 14:00 - 2014-09-05 20:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\TS3Client
2017-05-25 10:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-25 10:09 - 2014-09-05 17:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-25 09:53 - 2016-03-21 19:39 - 00000000 ____D C:\ProgramData\PDF Architect 4
2017-05-23 18:56 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-05-23 18:28 - 2014-09-07 18:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 18:26 - 2014-09-07 18:23 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 14:16 - 2017-04-18 15:40 - 02223946 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-23 14:16 - 2017-03-20 06:41 - 01002792 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-23 14:16 - 2017-03-20 06:41 - 00219952 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-23 14:14 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-23 14:14 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 17:42 - 2017-04-18 15:28 - 00000000 ____D C:\Program Files\AMD
2017-05-17 17:42 - 2015-12-30 21:26 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-05-17 17:41 - 2016-09-16 17:37 - 00000000 ____D C:\AMD
2017-05-16 12:33 - 2017-01-04 19:34 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 12:33 - 2017-01-04 19:34 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-13 15:37 - 2014-12-27 01:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-11 22:26 - 2015-07-29 16:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-11 18:58 - 2014-10-06 09:10 - 00000000 ____D C:\Users\Pascal\AppData\Local\ElevatedDiagnostics
2017-05-11 15:45 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-10 18:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 13:27 - 2016-11-20 23:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 13:26 - 2017-04-18 15:27 - 00391832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 23:26 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-09 22:12 - 2016-11-20 12:40 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-09 17:45 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-05-09 16:02 - 2017-04-18 15:35 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-05 21:03 - 2016-06-17 23:19 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Dual Monitor Tools
2017-05-05 20:49 - 2016-06-25 11:44 - 00000000 ____D C:\Users\Pascal\AppData\Local\UnrealEngine
2017-05-04 21:51 - 2015-02-15 13:33 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-05-03 21:21 - 2015-03-29 11:59 - 00000000 ____D C:\Users\Pascal\Desktop\Schulsachen
2017-05-03 20:30 - 2017-04-18 16:25 - 00000000 ____D C:\Windows.old
2017-05-02 10:40 - 2017-04-17 15:17 - 00000000 ____D C:\Users\Pascal\AppData\Local\FiveM
2017-04-30 16:24 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-29 00:27 - 2017-04-18 15:35 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 00:27 - 2017-04-18 15:35 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-19 23:07 - 2015-01-08 22:51 - 0001470 _____ () C:\Users\Pascal\AppData\Roaming\SpeedRunnersLog.txt
2015-06-06 19:02 - 2015-06-06 19:02 - 0001457 _____ () C:\Users\Pascal\AppData\Local\recently-used.xbel
2015-09-05 23:10 - 2015-09-05 23:10 - 0007602 _____ () C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
2014-11-03 17:59 - 2014-11-03 18:01 - 0000000 _____ () C:\Users\Pascal\AppData\Local\{D225EC80-495D-4D31-93CB-8D9B23232D0F}

Einige Dateien in TEMP:
====================
2017-04-21 15:30 - 2017-04-21 15:30 - 0739904 _____ (Oracle Corporation) C:\Users\Pascal\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-17 18:51

==================== Ende von FRST.txt ============================

--- --- ---

Seehmer · 27.05.2017, 14:07

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Pascal (27-05-2017 15:04:49)
Gestartet von C:\Users\Pascal\Downloads
Windows 10 Pro Version 1703 (X64) (2017-04-18 13:38:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1229423121-489186376-597309758-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1229423121-489186376-597309758-503 - Limited - Disabled)
Gast (S-1-5-21-1229423121-489186376-597309758-501 - Limited - Disabled)
Pascal (S-1-5-21-1229423121-489186376-597309758-1001 - Administrator - Enabled) => C:\Users\Pascal

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
AMD Catalyst Install Manager (HKLM\...\{BFA7FEF1-18FF-A9BF-560B-8243CF14C689}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Arena of Fate (HKLM-x32\...\{3692304C-EFBB-4181-B75C-6A477A2B8708}) (Version: 1.0.0 - Crytek GmbH)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crossout Launcher 1.0.0.18 (HKLM-x32\...\CrossOutLauncher_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.27.80.1020 - Electronic Arts Inc.)
Discord (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)
Dropbox (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dual Monitor Tools (HKLM-x32\...\{0DAA6DDB-DE54-4687-ADDE-B4CA1C74E0C3}) (Version: 2.5.0.0 - GNE)
ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.7 - MSI)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.1 - MSI)
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Golf It! (HKLM\...\Steam App 571740) (Version:  - Perfuse Entertainment)
GooCubelets (HKLM\...\Steam App 397620) (Version:  - Zonitron Productions)
GooCubelets 2 (HKLM\...\Steam App 416270) (Version:  - Zonitron Productions)
GooCubelets: The Algoorithm (HKLM\...\Steam App 431270) (Version:  - Zonitron Productions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Heart's Medicine - Time to Heal (HKLM\...\Steam App 494230) (Version:  - Blue Giraffe)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
League client alpha (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Little Nightmares (HKLM\...\Steam App 424840) (Version:  - Tarsier Studios)
Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.004 - MSI)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.93 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 2.0.0.10 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
Punch Club (HKLM\...\Steam App 394310) (Version:  - Lazy Bear Games)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH)
ROCCAT Swarm (x32 Version: 1.92.00 - ROCCAT GmbH) Hidden
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505200853 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
Styx: Shards of Darkness (HKLM\...\Steam App 355790) (Version:  - Cyanide Studio)
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Curious Expedition (HKLM\...\Steam App 358130) (Version:  - Maschinen-Mensch)
Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Wallpaper Engine (HKLM\...\Steam App 431960) (Version:  - Kristjan Skutta)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03CB350A-E21F-45F5-8671-56732C904458} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {16C347D8-5B7E-4602-9732-D46C9359BE15} - System32\Tasks\{A4442B86-8DBB-43F9-9E34-477D9C82A120} => pcalua.exe -a L:\Programme\MobileGo\unins000.exe -c /WAF
Task: {189B50CD-385D-491E-9DF3-B29B2A3EE1D0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {21616791-3E35-4F9F-80EF-6E707F6B05DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {22559DAC-7EAE-454F-81AC-FCFD33C54634} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {245ED3C0-7034-4771-A3DE-33C21655F235} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {24D71ADF-73EE-409F-B82E-300BE94481C3} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {35464B03-40BA-4942-B7C5-DC917F3E6609} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()
Task: {44F89B89-89C6-450B-92F5-4B08E5F3A493} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {4884CAC8-FF7A-445E-9FA5-FEEEB0920564} - System32\Tasks\Driver Booster SkipUAC (Pascal) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe 
Task: {4AE08037-CE95-4548-8EEA-D741748D41FF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {540A65DC-9162-41B6-8E2B-A0F1AA99695E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {580507F1-F02A-4C81-8E21-855C71C9AE41} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {75B89EE9-D3F7-4F20-96B4-CB44DEEA5D05} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8F907EAD-9E04-4860-94F2-1D220B66B66B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9A5D4BB8-78FB-4736-AEE0-64C4A3C6A742} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-25] (Microsoft Corporation)
Task: {A1209673-C3B4-4AB1-B241-867A25909B1A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A1AD0BAA-2A71-4917-AF99-AC11C04CF583} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A3E1769C-9628-44F7-8B8F-001CB7832B78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A83F9266-054C-49E2-9D20-726078B9463B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {A912C1A7-DEA3-4EE3-AEB0-6622D9890796} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {ABA178A7-82F6-4234-97E2-61A8E8B075A1} - System32\Tasks\Uninstaller_SkipUac_Pascal => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe 
Task: {AD8B3F2E-0A7A-45FA-8ABA-01CA8C7498AF} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Users/Pascal/Downloads/SWARM_v19201 
Task: {AF0CB8C2-0473-4589-8AA9-F77D23E1F8D3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF46780E-A4F9-4D44-B519-9A0E789313BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BF789F40-CB07-4D5D-A681-FA23DBCFE793} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {CAEFF53C-82ED-4FAE-B0B5-C1FD098178AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {CF1B5F07-D8FD-474A-986A-9BB094F29257} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2016-12-04] (Advanced Micro Devices, Inc.)
Task: {D5E9C7EC-9FAA-4838-97A6-ED3632206EC0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DEB58E5E-D945-4881-82C3-5DA0C310D0C3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {E31756E6-D0CB-4374-B048-4DCE3D9D5C6B} - \WPD\SqmUpload_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {EC04A89D-63D7-4D05-83EC-6D3D7026E41A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {F3B6B55A-9C8D-44DF-A7EC-5BFF474CA071} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F58CD541-A9C8-41DC-84C2-99005E759A57} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FD9D0019-4A1A-4493-8CB9-6B72C3E8BE15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()
Task: {FDFC500C-A949-41B1-B00B-0FA45AB5FC16} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1229423121-489186376-597309758-1001Core1d25e21afe2fdbd.job => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arena of Fate\Repair Arena of Fate.lnk -> L:\Programme\repair\repair.bat ()

ShortcutWithArgument: C:\Users\Pascal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8879236057a5818c\Steam inventory helper.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cmeakgjggjdlcpncigglobpjbkabhmjl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-25 22:03 - 2014-04-10 14:57 - 02126448 _____ () C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
2015-03-25 22:46 - 2015-01-29 14:41 - 01992704 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-16 12:33 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-16 12:33 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2015-03-25 21:44 - 2014-02-21 12:21 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2015-03-25 21:44 - 2014-02-21 12:19 - 00366080 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2017-05-27 14:59 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 01899008 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-11-21 15:51 - 2016-06-21 20:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-11-21 15:51 - 2016-06-21 20:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-11-21 15:51 - 2016-06-21 20:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-02-24 19:35 - 2017-02-24 19:35 - 02493440 _____ () L:\Programme\Origin\libGLESv2.dll
2014-10-23 19:27 - 2014-10-23 19:27 - 00119822 _____ () L:\Programme\libgcc_s_dw2-1.dll
2015-12-29 07:25 - 2015-12-29 07:25 - 01540622 _____ () L:\Programme\libstdc++-6.dll
2014-02-19 19:51 - 2014-02-19 19:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal\Pictures\Epicnice.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Overwolf => "c:\program files (x86)\overwolf\overwolflauncher.exe" -overwolfsilent
MSCONFIG\startupreg: RoccatIskuFX => "l:\programme\iskufxmonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "RaidCall"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Duden Korrektor SysTray"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "WallpaperEngine"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{A170B425-8091-46BF-B73A-65DD1061A1EE}L:\programme\roccat_swarm_monitor.exe] => (Block) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{288663AB-AB6D-4F76-A98E-EEF0188C65F8}L:\programme\roccat_swarm_monitor.exe] => (Block) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{52D427B7-2BFE-424D-88A5-BCC6FFD5B3FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{21F4A2E2-8C1E-452D-B283-74A8E0122BB2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{95BC90B8-62CE-475A-B696-5F40702F5744}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{82B95E73-1546-4F84-9A1C-ECD7331AB4D9}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 02:59:03 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6188.LOG enthalten.

Error: (05/27/2017 02:57:57 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6f82.LOG enthalten.

Error: (05/27/2017 02:54:33 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI84fe.LOG enthalten.

Error: (05/27/2017 02:01:54 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6085.LOG enthalten.

Error: (05/27/2017 11:03:14 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6084.LOG enthalten.

Error: (05/27/2017 12:06:29 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6083.LOG enthalten.

Error: (05/26/2017 10:04:17 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6082.LOG enthalten.

Error: (05/26/2017 07:23:25 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6081.LOG enthalten.

Error: (05/26/2017 05:50:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PASCAL)
Description: Das Paket „Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (05/26/2017 05:21:20 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6080.LOG enthalten.


Systemfehler:
=============
Error: (05/27/2017 02:59:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/27/2017 02:59:02 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (05/27/2017 02:58:53 PM) (Source: DCOM) (EventID: 10016) (User: PASCAL)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "pascal\Pascal" (SID: S-1-5-21-1229423121-489186376-597309758-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 02:58:42 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (05/27/2017 02:58:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/27/2017 02:57:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/27/2017 02:57:56 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (05/27/2017 02:57:33 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (05/27/2017 02:57:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/27/2017 02:54:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.


CodeIntegrity:
===================================
  Date: 2017-05-25 23:14:50.474
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-25 23:14:50.468
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-25 23:14:50.465
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-09 22:06:25.323
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-09 16:08:08.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 15:44:05.912
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8143.77 MB
Verfügbarer physikalischer RAM: 4932.05 MB
Summe virtueller Speicher: 11343.77 MB
Verfügbarer virtueller Speicher: 7833.64 MB

==================== Laufwerke ================================

Drive c: (Origin) (Fixed) (Total:111.35 GB) (Free:32.86 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive h: (Data1) (Fixed) (Total:139.73 GB) (Free:139.62 GB) NTFS
Drive j: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive l: (Data2) (Fixed) (Total:465.66 GB) (Free:145.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 28BDBFA2)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CDF8897F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 139.7 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=139.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

M-K-D-B · 27.05.2017, 14:11

Servus,

Schritt 1

Deinstalliere Google Chrome über die Systemsteuerung. (Bebilderte Anleitung)
Setze bei der Deinstallation auch einen Haken vor Auch die Browserdaten löschen (oder so ähnlich).
Starte den Rechner im Anschluss neu auf.
Installiere Google Chrome neu (falls benötigt). Keine Erweiterungen/Plugins installieren und nicht mit einem evtl. vorhandenen Konto verbinden/synchronisieren.

Schritt 2

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
Task: {22559DAC-7EAE-454F-81AC-FCFD33C54634} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {44F89B89-89C6-450B-92F5-4B08E5F3A493} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F907EAD-9E04-4860-94F2-1D220B66B66B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A1209673-C3B4-4AB1-B241-867A25909B1A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A1AD0BAA-2A71-4917-AF99-AC11C04CF583} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A3E1769C-9628-44F7-8B8F-001CB7832B78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AF0CB8C2-0473-4589-8AA9-F77D23E1F8D3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF46780E-A4F9-4D44-B519-9A0E789313BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D5E9C7EC-9FAA-4838-97A6-ED3632206EC0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E31756E6-D0CB-4374-B048-4DCE3D9D5C6B} - \WPD\SqmUpload_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {F3B6B55A-9C8D-44DF-A7EC-5BFF474CA071} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F58CD541-A9C8-41DC-84C2-99005E759A57} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Seehmer · 27.05.2017, 14:51

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Pascal (27-05-2017 15:44:27) Run:1
Gestartet von C:\Users\Pascal\Downloads
Geladene Profile: Pascal (Verfügbare Profile: Pascal)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
Task: {22559DAC-7EAE-454F-81AC-FCFD33C54634} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {44F89B89-89C6-450B-92F5-4B08E5F3A493} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F907EAD-9E04-4860-94F2-1D220B66B66B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A1209673-C3B4-4AB1-B241-867A25909B1A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A1AD0BAA-2A71-4917-AF99-AC11C04CF583} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A3E1769C-9628-44F7-8B8F-001CB7832B78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AF0CB8C2-0473-4589-8AA9-F77D23E1F8D3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF46780E-A4F9-4D44-B519-9A0E789313BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D5E9C7EC-9FAA-4838-97A6-ED3632206EC0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E31756E6-D0CB-4374-B048-4DCE3D9D5C6B} - \WPD\SqmUpload_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {F3B6B55A-9C8D-44DF-A7EC-5BFF474CA071} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {F58CD541-A9C8-41DC-84C2-99005E759A57} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22559DAC-7EAE-454F-81AC-FCFD33C54634} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22559DAC-7EAE-454F-81AC-FCFD33C54634} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44F89B89-89C6-450B-92F5-4B08E5F3A493} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44F89B89-89C6-450B-92F5-4B08E5F3A493} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F907EAD-9E04-4860-94F2-1D220B66B66B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F907EAD-9E04-4860-94F2-1D220B66B66B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1209673-C3B4-4AB1-B241-867A25909B1A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1209673-C3B4-4AB1-B241-867A25909B1A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1AD0BAA-2A71-4917-AF99-AC11C04CF583} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1AD0BAA-2A71-4917-AF99-AC11C04CF583} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3E1769C-9628-44F7-8B8F-001CB7832B78} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3E1769C-9628-44F7-8B8F-001CB7832B78} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF0CB8C2-0473-4589-8AA9-F77D23E1F8D3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF0CB8C2-0473-4589-8AA9-F77D23E1F8D3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF46780E-A4F9-4D44-B519-9A0E789313BC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF46780E-A4F9-4D44-B519-9A0E789313BC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5E9C7EC-9FAA-4838-97A6-ED3632206EC0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5E9C7EC-9FAA-4838-97A6-ED3632206EC0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E31756E6-D0CB-4374-B048-4DCE3D9D5C6B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E31756E6-D0CB-4374-B048-4DCE3D9D5C6B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1229423121-489186376-597309758-1001 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3B6B55A-9C8D-44DF-A7EC-5BFF474CA071} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3B6B55A-9C8D-44DF-A7EC-5BFF474CA071} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F58CD541-A9C8-41DC-84C2-99005E759A57} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F58CD541-A9C8-41DC-84C2-99005E759A57} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt

========= dir "%ProgramFiles%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Program Files

27.05.2017 14:59 <DIR> .
27.05.2017 14:59 <DIR> ..
25.03.2015 23:31 <DIR> 7-Zip
17.05.2017 17:42 <DIR> AMD
03.01.2015 01:29 <DIR> Bonjour
07.09.2015 19:01 <DIR> CCleaner
18.04.2017 15:30 <DIR> Common Files
25.03.2015 23:43 <DIR> Core Temp
06.06.2015 18:57 <DIR> GIMP 2
18.04.2017 15:30 <DIR> Intel
20.03.2017 06:41 <DIR> Internet Explorer
27.05.2017 14:59 <DIR> Malwarebytes
28.03.2015 21:24 <DIR> Microsoft Mouse and Keyboard Center
04.12.2015 15:57 <DIR> Microsoft Office 15
17.04.2017 10:10 <DIR> Microsoft Silverlight
25.03.2015 22:03 <DIR> Microsoft SQL Server Compact Edition
25.03.2015 22:03 <DIR> Microsoft Synchronization Services
20.11.2015 18:41 <DIR> mmpicker
19.09.2016 19:32 <DIR> Mozilla Firefox
18.04.2017 16:23 <DIR> MSBuild
29.07.2015 16:13 <DIR> NVIDIA Corporation
16.09.2016 18:21 <DIR> OBS
25.03.2015 21:40 <DIR> Qualcomm Atheros
18.04.2017 15:27 <DIR> Realtek
18.04.2017 16:23 <DIR> Reference Assemblies
17.04.2017 10:31 <DIR> Rockstar Games
30.12.2015 16:38 <DIR> SteelSeries
24.06.2016 16:44 <DIR> TAP-Windows
17.04.2017 15:20 <DIR> UNP
20.03.2017 06:41 <DIR> Windows Defender
20.03.2017 06:43 <DIR> Windows Defender Advanced Threat Protection
18.04.2017 15:30 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.04.2017 15:37 <DIR> Windows NT
09.05.2017 23:26 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
18.03.2017 23:03 <DIR> WindowsPowerShell
30.06.2015 18:51 <DIR> WinRAR
0 Datei(en), 0 Bytes
40 Verzeichnis(se), 36.810.354.688 Bytes frei

========= Ende von CMD: =========

========= dir "%ProgramFiles(x86)%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Program Files (x86)

25.05.2017 20:10 <DIR> .
25.05.2017 20:10 <DIR> ..
08.10.2015 17:57 <DIR> AGEIA Technologies
06.12.2015 22:05 <DIR> AMD
17.05.2017 17:42 <DIR> ATI Technologies
24.12.2016 22:49 <DIR> AVG
03.09.2015 20:47 <DIR> Avira
03.01.2015 01:29 <DIR> Bonjour
25.05.2017 10:09 <DIR> Common Files
25.03.2015 23:14 <DIR> Creative
05.05.2017 21:02 <DIR> Dual Monitor Tools
27.05.2017 15:42 <DIR> Google
17.05.2015 21:44 <DIR> GUM67CA.tmp
31.08.2015 14:54 <DIR> GUM71AF.tmp
16.07.2015 08:49 <DIR> GUM7DFB.tmp
25.03.2015 22:03 <DIR> Intel
20.03.2017 06:41 <DIR> Internet Explorer
19.01.2017 11:52 <DIR> IObit
21.04.2017 15:31 <DIR> Java
20.11.2016 12:41 <DIR> Kaspersky Lab
27.12.2016 17:47 <DIR> Lenovo
09.05.2017 22:08 <DIR> LottaDeals
25.05.2017 10:09 <DIR> Microsoft Office
17.04.2017 10:10 <DIR> Microsoft Silverlight
25.03.2015 22:03 <DIR> Microsoft SQL Server Compact Edition
25.03.2015 22:03 <DIR> Microsoft Synchronization Services
19.09.2014 23:07 <DIR> Microsoft XNA
18.04.2017 15:30 <DIR> Microsoft.NET
26.06.2015 23:37 <DIR> MKJogo
19.09.2016 19:32 <DIR> Mozilla Maintenance Service
18.04.2017 16:23 <DIR> MSBuild
25.03.2015 22:46 <DIR> MSI
16.09.2016 18:22 <DIR> NCWest
08.10.2015 17:57 <DIR> NVIDIA Corporation
16.09.2016 18:21 <DIR> OBS
05.09.2014 19:22 <DIR> Pando Networks
16.09.2016 17:43 <DIR> Raptr Inc
25.03.2015 21:41 <DIR> Realtek
18.04.2017 16:23 <DIR> Reference Assemblies
17.04.2017 10:31 <DIR> Rockstar Games
25.05.2015 10:06 <DIR> Sony
25.05.2015 11:15 <DIR> Sony Mobile
25.03.2015 22:03 <DIR> SplitMediaLabs
24.12.2016 20:53 <DIR> UltimateShoppingSearch
20.12.2016 13:46 <DIR> VulkanRT
09.05.2017 22:07 <DIR> WeatherHubPro
20.03.2017 06:41 <DIR> Windows Defender
09.05.2017 22:11 <DIR> Windows Live
18.04.2017 15:30 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
09.05.2017 23:26 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> WindowsPowerShell
03.09.2016 18:06 <DIR> Wondershare
0 Datei(en), 0 Bytes
56 Verzeichnis(se), 36.810.297.344 Bytes frei

========= Ende von CMD: =========

========= dir "%ProgramData%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\ProgramData

18.12.2016 14:26 <DIR> .mono
20.12.2016 13:45 <DIR> AMD
03.01.2015 01:29 <DIR> Apple
25.01.2016 19:59 <DIR> ATI
09.05.2017 22:12 <DIR> AVAST Software
24.12.2016 22:49 <DIR> Avg
03.09.2015 20:47 <DIR> Avira
18.04.2016 19:34 <DIR> Battle.net
17.12.2014 17:02 <DIR> Blizzard Entertainment
12.09.2014 15:02 <DIR> Bohemia Interactive
05.11.2015 22:41 <DIR> BSNova
07.09.2015 19:13 <DIR> Codemasters
16.07.2016 13:47 <DIR> Comms
25.03.2015 21:44 <DIR> Creative
25.03.2015 21:40 <DIR> Downloaded Installations
18.08.2015 23:49 <DIR> Dropbox
30.11.2016 20:00 <DIR> Duden
25.02.2017 13:30 <DIR> Electronic Arts
24.06.2016 13:24 <DIR> F-Secure
22.09.2016 09:07 <DIR> GameHouse
25.03.2015 22:42 <DIR> Intel
01.09.2015 16:33 <DIR> Intel Application Pairing
27.05.2017 14:53 <DIR> IObit
27.05.2017 15:43 <DIR> Kaspersky Lab
03.01.2015 01:29 <DIR> LogiShrd
19.10.2014 14:08 <DIR> LogMeIn
27.05.2017 14:59 <DIR> Malwarebytes
18.12.2014 19:45 <DIR> McAfee
18.04.2017 15:45 <DIR> Microsoft OneDrive
01.09.2015 16:41 <DIR> Movavi
24.05.2015 18:41 <DIR> Movavi Photo Editor 2
23.06.2015 15:35 <DIR> Movavi Photo Editor 3
05.09.2014 17:14 <DIR> NVIDIA
05.09.2014 17:14 <DIR> NVIDIA Corporation
21.04.2017 16:26 <DIR> Oracle
27.02.2017 17:51 <DIR> Origin
11.05.2017 22:26 <DIR> Package Cache
25.05.2017 09:53 <DIR> PDF Architect 4
21.03.2016 19:41 <DIR> pdfforge
25.05.2017 20:10 <DIR> ProductData
25.03.2015 21:41 <DIR> Qualcomm
25.05.2017 10:09 <DIR> regid.1991-06.com.microsoft
05.09.2014 19:27 <DIR> Riot Games
13.09.2014 23:53 <DIR> SIX Networks
19.10.2016 14:48 <DIR> Skype
18.03.2017 23:03 <DIR> SoftwareDistribution
25.05.2015 10:06 <DIR> Sony
25.05.2015 11:15 <DIR> Sony Mobile
25.07.2015 10:38 <DIR> SplitMediaLabs
14.12.2014 12:48 <DIR> SteelSeries
19.10.2014 12:39 <DIR> Sun
31.03.2016 11:26 <DIR> TrackmaniaTurbo
18.04.2017 15:43 <DIR> USOPrivate
18.04.2017 15:43 <DIR> USOShared
13.10.2015 18:16 <DIR> WEBZEN
20.03.2017 06:43 <DIR> WindowsHolographicDevices
03.09.2016 18:06 <DIR> wondershare
21.11.2016 15:51 <DIR> {74E9F814-C737-42CC-B721-DBBC4059367A}
0 Datei(en), 0 Bytes
58 Verzeichnis(se), 36.810.235.904 Bytes frei

========= Ende von CMD: =========

========= dir "%Appdata%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Users\Pascal\AppData\Roaming

27.05.2017 14:53 <DIR> .
27.05.2017 14:53 <DIR> ..
08.04.2016 12:01 <DIR> .minecraft
18.12.2016 14:26 <DIR> .mono
19.10.2014 12:40 <DIR> .technic
04.12.2015 11:35 <DIR> 54F4B45A-EA25-49F3-B3E2-B9D182F3F8B5
05.09.2014 17:20 <DIR> Adobe
25.03.2015 23:32 <DIR> AMD
04.09.2015 19:44 <DIR> Apple Computer
25.03.2015 22:00 <DIR> ATI
24.12.2016 20:55 <DIR> AVG
24.01.2016 12:41 <DIR> Awesomium
27.12.2016 17:55 <DIR> Battle.net
16.09.2016 18:22 <DIR> BSNova
17.04.2017 15:55 <DIR> CitizenFX
14.05.2015 17:26 <DIR> com.playsaurus.heroclicker
03.04.2017 13:12 <DIR> discord
15.01.2016 23:56 <DIR> dlg
25.12.2016 11:07 <DIR> Dropbox
05.05.2017 21:03 <DIR> Dual Monitor Tools
07.09.2014 01:04 <DIR> Duden
30.12.2015 22:00 <DIR> Fighters
19.01.2016 18:57 <DIR> FileZilla
10.11.2016 11:04 <DIR> Frontier Developments
22.09.2016 09:07 <DIR> GameHouse
24.06.2016 12:47 <DIR> globalip
27.04.2017 08:42 <DIR> Google
07.12.2014 14:48 <DIR> GT
16.12.2014 16:31 <DIR> Guild Wars 2
03.09.2016 18:06 <DIR> HMYGSetting
25.03.2015 23:13 <DIR> Identities
30.11.2016 21:12 <DIR> IObit
06.04.2015 00:13 <DIR> java
16.09.2016 17:43 <DIR> library_dir
29.12.2014 22:15 <DIR> Logishrd
29.12.2014 22:15 <DIR> Logitech
30.09.2015 18:45 <DIR> LolClient
30.03.2016 23:42 <DIR> LolScreenSaver
05.09.2014 20:48 <DIR> Macromedia
25.03.2015 23:32 <DIR> MAXON
16.09.2016 22:21 <DIR> Mozilla
19.10.2014 12:44 <DIR> NVIDIA
09.05.2017 22:14 <DIR> obs-studio
31.08.2015 20:22 <DIR> Octoshape
27.02.2017 17:50 <DIR> Origin
22.08.2016 12:48 <DIR> PDF Architect 4
25.04.2015 21:41 <DIR> raidcall
30.11.2016 20:05 <DIR> Riot Games
13.04.2015 19:59 <DIR> Screaming Bee
13.09.2014 23:53 <DIR> SIX Networks
30.04.2016 13:39 <DIR> Skype
10.04.2016 12:54 <DIR> SmartSteamEmu
08.01.2015 22:51 1.470 SpeedRunnersLog.txt
27.05.2017 14:06 <DIR> Spotify
08.04.2016 10:42 <DIR> StardewValley
20.08.2015 21:40 <DIR> Sun
28.07.2015 20:16 <DIR> TeamViewer
22.03.2016 22:14 <DIR> TechSmith
06.09.2016 14:35 <DIR> The Curious Expedition
01.05.2015 14:25 <DIR> Toastify
25.12.2016 22:06 <DIR> TownOfSalem
25.05.2017 14:00 <DIR> TS3Client
24.06.2016 13:25 <DIR> TunnelBear
30.06.2015 18:51 <DIR> WinRAR
17.09.2016 13:45 <DIR> Wondershare
22.05.2015 23:22 <DIR> XGen Studios, Inc
16.09.2016 22:20 <DIR> {20C5167E-0597-7B08-6EA1-5CDAB273A1E4}
1 Datei(en), 1.470 Bytes
66 Verzeichnis(se), 36.810.174.464 Bytes frei

========= Ende von CMD: =========

========= dir "%LocalAppdata%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Users\Pascal\AppData\Local

27.05.2017 14:53 <DIR> .
27.05.2017 14:53 <DIR> ..
16.09.2016 18:17 <DIR> AMD
04.09.2015 19:44 <DIR> aof
04.09.2015 19:44 <DIR> Apple Computer
21.02.2016 16:12 <DIR> Apps
24.05.2015 00:12 <DIR> Arma 3
24.05.2015 00:11 <DIR> Arma 3 Launcher
25.03.2015 22:00 <DIR> ATI
15.01.2016 23:54 <DIR> Avg
24.12.2016 22:49 <DIR> AvgSetupLog
14.05.2015 09:54 <DIR> AviraSpeedup
18.02.2015 18:57 <DIR> Blizzard
17.12.2014 15:01 <DIR> Blizzard Entertainment
15.04.2015 12:03 <DIR> Bohemia_Interactive
22.07.2015 09:18 <DIR> CEF
13.12.2016 16:02 <DIR> Chromium
07.04.2017 15:57 <DIR> Colossal Order
29.07.2015 20:00 <DIR> Comms
18.04.2017 15:45 <DIR> ConnectedDevicesPlatform
17.09.2016 09:57 <DIR> CrashDumps
05.08.2016 12:41 <DIR> CrashReportClient
25.03.2015 22:23 <DIR> Creative
20.10.2016 17:00 <DIR> Daybreak Game Company
03.07.2015 14:03 <DIR> DayZ
19.04.2017 13:32 <DIR> DBG
03.08.2016 14:46 <DIR> DeadByDaylight
30.04.2017 16:24 <DIR> Diagnostics
25.04.2017 14:21 <DIR> DigitalEntitlements
03.04.2017 13:12 <DIR> Discord
13.09.2014 23:52 <DIR> Downloaded Installations
25.12.2016 11:07 <DIR> Dropbox
11.05.2017 18:58 <DIR> ElevatedDiagnostics
09.09.2016 19:17 <DIR> ExtremeBurgerDefense
12.06.2015 11:45 <DIR> fabi.me
02.05.2017 10:40 <DIR> FiveM
06.06.2015 18:57 <DIR> fontconfig
10.11.2016 11:04 <DIR> Frontier Developments
06.06.2015 18:57 <DIR> gegl-0.2
08.04.2017 22:24 <DIR> GolfIt
27.05.2017 15:42 <DIR> Google
06.06.2015 19:02 <DIR> gtk-2.0
01.06.2015 09:06 <DIR> GWX
01.10.2016 19:00 <DIR> hns
25.03.2015 23:18 <DIR> Intel_Corporation
02.07.2015 20:28 <DIR> Introversion
13.09.2014 23:53 <DIR> IsolatedStorage
25.07.2015 12:59 <DIR> Kryptotel_fz_llc
14.07.2015 09:38 <DIR> Lenovo
03.01.2015 01:29 <DIR> Logitech
19.10.2014 14:08 <DIR> LogMeIn
17.09.2016 17:03 <DIR> Macromedia
04.05.2016 17:07 <DIR> mfbot.de
09.05.2017 22:12 <DIR> Microsoft
31.07.2015 19:30 <DIR> MicrosoftEdge
24.05.2015 18:37 <DIR> Movavi
16.09.2016 22:27 <DIR> Mozilla
25.09.2014 09:37 <DIR> Origin
26.05.2017 00:11 <DIR> Packages
21.01.2017 11:44 <DIR> PackageStaging
21.03.2016 19:41 <DIR> PDFCreator
29.07.2015 19:46 <DIR> PeerDistRepub
23.06.2015 15:36 <DIR> PhotoEditor
29.01.2015 19:50 <DIR> Programs
29.07.2015 16:20 <DIR> Publishers
06.06.2015 19:02 1.457 recently-used.xbel
05.09.2015 23:10 7.602 Resmon.ResmonCfg
17.04.2017 10:31 <DIR> Rockstar Games
20.10.2016 17:00 <DIR> SCE
19.09.2014 16:47 <DIR> SIX Networks
22.04.2016 14:47 <DIR> SkinSoft
27.01.2016 15:59 <DIR> Skype
31.08.2015 10:09 <DIR> speech
27.05.2017 14:48 <DIR> Spotify
05.11.2016 21:26 <DIR> SquirrelTemp
13.12.2016 16:02 <DIR> Steam
30.12.2015 16:38 <DIR> SteelSeries Engine 3 Client
12.05.2017 20:05 <DIR> Styx2
09.04.2016 10:40 <DIR> Targem
11.01.2017 20:50 <DIR> TeamSpeak 3
22.03.2016 22:07 <DIR> TechSmith
27.05.2017 15:44 <DIR> Temp
01.06.2015 19:56 <DIR> The Witcher 2
30.12.2015 14:35 <DIR> TileDataLayer
30.11.2016 19:46 <DIR> Ubisoft Game Launcher
17.04.2017 17:27 <DIR> UNP
05.05.2017 20:49 <DIR> UnrealEngine
25.06.2016 11:44 <DIR> Victory
16.01.2016 11:37 <DIR> VirtualStore
12.03.2017 12:55 <DIR> web_engine
22.05.2015 23:22 <DIR> XGen Studios, Inc
03.11.2014 18:01 0 {D225EC80-495D-4D31-93CB-8D9B23232D0F}
3 Datei(en), 9.059 Bytes
89 Verzeichnis(se), 36.810.076.160 Bytes frei

========= Ende von CMD: =========

========= dir "%CommonProgramFiles(x86)%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Program Files (x86)\Common Files

25.05.2017 10:09 <DIR> .
25.05.2017 10:09 <DIR> ..
09.05.2017 22:12 <DIR> AV
28.10.2016 12:00 <DIR> BattlEye
25.05.2017 10:09 <DIR> DESIGNER
12.03.2017 10:58 <DIR> InstallShield
27.05.2017 14:53 <DIR> IObit
21.04.2017 15:31 <DIR> Java
25.05.2017 10:09 <DIR> Microsoft Shared
25.03.2015 21:44 <DIR> PostureAgent
18.03.2017 23:03 <DIR> Services
27.04.2017 16:48 <DIR> Steam
20.03.2017 06:41 <DIR> System
0 Datei(en), 0 Bytes
13 Verzeichnis(se), 36.810.014.720 Bytes frei

========= Ende von CMD: =========

========= dir "%CommonProgramW6432%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Program Files\Common Files

18.04.2017 15:30 <DIR> .
18.04.2017 15:30 <DIR> ..
18.04.2017 15:28 <DIR> ATI Technologies
09.05.2017 22:12 <DIR> AV
24.01.2016 12:40 <DIR> INCA Shared
18.04.2017 15:30 <DIR> microsoft shared
18.03.2017 23:03 <DIR> Services
20.03.2017 06:41 <DIR> System
0 Datei(en), 0 Bytes
8 Verzeichnis(se), 36.809.961.472 Bytes frei

========= Ende von CMD: =========

========= dir "%UserProfile%" =========

Datentr„ger in Laufwerk C: ist Origin
Volumeseriennummer: 8C38-7E32

Verzeichnis von C:\Users\Pascal

27.05.2017 15:43 <DIR> .
27.05.2017 15:43 <DIR> ..
06.06.2015 19:07 <DIR> .gimp-2.8
21.07.2016 11:07 <DIR> .oracle_jre_usage
24.02.2017 19:35 <DIR> .Origin
11.01.2017 20:50 <DIR> .QtWebEngineProcess
11.01.2017 20:50 <DIR> .TeamSpeak 3
06.06.2015 18:58 <DIR> .thumbnails
12.03.2017 12:55 <DIR> .web_engine
10.05.2017 13:27 <DIR> Contacts
27.05.2017 15:02 <DIR> Desktop
25.05.2017 09:53 <DIR> Documents
27.05.2017 15:44 <DIR> Downloads
27.12.2016 17:51 <DIR> Dropbox
27.02.2015 18:31 <DIR> dumps
10.05.2017 13:27 <DIR> Favorites
25.03.2015 21:44 <DIR> Intel
12.12.2014 20:09 23 jagexappletviewer.preferences
28.03.2015 21:26 <DIR> jagexcache
12.12.2014 19:48 45 jagex_cl_runescape_LIVE.dat
10.05.2017 13:27 <DIR> Links
10.05.2017 13:27 <DIR> Music
15.11.2016 17:21 <DIR> Non-WHQL-Win10-64Bit-Radeon-Software-Crimson-16.11.3-Nov8
18.04.2017 15:45 <DIR> OneDrive
26.05.2017 19:38 <DIR> Pictures
12.12.2014 20:48 24 random.dat
10.05.2017 13:27 <DIR> Saved Games
10.05.2017 13:27 <DIR> Searches
03.05.2015 20:54 <DIR> Tracing
10.05.2017 13:27 <DIR> Videos
3 Datei(en), 92 Bytes
27 Verzeichnis(se), 36.809.904.128 Bytes frei

========= Ende von CMD: =========

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1229423121-489186376-597309758-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1229423121-489186376-597309758-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

========= Ende von RemoveProxy: =========

========= ipconfig /flushdns =========

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========

========= netsh winsock reset =========

Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.

========= Ende von CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 178383848 B
Java, Flash, Steam htmlcache => 631882570 B
Windows/system/drivers => 744499703 B
Edge => 2124840 B
Chrome => 0 B
Firefox => 16924570 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 13874 B
NetworkService => 37762 B
Pascal => 111692699 B

RecycleBin => 2267086 B
EmptyTemp: => 1.6 GB temporäre Dateien entfernt.

================================

Das System musste neu gestartet werden.

==== Ende von Fixlog 15:46:31 ====

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Pascal (Administrator) auf PASCAL (27-05-2017 15:49:08)
Gestartet von C:\Users\Pascal\Downloads
Geladene Profile: Pascal (Verfügbare Profile: Pascal)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
() C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
() C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Electronic Arts) L:\Programme\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ROCCAT GmbH) C:\Users\Pascal\Downloads\SWARM_v19201 (1)\data\SWARM_CONNECT\SwarmHW_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(© 2015 Microsoft Corporation) C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT) L:\Programme\ROCCAT_Swarm_Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\wmi64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-23] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe [579056 2014-03-28] (Micro-Star International)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2015-03-05] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [BingSvc] => C:\Users\Pascal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-12-24] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Dropbox Update] => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-24] (Dropbox, Inc.)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [Spotify Web Helper] => C:\Users\Pascal\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-25] (Spotify Ltd)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Run: [WallpaperEngine] => L:\Programme\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [735232 2017-05-11] ()
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-03-25]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2017-03-13]
ShortcutTarget: ROCCAT Swarm.lnk -> L:\Programme\ROCCAT_Swarm_Monitor.exe (ROCCAT)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8fee23f3-22fd-4b73-a7b9-9aea4d15184f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1229423121-489186376-597309758-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1229423121-489186376-597309758-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default [2017-05-27]
FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\user.js [2016-11-21]
FF Homepage: Mozilla\Firefox\Profiles\qh5dvH6z.default -> hxxps://www.reddit.com/r/all/
FF Extension: (Firefox Hotfix) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-16]
FF Extension: (BetterTTV) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\firefox@betterttv.net.xpi [2016-09-19]
FF Extension: (Adblock Plus) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\qh5dvH6z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-16]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pajfkbekgfapaenbmngmilchlbejokcg] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-08-03] (EasyAntiCheat Ltd)
R2 ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2126448 2014-04-10] ()
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-12-31] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4035024 2015-03-10] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-12-31] () [Datei ist nicht signiert]
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704 2015-01-29] () [Datei ist nicht signiert]
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2249168 2015-03-10] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-12-31] () [Datei ist nicht signiert]
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2015-03-13] () [Datei ist nicht signiert]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; L:\Programme\Origin\OriginClientService.exe [2124296 2017-02-24] (Electronic Arts)
R2 Origin Web Helper Service; L:\Programme\Origin\OriginWebHelperService.exe [2185232 2017-02-24] (Electronic Arts)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [Datei ist nicht signiert]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-01-19] (Advanced Micro Devices)
S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-05-27] (CPUID)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-30] (REALiX(tm))
S3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [23936 2014-02-03] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-16] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-18] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-16] (AO Kaspersky Lab)
S1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
S3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-24] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-04-16] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-19] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-19] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-19] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45200 2016-02-16] (Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-27] (Malwarebytes)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [25088 2015-02-02] (SteelSeries ApS)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-06-24] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 aswbdisk; kein ImagePath
S1 ESEADriver2; \??\C:\Users\Pascal\AppData\Local\Temp\ESEADriver2.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 15:44 - 2017-05-27 15:46 - 00029887 _____ C:\Users\Pascal\Downloads\Fixlog.txt
2017-05-27 15:02 - 2017-05-27 15:02 - 00001381 _____ C:\Users\Pascal\Desktop\mbam.txt
2017-05-27 15:00 - 2017-05-27 15:47 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-27 15:00 - 2017-05-27 15:47 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-27 15:00 - 2017-05-27 15:00 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-27 14:59 - 2017-05-27 15:47 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-27 14:59 - 2017-05-27 15:47 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-27 14:59 - 2017-05-27 14:59 - 63364552 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-27 14:59 - 2017-05-27 14:59 - 00001926 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-27 14:59 - 2017-05-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-27 14:59 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-27 14:57 - 2017-05-27 14:57 - 00566128 _____ (Malwarebytes) C:\Users\Pascal\Downloads\mbam-clean-2.3.0.1001.exe
2017-05-27 14:48 - 2017-05-27 14:48 - 04102600 _____ C:\Users\Pascal\Downloads\AdwCleaner_6.046.exe
2017-05-27 14:47 - 2017-05-27 14:53 - 00000000 ____D C:\AdwCleaner
2017-05-27 14:18 - 2017-05-27 14:29 - 00114264 _____ C:\TDSSKiller.3.1.0.15_27.05.2017_14.18.10_log.txt
2017-05-27 14:18 - 2017-05-27 14:18 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Pascal\Downloads\tdsskiller.exe
2017-05-27 14:13 - 2017-05-27 15:05 - 00049456 _____ C:\Users\Pascal\Downloads\Addition.txt
2017-05-27 14:12 - 2017-05-27 15:49 - 00028518 _____ C:\Users\Pascal\Downloads\FRST.txt
2017-05-27 14:12 - 2017-05-27 15:49 - 00000000 ____D C:\FRST
2017-05-27 14:12 - 2017-05-27 14:12 - 02429952 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2017-05-25 23:13 - 2017-05-25 23:13 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\424D3EFA.sys
2017-05-25 23:10 - 2017-05-25 23:10 - 22851472 _____ (Malwarebytes ) C:\Users\Pascal\Downloads\mbam-setup-2.2.1.1043.exe
2017-05-25 13:09 - 2017-05-25 13:09 - 00003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Pascal)
2017-05-24 12:19 - 2017-05-24 12:19 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-05-23 17:25 - 2017-05-23 17:25 - 00000212 _____ C:\Users\Pascal\Desktop\Rocket League.url
2017-05-23 14:14 - 2017-05-23 14:14 - 05545512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-05-23 14:13 - 2017-05-23 14:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-23 14:13 - 2017-05-23 14:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-23 14:13 - 2017-05-23 14:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-05-23 14:13 - 2017-05-23 14:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-23 14:13 - 2017-05-23 14:13 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-05-23 13:27 - 2017-05-23 13:27 - 15721672 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.4.0.512).exe
2017-05-17 17:42 - 2017-05-17 17:42 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 17:42 - 2017-05-17 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 17:41 - 2017-05-23 14:14 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 13:11 - 2017-05-19 10:42 - 05222216 _____ C:\Users\Pascal\Desktop\Euthanasie.pptx
2017-05-13 15:37 - 2017-05-13 15:37 - 00000212 _____ C:\Users\Pascal\Desktop\DARK SOULS III.url
2017-05-12 20:05 - 2017-05-12 20:05 - 00000000 ____D C:\Users\Pascal\AppData\Local\Styx2
2017-05-11 22:25 - 2017-05-11 22:25 - 00000212 _____ C:\Users\Pascal\Desktop\Wallpaper Engine.url
2017-05-11 16:32 - 2017-05-11 16:32 - 19247873 _____ C:\Users\Pascal\Desktop\IrishBritish.mp4
2017-05-10 13:26 - 2017-04-19 08:12 - 00395226 __RSH C:\bootmgr
2017-05-10 13:26 - 2017-03-18 22:57 - 00000001 ___SH C:\BOOTNXT
2017-05-09 22:19 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-09 22:19 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-09 22:19 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 22:19 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 22:19 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 22:19 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 22:19 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 22:19 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 22:19 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 22:19 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 22:19 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 22:19 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 22:19 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 22:19 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 22:19 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 22:19 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 22:19 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 22:19 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 22:19 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 22:19 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 22:19 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 22:19 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 22:19 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 22:19 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 22:19 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 22:19 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 22:19 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 22:19 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 22:19 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 22:19 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 22:19 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-09 22:19 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-09 22:19 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-09 22:19 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-09 22:19 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-09 22:19 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-09 22:19 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-09 22:19 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-09 22:19 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-09 22:19 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-09 22:19 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-09 22:19 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-09 22:19 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-09 22:19 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-09 22:19 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-09 22:19 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-09 22:19 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-09 22:19 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-09 22:19 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-09 22:19 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-09 22:19 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-09 22:19 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-09 22:19 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-09 22:19 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-09 22:18 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 22:18 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 22:18 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 22:18 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 22:18 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 22:18 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 22:18 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 22:18 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 22:18 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 22:18 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 22:18 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 22:18 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 22:18 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 22:18 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 22:18 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 22:18 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 22:18 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 22:18 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 22:18 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 22:18 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 22:18 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 22:18 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 22:18 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 22:18 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 22:18 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 22:18 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 22:18 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 22:18 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 22:18 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 22:18 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 22:18 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 22:18 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 22:18 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 22:18 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 22:18 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 22:18 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 22:18 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 22:18 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 22:18 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 22:18 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 22:18 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 22:18 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 22:18 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 22:18 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 22:18 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 22:18 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 22:18 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 22:18 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 22:18 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 22:18 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 22:18 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 22:18 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 22:18 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 22:18 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 22:18 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 22:18 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 22:18 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 22:18 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 22:18 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 22:18 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 22:18 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 22:18 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 22:18 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 22:18 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 22:18 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 22:18 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 22:18 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-09 22:18 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-09 22:18 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-09 22:18 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-09 22:18 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-09 22:18 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-09 22:18 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-09 22:18 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-09 22:18 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-09 22:18 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-09 22:18 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-09 22:18 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-09 22:18 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-09 22:18 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-09 22:18 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-09 22:18 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-09 22:18 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-09 22:18 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-09 22:18 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-09 22:18 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-09 22:18 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-09 22:18 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-09 22:18 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-09 22:18 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-09 22:18 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-09 22:18 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-09 22:18 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-09 22:18 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-09 22:18 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-09 22:18 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-09 22:18 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-09 22:18 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-09 22:18 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-09 22:18 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-09 22:18 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-09 22:18 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-09 22:18 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-09 22:18 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-09 22:18 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-09 22:18 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-09 22:18 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-09 22:18 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-09 22:18 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-09 22:18 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-09 22:18 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-09 22:18 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-09 22:18 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-09 22:18 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-09 22:18 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-09 22:18 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-09 22:18 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-09 22:18 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-09 22:18 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-09 22:18 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-09 22:18 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-09 22:18 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-09 22:18 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-09 22:18 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-09 22:18 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-09 22:18 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-09 22:18 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-09 22:18 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-09 22:18 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-09 22:18 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-09 22:18 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-09 22:18 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-09 22:11 - 2017-05-09 22:11 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-05-09 22:11 - 2017-05-09 22:11 - 00001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-05-09 22:10 - 2017-05-09 22:11 - 00000000 ____D C:\Program Files (x86)\Windows Live
2017-05-09 22:10 - 2017-05-09 22:10 - 26689458 _____ (videowinsoft.com ) C:\Users\Pascal\Downloads\windows-movie-maker-2016.exe
2017-05-09 22:10 - 2017-05-09 22:10 - 00001317 _____ C:\Users\Public\Desktop\Windows Movie Maker.lnk
2017-05-09 22:10 - 2017-05-09 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2017-05-09 22:08 - 2017-05-09 22:08 - 00000000 ____D C:\Program Files (x86)\LottaDeals
2017-05-09 22:07 - 2017-05-09 22:12 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-09 22:07 - 2017-05-09 22:07 - 00000000 ____D C:\Program Files (x86)\WeatherHubPro
2017-05-09 21:50 - 2017-05-09 22:14 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\obs-studio
2017-05-09 17:45 - 2017-03-17 22:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-05-09 17:45 - 2017-03-17 21:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-05-09 17:45 - 2017-03-17 21:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-05-09 17:45 - 2017-03-17 21:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-05-09 17:45 - 2017-03-17 21:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-05-09 17:44 - 2017-05-09 17:44 - 00001053 _____ C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-09 17:40 - 2017-05-18 09:29 - 22120924 _____ C:\Users\Pascal\Desktop\Irelandpres.pptx
2017-05-09 16:10 - 2017-05-09 16:10 - 00000977 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-05-09 16:10 - 2017-05-09 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-05-09 16:08 - 2017-05-09 16:08 - 113034688 _____ (obsproject.com) C:\Users\Pascal\Downloads\OBS-Studio-18.0.1-Full-Installer.exe
2017-05-09 13:54 - 2017-05-09 13:54 - 00000000 ____D C:\Users\Pascal\Desktop\Stuff
2017-05-06 09:45 - 2017-05-06 09:47 - 00000000 ____D C:\Users\Pascal\Desktop\SPIELE ORDNER
2017-05-05 21:02 - 2017-05-05 21:02 - 00659456 _____ C:\Users\Pascal\Downloads\DualMonitorTools-2.5.msi
2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor Tools
2017-05-05 21:02 - 2017-05-05 21:02 - 00000000 ____D C:\Program Files (x86)\Dual Monitor Tools
2017-05-05 18:52 - 2017-05-05 18:52 - 00000212 _____ C:\Users\Pascal\Desktop\Prey.url
2017-05-05 17:05 - 2017-05-05 17:05 - 00000212 _____ C:\Users\Pascal\Desktop\Styx Shards of Darkness.url
2017-05-05 16:28 - 2017-05-22 18:12 - 00000000 ___RD C:\Users\Pascal\Desktop\FiveM
2017-05-05 16:28 - 2017-05-05 16:28 - 00000000 ____D C:\Users\Pascal\Downloads\FiveM.app
2017-05-05 13:23 - 2017-05-27 12:09 - 00000080 _____ C:\Users\Pascal\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2017-05-04 21:51 - 2017-05-04 21:51 - 09390672 _____ (Piriform Ltd) C:\Users\Pascal\Downloads\ccsetup529.exe
2017-05-04 16:05 - 2017-05-04 18:17 - 41294497 _____ C:\Users\Pascal\Downloads\Flechten Daid (2).pptx
2017-05-02 20:42 - 2017-05-02 20:42 - 00000212 _____ C:\Users\Pascal\Desktop\Little Nightmares.url
2017-05-02 19:00 - 2017-05-02 19:00 - 00000736 _____ C:\Users\Pascal\Desktop\GTA Network.lnk
2017-05-02 18:59 - 2017-05-02 19:00 - 69323802 _____ C:\Users\Pascal\Downloads\GTANSetup.zip
2017-05-02 14:29 - 2017-05-02 14:29 - 06282638 _____ C:\Users\Pascal\Downloads\soehandling.zip
2017-04-29 18:08 - 2017-04-29 18:08 - 00000000 ____D C:\Users\Pascal\AppData\LocalLow\Kyle Champ
2017-04-29 18:06 - 2017-04-29 18:06 - 00000212 _____ C:\Users\Pascal\Desktop\ShellShock Live.url
2017-04-28 21:47 - 2017-04-28 21:47 - 17866872 _____ (IObit ) C:\Users\Pascal\Downloads\driver_booster_setup(4.3.0.504).exe
2017-04-27 08:42 - 2017-04-27 08:42 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Google

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 15:47 - 2017-04-18 15:28 - 00000000 ____D C:\Users\Pascal
2017-05-27 15:47 - 2016-01-06 13:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-05-27 15:46 - 2017-04-18 15:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-27 15:46 - 2017-04-18 15:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-27 15:46 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-05-27 15:42 - 2014-09-05 17:24 - 00000000 ____D C:\Users\Pascal\AppData\Local\Google
2017-05-27 15:42 - 2014-09-05 17:24 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-27 15:38 - 2017-04-18 15:35 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8DB2EA9F-FDA0-4CD1-B8F0-3B7DEF1B6AB2}
2017-05-27 15:38 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-27 15:04 - 2017-04-18 15:40 - 02253136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-27 15:04 - 2017-03-20 06:41 - 01018480 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-27 15:04 - 2017-03-20 06:41 - 00224470 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-27 14:53 - 2015-12-30 21:42 - 00000000 ____D C:\ProgramData\IObit
2017-05-27 14:48 - 2014-09-05 23:07 - 00000000 ____D C:\Users\Pascal\AppData\Local\Spotify
2017-05-27 14:06 - 2014-09-05 23:06 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Spotify
2017-05-27 10:47 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 10:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 00:11 - 2014-09-05 17:20 - 00000000 ____D C:\Users\Pascal\AppData\Local\Packages
2017-05-25 20:10 - 2015-12-30 21:43 - 00000000 ____D C:\ProgramData\ProductData
2017-05-25 14:00 - 2014-09-05 20:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\TS3Client
2017-05-25 10:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-25 10:09 - 2014-09-05 17:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-25 09:53 - 2016-03-21 19:39 - 00000000 ____D C:\ProgramData\PDF Architect 4
2017-05-23 18:56 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-05-23 18:28 - 2014-09-07 18:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 18:26 - 2014-09-07 18:23 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 14:14 - 2017-04-18 15:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-23 14:14 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 17:42 - 2017-04-18 15:28 - 00000000 ____D C:\Program Files\AMD
2017-05-17 17:42 - 2015-12-30 21:26 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-05-17 17:41 - 2016-09-16 17:37 - 00000000 ____D C:\AMD
2017-05-13 15:37 - 2014-12-27 01:24 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-11 22:26 - 2015-07-29 16:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-11 18:58 - 2014-10-06 09:10 - 00000000 ____D C:\Users\Pascal\AppData\Local\ElevatedDiagnostics
2017-05-11 15:45 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-10 18:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 13:27 - 2016-11-20 23:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 13:26 - 2017-04-18 15:27 - 00391832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 23:26 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-09 22:12 - 2016-11-20 12:40 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-09 17:45 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-05-09 16:02 - 2017-04-18 15:35 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 16:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-05 21:03 - 2016-06-17 23:19 - 00000000 ____D C:\Users\Pascal\AppData\Roaming\Dual Monitor Tools
2017-05-05 20:49 - 2016-06-25 11:44 - 00000000 ____D C:\Users\Pascal\AppData\Local\UnrealEngine
2017-05-04 21:51 - 2015-02-15 13:33 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-05-03 21:21 - 2015-03-29 11:59 - 00000000 ____D C:\Users\Pascal\Desktop\Schulsachen
2017-05-03 20:30 - 2017-04-18 16:25 - 00000000 ____D C:\Windows.old
2017-05-02 10:40 - 2017-04-17 15:17 - 00000000 ____D C:\Users\Pascal\AppData\Local\FiveM
2017-04-30 16:24 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-19 23:07 - 2015-01-08 22:51 - 0001470 _____ () C:\Users\Pascal\AppData\Roaming\SpeedRunnersLog.txt
2015-06-06 19:02 - 2015-06-06 19:02 - 0001457 _____ () C:\Users\Pascal\AppData\Local\recently-used.xbel
2015-09-05 23:10 - 2015-09-05 23:10 - 0007602 _____ () C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
2014-11-03 17:59 - 2014-11-03 18:01 - 0000000 _____ () C:\Users\Pascal\AppData\Local\{D225EC80-495D-4D31-93CB-8D9B23232D0F}

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-17 18:51

==================== Ende von FRST.txt ============================

--- --- ---

Seehmer · 27.05.2017, 18:27

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Pascal (27-05-2017 15:49:35)
Gestartet von C:\Users\Pascal\Downloads
Windows 10 Pro Version 1703 (X64) (2017-04-18 13:38:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1229423121-489186376-597309758-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1229423121-489186376-597309758-503 - Limited - Disabled)
Gast (S-1-5-21-1229423121-489186376-597309758-501 - Limited - Disabled)
Pascal (S-1-5-21-1229423121-489186376-597309758-1001 - Administrator - Enabled) => C:\Users\Pascal

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
AMD Catalyst Install Manager (HKLM\...\{BFA7FEF1-18FF-A9BF-560B-8243CF14C689}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Arena of Fate (HKLM-x32\...\{3692304C-EFBB-4181-B75C-6A477A2B8708}) (Version: 1.0.0 - Crytek GmbH)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crossout Launcher 1.0.0.18 (HKLM-x32\...\CrossOutLauncher_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.27.80.1020 - Electronic Arts Inc.)
Discord (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)
Dropbox (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dual Monitor Tools (HKLM-x32\...\{0DAA6DDB-DE54-4687-ADDE-B4CA1C74E0C3}) (Version: 2.5.0.0 - GNE)
ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.7 - MSI)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.1 - MSI)
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Golf It! (HKLM\...\Steam App 571740) (Version:  - Perfuse Entertainment)
GooCubelets (HKLM\...\Steam App 397620) (Version:  - Zonitron Productions)
GooCubelets 2 (HKLM\...\Steam App 416270) (Version:  - Zonitron Productions)
GooCubelets: The Algoorithm (HKLM\...\Steam App 431270) (Version:  - Zonitron Productions)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Heart's Medicine - Time to Heal (HKLM\...\Steam App 494230) (Version:  - Blue Giraffe)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
League client alpha (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Little Nightmares (HKLM\...\Steam App 424840) (Version:  - Tarsier Studios)
Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.004 - MSI)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.93 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 2.0.0.10 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Prey (HKLM\...\Steam App 480490) (Version:  - Arkane Studios)
Punch Club (HKLM\...\Steam App 394310) (Version:  - Lazy Bear Games)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH)
ROCCAT Swarm (x32 Version: 1.92.00 - ROCCAT GmbH) Hidden
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505200853 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
Styx: Shards of Darkness (HKLM\...\Steam App 355790) (Version:  - Cyanide Studio)
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Curious Expedition (HKLM\...\Steam App 358130) (Version:  - Maschinen-Mensch)
Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Wallpaper Engine (HKLM\...\Steam App 431960) (Version:  - Kristjan Skutta)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1229423121-489186376-597309758-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Pascal\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03CB350A-E21F-45F5-8671-56732C904458} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {16C347D8-5B7E-4602-9732-D46C9359BE15} - System32\Tasks\{A4442B86-8DBB-43F9-9E34-477D9C82A120} => pcalua.exe -a L:\Programme\MobileGo\unins000.exe -c /WAF
Task: {189B50CD-385D-491E-9DF3-B29B2A3EE1D0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {21616791-3E35-4F9F-80EF-6E707F6B05DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {245ED3C0-7034-4771-A3DE-33C21655F235} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {24D71ADF-73EE-409F-B82E-300BE94481C3} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {35464B03-40BA-4942-B7C5-DC917F3E6609} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()
Task: {4884CAC8-FF7A-445E-9FA5-FEEEB0920564} - System32\Tasks\Driver Booster SkipUAC (Pascal) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe 
Task: {4AE08037-CE95-4548-8EEA-D741748D41FF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {540A65DC-9162-41B6-8E2B-A0F1AA99695E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {580507F1-F02A-4C81-8E21-855C71C9AE41} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {75B89EE9-D3F7-4F20-96B4-CB44DEEA5D05} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9A5D4BB8-78FB-4736-AEE0-64C4A3C6A742} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-25] (Microsoft Corporation)
Task: {A912C1A7-DEA3-4EE3-AEB0-6622D9890796} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1229423121-489186376-597309758-1001 -> Keine Datei <==== ACHTUNG
Task: {ABA178A7-82F6-4234-97E2-61A8E8B075A1} - System32\Tasks\Uninstaller_SkipUac_Pascal => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe 
Task: {AD8B3F2E-0A7A-45FA-8ABA-01CA8C7498AF} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Users/Pascal/Downloads/SWARM_v19201 
Task: {BF789F40-CB07-4D5D-A681-FA23DBCFE793} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {CF1B5F07-D8FD-474A-986A-9BB094F29257} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2016-12-04] (Advanced Micro Devices, Inc.)
Task: {DEB58E5E-D945-4881-82C3-5DA0C310D0C3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {EC04A89D-63D7-4D05-83EC-6D3D7026E41A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe 
Task: {FD9D0019-4A1A-4493-8CB9-6B72C3E8BE15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] ()
Task: {FDFC500C-A949-41B1-B00B-0FA45AB5FC16} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1229423121-489186376-597309758-1001Core1d25e21afe2fdbd.job => C:\Users\Pascal\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arena of Fate\Repair Arena of Fate.lnk -> L:\Programme\repair\repair.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-25 22:03 - 2014-04-10 14:57 - 02126448 _____ () C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
2017-05-27 14:59 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-03-25 22:46 - 2015-01-29 14:41 - 01992704 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 03826176 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2017-04-08 10:13 - 2017-04-08 10:13 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2015-03-25 21:44 - 2014-02-21 12:21 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2015-03-25 21:44 - 2014-02-21 12:19 - 00366080 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-11-21 15:51 - 2016-06-21 20:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-11-21 15:51 - 2016-06-21 20:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-11-21 15:51 - 2016-06-21 20:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-02-24 19:35 - 2017-02-24 19:35 - 02493440 _____ () L:\Programme\Origin\libGLESv2.dll
2014-10-23 19:27 - 2014-10-23 19:27 - 00119822 _____ () L:\Programme\libgcc_s_dw2-1.dll
2015-12-29 07:25 - 2015-12-29 07:25 - 01540622 _____ () L:\Programme\libstdc++-6.dll
2014-02-19 19:51 - 2014-02-19 19:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1229423121-489186376-597309758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal\Pictures\Epicnice.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Overwolf => "c:\program files (x86)\overwolf\overwolflauncher.exe" -overwolfsilent
MSCONFIG\startupreg: RoccatIskuFX => "l:\programme\iskufxmonitor.exe"
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "RaidCall"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Duden Korrektor SysTray"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1229423121-489186376-597309758-1001\...\StartupApproved\Run: => "WallpaperEngine"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{A170B425-8091-46BF-B73A-65DD1061A1EE}L:\programme\roccat_swarm_monitor.exe] => (Block) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{288663AB-AB6D-4F76-A98E-EEF0188C65F8}L:\programme\roccat_swarm_monitor.exe] => (Block) L:\programme\roccat_swarm_monitor.exe
FirewallRules: [TCP Query User{52D427B7-2BFE-424D-88A5-BCC6FFD5B3FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{21F4A2E2-8C1E-452D-B283-74A8E0122BB2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{95BC90B8-62CE-475A-B696-5F40702F5744}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{82B95E73-1546-4F84-9A1C-ECD7331AB4D9}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 03:47:32 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI88e6.LOG enthalten.

Error: (05/27/2017 03:43:34 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI77ef.LOG enthalten.

Error: (05/27/2017 02:59:03 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6188.LOG enthalten.

Error: (05/27/2017 02:57:57 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6f82.LOG enthalten.

Error: (05/27/2017 02:54:33 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI84fe.LOG enthalten.

Error: (05/27/2017 02:01:54 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6085.LOG enthalten.

Error: (05/27/2017 11:03:14 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6084.LOG enthalten.

Error: (05/27/2017 12:06:29 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6083.LOG enthalten.

Error: (05/26/2017 10:04:17 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6082.LOG enthalten.

Error: (05/26/2017 07:23:25 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Internet Security - Update "KIS 2017 MP0 family (Patch e)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\WINDOWS\TEMP\MSI6081.LOG enthalten.


Systemfehler:
=============
Error: (05/27/2017 03:47:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein an das System angeschlossenes Gerät funktioniert nicht.

Error: (05/27/2017 03:47:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (05/27/2017 03:47:13 PM) (Source: DCOM) (EventID: 10016) (User: PASCAL)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "pascal\Pascal" (SID: S-1-5-21-1229423121-489186376-597309758-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 03:47:00 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (05/27/2017 03:46:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/27/2017 03:44:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (05/27/2017 03:44:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/27/2017 03:44:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/27/2017 03:44:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Qualcomm Atheros Killer Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/27/2017 03:44:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-05-27 15:42:24.809
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-27 15:42:24.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-27 15:42:24.290
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-25 23:14:50.474
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-25 23:14:50.468
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-25 23:14:50.465
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SETEEFC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-09 22:06:25.323
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-09 16:08:08.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 15:44:05.912
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8143.77 MB
Verfügbarer physikalischer RAM: 5691.54 MB
Summe virtueller Speicher: 11343.77 MB
Verfügbarer virtueller Speicher: 8817.27 MB

==================== Laufwerke ================================

Drive c: (Origin) (Fixed) (Total:111.35 GB) (Free:35.85 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive h: (Data1) (Fixed) (Total:139.73 GB) (Free:139.62 GB) NTFS
Drive j: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive l: (Data2) (Fixed) (Total:465.66 GB) (Free:145.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 28BDBFA2)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CDF8897F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 139.7 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=139.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

Danke für die schnelle Antwort, ''leider'' bin ich nächste Woche nicht erreichbar, da ich auf Kursfahrt bin, also wäre ich sehr dankbar falls der Thread bis nächsten Samstag offen bliebe. Heute bin ich noch bis Abends da.

LG Pascal

27.05.2017, 13:30	#10
M-K-D-B /// TB-Ausbilder	Windows 10: Fenster poppt kurz auf und verschwindet sofort wieder-Keine Chance es zu erkennen Servus, so geht es weiter

Windows 10: Fenster poppt kurz auf und verschwindet sofort wieder-Keine Chance es zu erkennen

Plagegeister aller Art und deren Bekämpfung: Windows 10: Fenster poppt kurz auf und verschwindet sofort wieder-Keine Chance es zu erkennen