Windows 10 64 Bit: Antivir findet TR/Crypt.ZPACK.gen2

Jan90 · 27.06.2017, 19:36

Hallo Leute,

ich habe vorhin eine E-Mail mit einem Link bekommen. Leider habe ich diesen angeklickt und habe erst gemerkt was ich da gerade tue, als es schon zu spät war. Jetzt habe ich eine Meldung von AntiVir, die mir anzeigt, dass ich mich mit einem TR/Crypt.ZPACK.Gen2 infiziert habe. In einem andere Thread haben ich mich über das Vorgehen schlau gelesen und möchte nun meine Loggs posten. Ich bitte dringend um Hilfe!!

FRST Log:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
durchgeführt von Jan-Niklas (Administrator) auf JAN-NIKLASPC (27-06-2017 20:32:05)
Gestartet von C:\Users\Jan-Niklas\Downloads
Geladene Profile: Jan-Niklas (Verfügbare Profile: Jan-Niklas)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Electronic Arts) E:\Spiele\Origin\OriginWebHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINDE.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
(Hammer & Chisel, Inc.) C:\Users\Jan-Niklas\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Jan-Niklas\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Jan-Niklas\AppData\Local\Discord\app-0.0.297\Discord.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(AO Kaspersky Lab) C:\Users\Jan-Niklas\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\JAN-NI~1\AppData\Local\Temp\{0F8703B6-4DFD-4A15-A747-1206B96480F4}\{A6E0E5FA-6381-4610-AA3D-A560A9A600E4}.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16286840 2016-08-30] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-06-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72c6cd89-1fa8-4b0f-9b79-3ee156bde258}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3517360427-3538452482-3398802805-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-20] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-20] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\Jan-Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\fb7e89qr.default-1485517806667 [2017-06-27]
FF Extension: (Adblock Plus) - C:\Users\Jan-Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\fb7e89qr.default-1485517806667\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-10-23] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-18] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3517360427-3538452482-3398802805-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-03-01] ()
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-03-23]

Chrome: 
=======
CHR Profile: C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default [2017-06-27]
CHR Extension: (Docs) - C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-07]
CHR Extension: (Google Drive) - C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-07]
CHR Extension: (YouTube) - C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-07]
CHR Extension: (Google Mail) - C:\Users\Jan-Niklas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1524216 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-05-23] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 GalaxyClientService; E:\Spiele\The Witcher\GalaxyClient\GalaxyClientService.exe [284224 2017-01-07] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2017-01-07] (GOG.com)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-30] (Logitech Inc.)
S2 MATLAB License Server; E:\Matlab\etc\win64\lmgrd.exe [1918768 2014-12-29] (Flexera Software LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-01-06] (NVIDIA Corporation)
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [2123240 2017-03-21] (Electronic Arts)
R2 Origin Web Helper Service; E:\Spiele\Origin\OriginWebHelperService.exe [2184688 2017-03-21] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-06-18] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-12-03] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-25] ()
S3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-08-30] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-08-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-27] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-01-06] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 UHSfiltv; C:\WINDOWS\system32\drivers\UHSfiltv.sys [23552 2011-07-15] (Creative Technology Ltd.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-04-24] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-03-09] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Jan90 · 27.06.2017, 19:37

Sorry konnt er nich in einen Post packen
FRST Rest:

Code:

ATTFilter

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-27 20:25 - 2017-06-27 20:25 - 00002063 _____ C:\Users\Jan-Niklas\Desktop\malware.txt
2017-06-27 20:23 - 2017-06-27 20:24 - 00093222 _____ C:\TDSSKiller.3.1.0.15_27.06.2017_20.23.34_log.txt
2017-06-27 20:23 - 2017-06-27 20:23 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Jan-Niklas\Downloads\tdsskiller.exe
2017-06-27 20:23 - 2017-06-27 20:23 - 00263448 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\48069136.sys
2017-06-27 20:21 - 2017-06-27 20:22 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-27 20:21 - 2017-06-27 20:21 - 02441216 _____ (Farbar) C:\Users\Jan-Niklas\Downloads\FRST64(1).exe
2017-06-27 20:21 - 2017-06-27 20:21 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-27 20:21 - 2017-06-27 20:21 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-27 20:21 - 2017-06-27 20:21 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-27 20:21 - 2017-06-27 20:21 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-27 20:21 - 2017-06-27 20:21 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-27 20:21 - 2017-06-27 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-27 20:21 - 2017-06-27 20:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-27 20:21 - 2017-06-27 20:21 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-27 20:21 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-27 20:20 - 2017-06-27 20:21 - 64232976 _____ (Malwarebytes ) C:\Users\Jan-Niklas\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-27 20:05 - 2017-06-27 20:32 - 00022702 _____ C:\Users\Jan-Niklas\Downloads\FRST.txt
2017-06-27 20:05 - 2017-06-27 20:32 - 00000000 ____D C:\FRST
2017-06-27 20:05 - 2017-06-27 20:06 - 00076469 _____ C:\Users\Jan-Niklas\Downloads\Addition.txt
2017-06-27 20:04 - 2017-06-27 20:04 - 02441216 _____ (Farbar) C:\Users\Jan-Niklas\Downloads\FRST64.exe
2017-06-27 15:32 - 2017-06-27 15:32 - 00000000 ___HD C:\OneDriveTemp
2017-06-26 19:40 - 2017-06-26 19:58 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Local\FileZilla
2017-06-25 21:37 - 2017-06-25 21:37 - 04281792 _____ C:\Users\Jan-Niklas\Downloads\forge-1.10.2-12.18.3.2239-universal.jar
2017-06-21 16:00 - 2017-06-21 16:00 - 07075640 _____ (Tim Kosse) C:\Users\Jan-Niklas\Downloads\FileZilla_3.26.2_win64-setup.exe
2017-06-15 02:22 - 2017-06-15 02:22 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 21:03 - 2017-06-14 21:03 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-06-14 15:28 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 15:28 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 15:28 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 15:28 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 15:28 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 15:28 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 15:28 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 15:28 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 15:28 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 15:28 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 15:28 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 15:28 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 15:28 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 15:28 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 15:28 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 15:28 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 15:28 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 15:28 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 15:28 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 15:28 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 15:28 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 15:28 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 15:28 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 15:28 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 15:28 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 15:28 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 15:28 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 15:28 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 15:28 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 15:28 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 15:28 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 15:28 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 15:28 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 15:28 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 15:28 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 15:28 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 15:28 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 15:28 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 15:28 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 15:28 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 15:28 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 15:28 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 15:28 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 15:28 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 15:28 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 15:28 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 15:28 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 15:28 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 15:28 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 15:28 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 15:28 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 15:28 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 15:28 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 15:28 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 15:28 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 15:28 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 15:28 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 15:28 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 15:28 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 15:28 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 15:28 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 15:28 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 15:28 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 15:28 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 15:28 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 15:28 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 15:28 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 15:28 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 15:28 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 15:28 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 15:28 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 15:28 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 15:28 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 15:28 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 15:28 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 15:28 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 15:28 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 15:28 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 15:28 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 15:28 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 15:28 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 15:28 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 15:28 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 15:28 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 15:28 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-14 15:28 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-14 15:27 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 15:27 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 15:27 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 15:27 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 15:27 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 15:27 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 15:27 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 15:27 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 15:27 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 15:27 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 15:27 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 15:27 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 15:27 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 15:27 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 15:27 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 15:27 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 15:27 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 15:27 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 15:27 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 15:27 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 15:27 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 15:27 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 15:27 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 15:27 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 15:27 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 15:27 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 15:27 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 15:27 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 15:27 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 15:27 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 15:27 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 15:27 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 15:27 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 15:27 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 15:27 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 15:27 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 15:27 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 15:27 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 15:27 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 15:27 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 15:27 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 15:27 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 15:27 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 15:27 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 15:27 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 15:27 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-09 11:32 - 2017-06-09 11:32 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Roaming\DassaultSystemes
2017-06-09 11:32 - 2017-06-09 11:32 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Local\DassaultSystemes
2017-06-09 11:32 - 2017-06-09 11:32 - 00000000 ____D C:\ProgramData\DassaultSystemes
2017-06-03 22:35 - 2017-06-03 22:36 - 07070840 _____ (Tim Kosse) C:\Users\Jan-Niklas\Downloads\FileZilla_3.26.1_win64-setup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-27 20:05 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-27 20:01 - 2016-11-18 10:56 - 00000000 ____D C:\Users\Jan-Niklas\AppData\LocalLow\Mozilla
2017-06-27 19:36 - 2016-09-29 10:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-27 19:24 - 2013-03-13 18:31 - 00000000 ____D C:\Users\Jan-Niklas\Documents\Outlook-Dateien
2017-06-27 19:21 - 2012-11-12 12:10 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Roaming\TS3Client
2017-06-27 17:41 - 2016-09-29 10:16 - 00000000 ____D C:\Users\Jan-Niklas
2017-06-27 15:51 - 2014-03-11 19:55 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Local\Battle.net
2017-06-27 15:37 - 2016-07-17 00:51 - 01752562 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-27 15:37 - 2016-07-17 00:51 - 00450422 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-27 15:37 - 2016-06-17 12:44 - 03806738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-27 15:34 - 2016-09-29 10:15 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 15:32 - 2014-12-01 20:37 - 00000000 ____D C:\Users\Jan-Niklas\Documents\Assassin's Creed Unity
2017-06-27 15:32 - 2014-01-06 00:27 - 00000000 __RDO C:\Users\Jan-Niklas\SkyDrive
2017-06-27 15:31 - 2016-09-29 10:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-27 15:31 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-27 15:31 - 2012-11-12 11:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-27 15:30 - 2015-04-27 09:37 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Roaming\Curse Client
2017-06-27 15:15 - 2014-07-18 00:39 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Roaming\FileZilla
2017-06-27 14:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-27 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-26 19:40 - 2014-07-18 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-06-26 19:40 - 2014-07-18 00:39 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2017-06-26 14:06 - 2013-10-03 16:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-26 14:06 - 2013-03-06 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-24 09:27 - 2014-01-08 19:02 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Roaming\.minecraft
2017-06-23 17:42 - 2016-09-07 23:42 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-06-23 11:02 - 2016-11-18 03:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-18 16:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-18 16:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-15 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 10:49 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 10:48 - 2017-05-21 18:35 - 00000945 _____ C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {683573D5-2C0C-44AB-AF6C-E48DDE9F683F}.job
2017-06-15 10:48 - 2016-09-29 10:15 - 00419480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-15 10:48 - 2016-02-22 17:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-15 10:48 - 2014-02-27 00:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-15 02:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-15 02:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-15 02:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-15 01:38 - 2017-05-06 11:47 - 00000000 ____D C:\Users\Jan-Niklas\Desktop\Summoners War Exporter Files
2017-06-14 21:03 - 2016-10-10 11:37 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-06-14 21:03 - 2013-04-01 20:30 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-06-14 21:03 - 2013-04-01 20:30 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-06-14 15:38 - 2013-07-13 11:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 15:35 - 2014-02-27 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 15:35 - 2012-12-13 10:14 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 15:33 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 15:03 - 2016-12-06 20:05 - 00003294 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-14 15:03 - 2016-06-17 14:36 - 00002452 _____ C:\Users\Jan-Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-12 17:53 - 2017-04-24 15:17 - 00000000 ____D C:\Users\Jan-Niklas\Desktop\Masterarbeit
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 10:36 - 2015-11-15 03:53 - 00000000 ____D C:\Users\Jan-Niklas\AppData\Local\CrashDumps

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-11-28 07:01 - 2013-11-28 07:01 - 0551424 ____T (MultiMedia Soft) C:\Users\Jan-Niklas\AppData\Roaming\Microsoft\engine_ag.dll
2013-08-06 17:50 - 2017-04-12 14:05 - 0007601 _____ () C:\Users\Jan-Niklas\AppData\Local\Resmon.ResmonCfg
2016-12-16 00:17 - 2017-01-16 02:31 - 0007609 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-16 00:17 - 2017-01-13 12:12 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-19 13:50

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
durchgefÃ¼hrt von Jan-Niklas (27-06-2017 20:32:31)
Gestartet von C:\Users\Jan-Niklas\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-29 08:25:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3517360427-3538452482-3398802805-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3517360427-3538452482-3398802805-503 - Limited - Disabled)
Gast (S-1-5-21-3517360427-3538452482-3398802805-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3517360427-3538452482-3398802805-1006 - Limited - Enabled)
Jan-Niklas (S-1-5-21-3517360427-3538452482-3398802805-1002 - Administrator - Enabled) => C:\Users\Jan-Niklas

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{14d00649-a178-473f-bf48-eec016dc4bfa}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlerite (HKLM\...\Steam App 504370) (Version:  - Stunlock Studios)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.6 - Kakao Games Europe B.V.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creativerse (HKLM-x32\...\Steam App 280790) (Version:  - Playful Corporation)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Spaceâ„¢ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
EA SPORTSâ„¢ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-422 423 425 Series Printer Uninstall (HKLM\...\EPSON XP-422 423 425 Series) (Version:  - SEIKO EPSON Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GalerÃ*a de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotfix fÃ¼r Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lego Harry Potter (HKLM\...\Steam App 21130) (Version:  - TT Games)
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MATLAB R2015a (HKLM\...\Matlab R2015a) (Version: 8.5 - MathWorks)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools fÃ¼r Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minutor (HKLM-x32\...\{C23318A7-DFCC-4838-9434-6150A53A5ABF}) (Version: 2.0.1 - Sean Kasun)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0 (x64 de) (HKLM\...\Mozilla Firefox 51.0 (x64 de)) (Version: 51.0 - Mozilla)
Mozilla Firefox 54.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 de)) (Version: 54.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
NBTExplorer (HKLM-x32\...\{FC4C8FDD-384C-471F-9E9A-C25B57ABE7A8}) (Version: 2.7.6.0 - Justin Aquadro)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.2.1 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.2 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.10.69 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.105.48.0 - Overwolf Ltd.)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PokÃ©mon Trading Card Game Online (HKLM-x32\...\{03C8CBF2-B9BA-4054-8AA6-CAE594797FED}) (Version: 2.37.1 - The PokÃ©mon Company International)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
Skypeâ„¢ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sparta (HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\Sparta) (Version:  - Sparta) <==== ACHTUNG
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Summoners War Exporter 0.0.17 (only current user) (HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\2c51f908-e8f0-589d-a31c-2016328f814f) (Version: 0.0.17 - porksmash & Xzandro)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worms W.M.D (HKLM\...\Steam App 327030) (Version:  - Team17 Digital Ltd)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0AA037EE-FB7D-4945-BCC4-E1241258E3B9} - \WPD\SqmUpload_S-1-5-21-3517360427-3538452482-3398802805-1002 -> Keine Datei <==== ACHTUNG
Task: {13B3B974-0BF0-4CB7-9C40-D6F8B42D9ADB} - System32\Tasks\EPSON XP-422 423 425 Series Update {683573D5-2C0C-44AB-AF6C-E48DDE9F683F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {16B1CA93-89A5-47C0-8175-EF812925A9E1} - System32\Tasks\MATLAB R2015a Startup Accelerator => E:\Matlab\bin\win64\MATLABStartupAccelerator.exe [2014-12-29] ()
Task: {1B3F7B4C-2F07-470C-875C-3AAF8CF7F76E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {1C1F3523-4092-458D-B3FE-8C4019BE2541} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {28FE0A54-8563-4A81-B853-F501E8F903DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {4336195D-DB94-4293-8669-DBE5E1168BA6} - System32\Tasks\EPSON XP-422 423 425 Series Update {FB320D9E-B2A7-47B6-BC89-193990ED4A52} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {47F7C1F5-107C-465F-B141-016ECB80B54C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {51D87A13-715F-4CC0-B382-56465F80B46D} - System32\Tasks\{069DC38D-BFF4-4811-9A9E-C599E2270942} => pcalua.exe -a C:\Users\Jan-Niklas\AppData\Local\Temp\Temp2_SSD_11_Exe.zip\SSD.exe <==== ACHTUNG
Task: {605E6DF7-90DE-42F0-B9AB-F27FADCE1421} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {643B0D78-B324-45AA-A52E-7F3214D2D719} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7DD66800-D92B-4FD1-95E8-BBC7A5747598} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-06] (NVIDIA Corporation)
Task: {86C3FD09-E87A-459B-BC2E-137C2857D575} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {87A08AD4-8791-499A-B4FD-56329D0280F6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {92D803F4-57BE-4BAF-83F3-EC1E600BB8C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {938817BD-DFC8-4F0A-BF29-5FDA4E3E7049} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {9CBACCCE-D3F6-4AE2-9D8E-D6B41FD88CBC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {9D1186CD-2B47-48CF-BAA4-00EE5C6802AB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A5D18CB3-D7A7-4884-92CF-4D3B0D84804A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Jan-Niklas\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {A83B8692-7E65-4C7F-9005-318D0C8E05BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {AEE84D54-7903-400A-8335-BBDCE850989C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-06-18] (Overwolf LTD)
Task: {B5C71F76-A3D2-4C1C-A453-728FD520B520} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-06-14] (Microsoft Corporation)
Task: {B70E7592-4C3B-4374-8BEF-3695401E0420} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {BCA504D9-E6BE-498E-A054-D60607477CD4} - System32\Tasks\EPSON XP-422 423 425 Series Update {1A8156D2-7940-475C-BFB4-8EE77203A1C4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {BE674BC6-834F-4185-865A-769670A31063} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {BFA292D4-7A8A-4E2B-9C27-EBBBE739A28B} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {C8075BEE-A077-40D9-B46E-EB1DF0AB30E2} - System32\Tasks\{F74BC32F-6215-47E4-84F8-98A4F9882EA5} => Firefox.exe hxxp://ui.skype.com/ui/0/7.4.64.102/de/abandoninstall?page=tsProgressBar
Task: {CBE5C254-D25A-4D54-A2D7-3E84C460094D} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {D1BB1154-5A63-4FB7-B642-ADF55A55C8D1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-18] (Adobe Systems Incorporated)
Task: {D3C2F837-A1F2-42E4-953F-40DD905F8263} - System32\Tasks\{22D59FAD-AA74-4887-B309-71FA57E6FD38} => pcalua.exe -a C:\Users\Jan-Niklas\AppData\Local\Temp\Temp1_SSD_11_Exe.zip\SSD.exe <==== ACHTUNG
Task: {D658B308-3A7F-4C42-9EF3-042EBEBC4274} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E273BAF8-0E98-46E4-9379-880EA764F596} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E9EFF7B8-E27A-40B9-933F-7DD3DA9E1FC1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {F0DB3D5E-8548-46B5-B12D-F116A9A99C7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F5B2E4ED-1EB5-4567-897A-07DE56D7A01B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {F624A2A8-5C1D-4A49-9958-A22032E6DAF5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F6428BCD-CDBA-43FF-830D-2B1DA62E79A9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-06] (NVIDIA Corporation)
Task: {F7C4D8B4-9251-4427-8F1F-E7814A06E4FB} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {FA49440C-DFEF-47DB-94C4-EB7ED3E46334} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FC034437-E2C7-44C5-826C-13657679A6DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06] (NVIDIA Corporation)
Task: {FE1081B7-2685-4EF7-B6C6-A3D21DC0F5CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {1A8156D2-7940-475C-BFB4-8EE77203A1C4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE :/EXE:{1A8156D2-7940-475C-BFB4-8EE77203A1C4} /F:Update  WORKGROUP\JAN-NIKLASPC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {683573D5-2C0C-44AB-AF6C-E48DDE9F683F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE :/EXE:{683573D5-2C0C-44AB-AF6C-E48DDE9F683F} /F:Update  WORKGROUP\JAN-NIKLASPC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-422 423 425 Series Update {FB320D9E-B2A7-47B6-BC89-193990ED4A52}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE :/EXE:{FB320D9E-B2A7-47B6-BC89-193990ED4A52} /F:Update  WORKGROUP\JAN-NIKLASPC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\MATLAB R2015a Startup Accelerator.job => E:\Matlab\bin\win64\MATLABStartupAccelerator.exe

==================== VerknÃ¼pfungen & WMI ========================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Jan-Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta\Sparta.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://plarium.com/play/en/sparta/top/?adCampaign=42718&ClickID=zytDtB0BtAyEyDtC0FtBtAyD0B0FyBtA&publisherID=0_1_2_4_7_9_10_29_30_32_46_58
ShortcutWithArgument: C:\Users\Jan-Niklas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sparta.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://plarium.com/play/en/sparta/top/?adCampaign=42718&ClickID=zytDtB0BtAyEyDtC0FtBtAyD0B0FyBtA&publisherID=0_1_2_4_7_9_10_29_30_32_46_58

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-14 15:27 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-21 15:09 - 2016-12-29 14:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-16 00:16 - 2017-01-06 03:10 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-16 00:16 - 2017-01-06 03:10 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2012-12-19 22:20 - 2013-12-03 06:14 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-09-29 11:12 - 2016-09-29 11:12 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 19:57 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 19:58 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 19:58 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 19:58 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-14 15:27 - 2017-06-03 10:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-06-14 15:27 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-14 15:27 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-06-21 16:12 - 2017-06-21 16:12 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 16:12 - 2017-06-21 16:12 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 16:12 - 2017-06-21 16:12 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 16:12 - 2017-06-21 16:12 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-30 02:17 - 2016-08-30 02:17 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-30 02:17 - 2016-08-30 02:17 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-06-20 16:03 - 2017-06-20 16:03 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-20 16:03 - 2017-06-20 16:03 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-06 18:52 - 2017-06-06 18:53 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-06 18:52 - 2017-06-06 18:53 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-06 18:52 - 2017-06-06 18:53 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-06 18:52 - 2017-06-06 18:53 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-17 15:11 - 2016-06-17 15:11 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-06 18:52 - 2017-06-06 18:53 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 11:40 - 2017-05-09 11:40 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-06-17 15:11 - 2016-06-17 15:11 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-05-23 12:52 - 2017-05-23 12:52 - 03918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-06-27 20:21 - 2017-05-25 14:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-07-24 14:34 - 2015-07-24 14:34 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2017-03-21 23:19 - 2017-03-21 23:19 - 02493440 _____ () E:\Spiele\Origin\libGLESv2.dll
2015-04-14 20:14 - 2017-01-06 03:10 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-16 00:16 - 2017-01-06 03:10 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-16 00:16 - 2017-01-06 03:10 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-16 00:17 - 2017-01-06 03:10 - 64246840 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-16 00:17 - 2017-01-06 02:09 - 00527416 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-16 00:17 - 2017-01-06 02:09 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-16 00:17 - 2017-01-06 02:09 - 02807232 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-16 00:17 - 2017-01-06 02:09 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-16 00:17 - 2017-01-06 02:09 - 00449080 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-16 00:17 - 2017-01-06 02:09 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-16 00:17 - 2017-01-06 02:09 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-16 00:17 - 2017-01-06 02:09 - 00954816 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2017-05-11 11:31 - 2017-05-11 11:31 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\42397550d303beadaee8f376e634320d\PSIClient.ni.dll
2012-10-26 11:13 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-01-11 23:17 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Jan-Niklas\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 13:02 - 2017-01-12 13:02 - 01082880 _____ () \\?\C:\Users\Jan-Niklas\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 13:02 - 2017-01-12 13:02 - 03750400 _____ () \\?\C:\Users\Jan-Niklas\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 13:02 - 2017-01-12 13:02 - 00914432 _____ () \\?\C:\Users\Jan-Niklas\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-12 13:02 - 2017-01-12 13:02 - 01127424 _____ () \\?\C:\Users\Jan-Niklas\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-11 23:17 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Jan-Niklas\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:17 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Jan-Niklas\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-06-27 20:00 - 2017-06-27 20:00 - 00148992 _____ () \\?\C:\Users\Jan-Niklas\AppData\Local\Temp\CCC9.tmp.node
2017-01-12 13:02 - 2017-04-27 10:46 - 02658296 _____ () \\?\C:\Users\Jan-Niklas\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan-Niklas\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{d2a9a243-0dd4-47e3-8dc3-affbbd8b370b}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

MSCONFIG\Services: vpnagent => 2
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3517360427-3538452482-3398802805-1002\...\StartupApproved\Run: => "EPSON SX218 Series"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9D46BFD7-547B-4764-960C-70E0BE5DB8D3}] => (Allow) E:\Steam\SteamApps\common\Battlerite\Battlerite.exe
FirewallRules: [{44912C3D-D831-4878-BEB7-DB1D1D30F344}] => (Allow) E:\Steam\SteamApps\common\Battlerite\Battlerite.exe
FirewallRules: [{06C43A21-C963-4BA0-AA57-1EB9E6EFD535}] => (Allow) E:\Steam\SteamApps\common\WormsWMD\Worms W.M.D.exe
FirewallRules: [{0A2F2923-9FA4-40EB-85E1-50B550A372A1}] => (Allow) E:\Steam\SteamApps\common\WormsWMD\Worms W.M.D.exe
FirewallRules: [{676DEEA7-DDB3-44F5-9E15-AB6A585695C6}] => (Allow) E:\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{530F0DF5-26E2-4677-9E6C-D0F7D3DD1FAE}] => (Allow) E:\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{5C5B7390-C096-411F-A403-06BC9C250BA6}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{C7A053A7-E879-4166-AC27-BA354799F8A9}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{9C16207F-F4D1-441B-BC19-28097E1A4CB5}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{44E36B13-9942-4B93-AD9C-EF056FF77CF6}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{15C7DDE3-1065-4536-99E2-A921A3109387}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{848CE21B-E108-4E44-A0A2-AA281059F2C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D4332711-5167-4521-A25A-EC02CC0051C0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3EEBEB21-0358-44F4-B8CF-70B9D3306B5D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8CDDB237-9E35-48D7-A0B5-04A0AF6E26AA}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{4DF15657-522F-47E3-A181-D91D528C6D7E}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{8B87AD6F-A63C-4F72-8578-E727FFCA82A1}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{88D918F1-B38D-4E6D-AA1A-97AFD8DEE13C}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{D52732B7-4CB7-4A0A-8D71-24413478EB42}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{232474D3-CAAA-41B2-8B6F-B34DA3CDD4CC}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{D5C00CB4-AC0E-4E58-A2CA-D8025514A07A}] => (Allow) E:\Spiele\Dead Space 3\Dead Space 3\deadspace3.exe
FirewallRules: [{87190835-8EBE-4251-AC6E-6BD97ADAE3CF}] => (Allow) E:\Spiele\Dead Space 3\Dead Space 3\deadspace3.exe
FirewallRules: [UDP Query User{B8FF8A14-CACC-4A22-AD9B-F759B6B0FFF2}E:\spiele\rockstargames\grand theft auto iv\gtaiv.exe] => (Allow) E:\spiele\rockstargames\grand theft auto iv\gtaiv.exe
FirewallRules: [TCP Query User{B3C68C40-54A3-4DD2-9834-2BAC27CC03FF}E:\spiele\rockstargames\grand theft auto iv\gtaiv.exe] => (Allow) E:\spiele\rockstargames\grand theft auto iv\gtaiv.exe
FirewallRules: [{080FC2E7-C362-4CAB-8163-934D284142D8}] => (Allow) E:\Spiele\RockStarGames\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{E28957B6-2988-4B05-BC24-841A15A523C4}] => (Allow) E:\Spiele\RockStarGames\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{4800C259-41FF-49D5-B8FE-F83E1B670B5C}] => (Allow) LPort=1900
FirewallRules: [{A40879E7-5E56-4A0B-9E39-A281EEBC2046}] => (Allow) LPort=2869
FirewallRules: [{FF5D6B21-75F0-4F8B-9CAC-A6FADC0DD755}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C0B3F806-319D-4405-AE3A-A1AF035E10D2}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{607D1D44-C18B-41D5-929A-FCE0844EB20F}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{3521DE3F-3587-4563-87F6-B27B4F3E3891}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{753A2C21-AE55-4D96-AFB6-B1EFC0E46C34}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E425A48A-AA4E-452B-8FB9-C7259145ECF7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0DE62F01-D86C-49F9-BC28-A120B20758A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CA9749D4-9243-41DC-B008-B376D0AD3AB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{00029014-9406-4A18-B63B-05ABC03184FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{37D4C821-F8CD-4433-939F-24143357D0A8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{0705B5B1-56B4-4D8F-A876-A32690251066}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{AC7F0E0D-0745-4E16-B5B7-647953DBB4DF}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{C5C599E6-7C99-4A0F-97FB-E7154683AD7A}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [{387D9174-DAD8-484E-80EA-FF7307B14CE7}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6E63B42F-52B0-4DE3-8092-2E43154DBC26}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{7B4A0507-C1E4-4555-8A43-E7AB4A533292}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9D8ED4E1-F80A-4EA2-8F82-56361EB4D806}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{B3888DDB-000E-4E86-B032-ACCFC35F2D1C}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EF0D73E2-A0B7-48E1-B644-1216D9306AA6}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{35CDD77C-6052-4234-834C-0ED8A4276BC1}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{644FED72-DBB2-484E-B323-ECFB6EAB3FF8}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [{ABBF35BF-E05B-4150-AD1D-40B867CB683D}] => (Allow) E:\Spiele\TombRaider\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{A48F09FC-84F1-47CB-85D8-6DC6A2FB65B8}] => (Allow) E:\Spiele\TombRaider\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E4803200-8BCA-4356-96C2-C0B97B521C18}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F9149E09-78B4-4B72-B44D-96E5F31C16CF}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112E3F64-D8C3-46DE-8C24-A599AD7D026F}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8C0AD8C9-49F0-40F1-BC99-EA357999A7A0}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{79D524F5-D394-467A-A0D6-99AD379EB807}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{2AA6ABA4-BC56-40B4-9E6A-B631A005399E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3D1DF5E2-9F64-4E9E-8A13-C7479DC9811D}] => (Allow) E:\Spiele\Diablo3\Battle.net\Battle.net.exe
FirewallRules: [{31D4BC8D-F7D3-4222-9808-4D590CB691FF}] => (Allow) E:\Spiele\Diablo3\Battle.net\Battle.net.exe
FirewallRules: [{3979A4B9-286E-4AD6-88F7-A08B56C42030}] => (Allow) E:\Spiele\Diablo3\Diablo III\Diablo III.exe
FirewallRules: [{3C76B45D-D41C-483F-9CE7-BA28844D421B}] => (Allow) E:\Spiele\Diablo3\Diablo III\Diablo III.exe
FirewallRules: [{BE808C54-0DE0-4C3F-BCCF-EDD386066C98}] => (Allow) E:\Spiele\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{575E1727-E9C7-4525-93FD-7B6ED54413E2}] => (Allow) E:\Spiele\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C995038B-89F0-4B74-9FD9-8D74F90E8F39}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{AF90235F-6E23-4B03-8C1A-C58222C1C501}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{5005818B-79C6-44EF-99D5-222D7A3640CA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DB04C39E-BE49-43D1-8EE6-98F7FEBA2825}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{605451DE-5105-4BC7-AAF4-0E2D2B51F524}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A820C8CB-C81F-48DF-907C-A20A6DFC1A48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A95A4346-36BC-4484-BF07-3B60457A899B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{086ED567-EB5B-4514-8729-1B59DEEC6D60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4415281B-F57F-4B12-8E85-36C5C63E4984}] => (Allow) E:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{6EF9C052-0E08-479C-BB50-00B5764F2668}] => (Allow) E:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{169D2FFB-12A8-4066-AE54-B674897E26E3}] => (Allow) E:\Steam\SteamApps\common\Creativerse\Creativerse.exe
FirewallRules: [{FA869137-5B38-45FF-B689-26C0B4E799F0}] => (Allow) E:\Steam\SteamApps\common\Creativerse\Creativerse.exe
FirewallRules: [TCP Query User{72D11C20-E776-412C-A5AE-A17A1AB589CE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{95D679E1-635A-4549-BCF6-D1A8C6B7E2F1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{01383FB3-A4DB-42B1-ACED-E433DB8A902F}] => (Allow) E:\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{62AB4F29-CCC2-4BC8-9AFB-C47E0AB2F339}] => (Allow) E:\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9C37AC82-CFBF-4ADF-8F03-891261322126}] => (Allow) E:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{0E0EEB5D-75B0-4398-B934-7B0038F71A33}] => (Allow) E:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B2634AA1-86DA-44F0-A07E-7A493A66D385}] => (Allow) E:\Spiele\Hearthstone\Heroes of the Storm\Heroes of the Storm.exe
FirewallRules: [{0541AAA4-C32B-4081-A116-84F5B173A928}] => (Block) E:\Spiele\Hearthstone\Heroes of the Storm\Heroes of the Storm.exe
FirewallRules: [TCP Query User{5FB291E1-0D2E-49FE-BA45-5432FCD5FD71}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{530B27FD-3765-4426-BC54-6D207F16E40F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{01196487-6982-467C-9D42-DD0D87797500}] => (Allow) LPort=8743
FirewallRules: [{6E24C43F-5B3E-4C63-A306-C9A54DA1A1C3}] => (Allow) LPort=8643
FirewallRules: [{B1CF8949-A634-4E3B-8C0A-92D82311E21E}] => (Allow) LPort=7676
FirewallRules: [{31E7D0BD-AFFB-469F-9A37-9B31A5F4EF2B}] => (Allow) LPort=7679
FirewallRules: [{9175CEA7-4BC0-4B5E-92D1-E4ADFE7F4118}] => (Allow) LPort=24234
FirewallRules: [{ADEF2A6C-E4F0-414B-A440-84EAB860F96F}] => (Allow) LPort=7900
FirewallRules: [{BC0FA859-A93D-4046-8217-23E710AFD7FD}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{C9848917-9218-4A27-8204-9E03F8C5C0D4}E:\spiele\rockstargames\gta5\gta5.exe] => (Allow) E:\spiele\rockstargames\gta5\gta5.exe
FirewallRules: [UDP Query User{BE69329A-B464-4DBD-AF73-5CA81D7D079E}E:\spiele\rockstargames\gta5\gta5.exe] => (Allow) E:\spiele\rockstargames\gta5\gta5.exe
FirewallRules: [TCP Query User{AEAFFFEA-298C-4292-B658-33AD569F847B}E:\spiele\diablo3\diablo iii\diablo iii.exe] => (Allow) E:\spiele\diablo3\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{0F3F45B5-E693-437D-9C93-3A275CB5F07D}E:\spiele\diablo3\diablo iii\diablo iii.exe] => (Allow) E:\spiele\diablo3\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{76230420-2C9B-4365-BE70-8020AA335676}E:\spiele\fifa 15\fifa15.exe] => (Allow) E:\spiele\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{2D5B299A-BB2C-4F5B-A086-051E4B91DE71}E:\spiele\fifa 15\fifa15.exe] => (Allow) E:\spiele\fifa 15\fifa15.exe
FirewallRules: [{A825FF1B-33FC-45F2-BAFF-19FF20D67FD0}] => (Allow) E:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{4065B779-C5DE-43CD-90A9-B489757ED421}] => (Allow) E:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{D496B07B-9CDB-4D59-86B2-90BDE060EF80}] => (Allow) E:\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{30462181-E8D2-4860-863A-F2CAC022A240}] => (Allow) E:\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{49D5ADF2-0DC0-4DB0-8EAF-FF76157AE316}] => (Allow) E:\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{CEBCF4CE-5EDC-4CB3-8B6B-C5C1EC205D29}] => (Allow) E:\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{AF8F4E24-0F5D-4413-9B51-B69313B49B32}] => (Allow) E:\Spiele\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{7A54992B-63E4-4861-BE1D-C903A496E3D6}] => (Allow) E:\Spiele\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{665F2AC5-BA4F-4375-9FF4-3FDF0E96CF20}] => (Allow) E:\Spiele\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{56B42876-D8F3-41D8-9E47-2AE0DB6D7DD4}] => (Allow) E:\Spiele\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{E1400299-5A20-4E8A-874B-7D4FF09D374A}E:\matlab\bin\win64\matlab.exe] => (Allow) E:\matlab\bin\win64\matlab.exe
FirewallRules: [UDP Query User{B14DC1C6-0DBF-4C08-AEB4-9EDA354A26B5}E:\matlab\bin\win64\matlab.exe] => (Allow) E:\matlab\bin\win64\matlab.exe
FirewallRules: [{4AE9977B-CEA9-4D56-9FC9-A549941BB483}] => (Block) E:\matlab\bin\win64\matlab.exe
FirewallRules: [{EF2D71D6-CD48-4C54-BDBA-2FD11A968F95}] => (Block) E:\matlab\bin\win64\matlab.exe
FirewallRules: [TCP Query User{C9497160-B828-49DB-A21E-51867E629B0A}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{A8206EF6-68DB-456C-99E8-893118992AC3}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{8CF620DD-5B90-4290-8BBB-3C27066A80EC}] => (Allow) E:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{C0ED202B-236D-4D23-BEB0-BB740966374C}] => (Allow) E:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{C70E9D44-F8D8-4506-9414-4D77F9BBB172}E:\spiele\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\spiele\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{5B333425-1A41-4713-ADA8-BF341FA1DF05}E:\spiele\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\spiele\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{E4651972-5D7B-470A-AC94-7997E343A73C}E:\spiele\hearthstone\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) E:\spiele\hearthstone\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{8ACA2B09-4D8C-4139-ABF1-C69B2E70DC59}E:\spiele\hearthstone\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) E:\spiele\hearthstone\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{EEB8F3C5-841C-4A4A-AFE0-CF99F663B9C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2520D515-1D67-406B-B14E-E39263E1BF65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6262FDE-837F-4B97-A4B0-E157E081E120}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FD4E2AC6-9EF1-4FF2-B2A9-2CED33F9F247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5ABE32E9-7EC4-4573-8D69-28251C51F21A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C6A37D98-CDD1-440D-A713-BDB7A618A343}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{608BA724-8572-43A2-B29F-DCF8BCE7AE6C}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{F58F2C01-CF82-45BD-B23E-5985D2670F92}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{3E7450EB-DD67-471C-82AC-07CBFD0D1F99}] => (Allow) E:\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{318CBC95-AFC8-4BD2-8F7F-72B9CA65F4CE}] => (Allow) E:\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [TCP Query User{E64983E4-6CF7-4546-921C-EC896F7EAA7D}C:\users\jan-niklas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jan-niklas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0279EDB1-630A-409A-8664-5936D29324C0}C:\users\jan-niklas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jan-niklas\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{42A12AF9-0E21-4E99-976E-4F04ED9131DD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{CD0F56CE-0D30-41F8-9619-33B22C8DEE48}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{CB3D63DB-0D23-4AE5-8A69-4946A96B9B88}] => (Allow) E:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{62831D43-16AD-4D12-B196-431246E504EA}] => (Allow) E:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{87B3CF01-FE35-43CD-A429-5865224990A9}E:\spiele\hearthstone\overwatch\overwatch.exe] => (Allow) E:\spiele\hearthstone\overwatch\overwatch.exe
FirewallRules: [UDP Query User{8CAB551F-A572-44A0-8E37-4BB8E1AA0882}E:\spiele\hearthstone\overwatch\overwatch.exe] => (Allow) E:\spiele\hearthstone\overwatch\overwatch.exe
FirewallRules: [{B15775E0-9D93-441F-AD21-6BB91744968C}] => (Allow) E:\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{792000E9-8040-4910-8265-ABDBF7A4B05A}] => (Allow) E:\Steam\SteamApps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{5CB3AD10-78CB-4008-9742-EBCCEA9329E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8C6D9331-97E5-4D44-B0F9-CF38247B5295}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23C20F50-2DFA-4EE2-8187-62864276B282}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D671A46F-01E0-4646-AE40-36BF477D5B19}] => (Allow) E:\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{3618F0EB-F1CE-47E4-8F69-8924DCDEDC7D}] => (Allow) E:\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{A25B1F5A-EF2A-4DE3-B26B-50607A548B5A}] => (Allow) E:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{16C3EA69-8284-41CD-B9ED-2981842912CE}] => (Allow) E:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{D96FA0F6-846C-4228-A68B-731E457321CC}] => (Allow) E:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C8CD97BF-2BD0-4B58-92AB-2686B3E7F02D}] => (Allow) E:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C409BF91-C273-423B-889F-C4A3A4101398}] => (Allow) E:\Spiele\WatchDogs\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{4010BE3A-CB23-4811-A656-5AF175FC91E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DA99B931-64B5-419D-ADEF-38466721178D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FD7D415E-2D12-47BC-A614-659266320A85}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35A0421F-8369-4C94-962E-EFD2072B5CB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F3F10887-7D08-4566-BF9E-EF59000AE4AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7A03B609-AA69-4C6A-9C14-11FD338EC94C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54F4A7BE-856D-4AFB-BC6F-DEAE93536189}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{8EE62A5C-6410-45FF-858C-792F6B0DC727}C:\users\jan-niklas\appdata\local\programs\sw-exporter\summoners war exporter.exe] => (Allow) C:\users\jan-niklas\appdata\local\programs\sw-exporter\summoners war exporter.exe
FirewallRules: [UDP Query User{5E9C5559-4965-46C7-BBFF-648E5EC76CB8}C:\users\jan-niklas\appdata\local\programs\sw-exporter\summoners war exporter.exe] => (Allow) C:\users\jan-niklas\appdata\local\programs\sw-exporter\summoners war exporter.exe
FirewallRules: [{7BFB198F-FF5B-46A4-B26D-1ECB06105A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/26/2017 08:37:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur fÃ¼r den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten fÃ¼r diesen Dienst sind nicht verfÃ¼gbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/26/2017 08:37:42 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (06/26/2017 08:37:42 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geÃ¶ffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (06/26/2017 08:37:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur fÃ¼r den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten fÃ¼r diesen Dienst sind nicht verfÃ¼gbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/26/2017 08:37:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur fÃ¼r den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten fÃ¼r diesen Dienst sind nicht verfÃ¼gbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/26/2017 08:37:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur fÃ¼r den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten fÃ¼r diesen Dienst sind nicht verfÃ¼gbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/26/2017 08:37:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur fÃ¼r den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten fÃ¼r diesen Dienst sind nicht verfÃ¼gbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/25/2017 10:59:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur fÃ¼r den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten fÃ¼r diesen Dienst sind nicht verfÃ¼gbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/25/2017 10:59:28 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (06/25/2017 10:59:28 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geÃ¶ffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.


Systemfehler:
=============
Error: (06/27/2017 03:32:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/27/2017 03:31:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MATLAB License Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/27/2017 03:31:32 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "JAN-NIKLASPC" auf Transport "NetBT_Tcpip_{72C6CD89-1FA8-4B0F-9B79-3EE156BDE258}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die RÃ¼cksetzfrequenz nicht abgelaufen ist.

Error: (06/27/2017 03:30:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/27/2017 02:34:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/27/2017 01:39:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/26/2017 02:05:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/26/2017 02:34:24 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/25/2017 12:08:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (06/25/2017 02:57:32 AM) (Source: DCOM) (EventID: 10010) (User: JAN-NIKLASPC)
Description: Der Server "App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-06-13 11:22:28.061
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-09 14:10:12.823
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-08 13:58:50.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-30 14:41:37.853
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-08 00:43:50.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-03 22:26:26.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-25 14:39:42.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-24 11:36:51.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-06 12:28:48.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-05 20:01:16.658
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8153.56 MB
Verfügbarer physikalischer RAM: 4535.32 MB
Summe virtueller Speicher: 15833.56 MB
Verfügbarer virtueller Speicher: 11169.03 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:104.25 GB) (Free:23.03 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:22.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C61DF51D)
Partition 1: (Active) - (Size=352 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=104.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.6 GB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CD608A50)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Jan90 · 27.06.2017, 19:38

TDSSKiller:

Code:

ATTFilter

20:23:34.0053 0x2d5c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
20:23:41.0989 0x2d5c  ============================================================
20:23:41.0989 0x2d5c  Current date / time: 2017/06/27 20:23:41.0989
20:23:41.0989 0x2d5c  SystemInfo:
20:23:41.0990 0x2d5c  
20:23:41.0990 0x2d5c  OS Version: 10.0.14393 ServicePack: 0.0
20:23:41.0990 0x2d5c  Product type: Workstation
20:23:41.0990 0x2d5c  ComputerName: JAN-NIKLASPC
20:23:41.0990 0x2d5c  UserName: Jan-Niklas
20:23:41.0990 0x2d5c  Windows directory: C:\WINDOWS
20:23:41.0990 0x2d5c  System windows directory: C:\WINDOWS
20:23:41.0990 0x2d5c  Running under WOW64
20:23:41.0990 0x2d5c  Processor architecture: Intel x64
20:23:41.0990 0x2d5c  Number of processors: 4
20:23:41.0990 0x2d5c  Page size: 0x1000
20:23:41.0990 0x2d5c  Boot type: Normal boot
20:23:41.0990 0x2d5c  CodeIntegrityOptions = 0x00000001
20:23:41.0990 0x2d5c  ============================================================
20:23:42.0266 0x2d5c  KLMD registered as C:\WINDOWS\system32\drivers\48069136.sys
20:23:42.0266 0x2d5c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1358, osProperties = 0x19
20:23:42.0625 0x2d5c  System UUID: {F73A8BE6-6F8F-DEDE-2FE8-889B69F9C1FB}
20:23:43.0711 0x2d5c  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:43.0711 0x2d5c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:43.0715 0x2d5c  ============================================================
20:23:43.0715 0x2d5c  \Device\Harddisk0\DR0:
20:23:43.0715 0x2d5c  MBR partitions:
20:23:43.0715 0x2d5c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAFFED
20:23:43.0715 0x2d5c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB0800, BlocksNum 0xD0801D6
20:23:43.0715 0x2d5c  \Device\Harddisk1\DR1:
20:23:43.0715 0x2d5c  MBR partitions:
20:23:43.0715 0x2d5c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:23:43.0715 0x2d5c  ============================================================
20:23:43.0716 0x2d5c  C: <-> \Device\Harddisk0\DR0\Partition2
20:23:43.0760 0x2d5c  E: <-> \Device\Harddisk1\DR1\Partition1
20:23:43.0760 0x2d5c  ============================================================
20:23:43.0760 0x2d5c  Initialize success
20:23:43.0760 0x2d5c  ============================================================
20:24:11.0386 0x0698  ============================================================
20:24:11.0386 0x0698  Scan started
20:24:11.0386 0x0698  Mode: Manual; SigCheck; TDLFS; 
20:24:11.0386 0x0698  ============================================================
20:24:11.0386 0x0698  KSN ping started
20:24:12.0343 0x0698  KSN ping finished: true
20:24:13.0532 0x0698  ================ Scan system memory ========================
20:24:13.0532 0x0698  System memory - ok
20:24:13.0533 0x0698  ================ Scan services =============================
20:24:13.0631 0x0698  1394ohci - ok
20:24:13.0633 0x0698  3ware - ok
20:24:13.0636 0x0698  ACPI - ok
20:24:13.0639 0x0698  AcpiDev - ok
20:24:13.0641 0x0698  acpiex - ok
20:24:13.0643 0x0698  acpipagr - ok
20:24:13.0646 0x0698  AcpiPmi - ok
20:24:13.0648 0x0698  acpitime - ok
20:24:13.0655 0x0698  [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
20:24:13.0908 0x0698  acsock - ok
20:24:14.0059 0x0698  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:14.0101 0x0698  AdobeARMservice - ok
20:24:14.0124 0x0698  [ 7DE8B8AC559E16AEB388E7D098E7C288, 37F24B6182E3DE39BDE568304E5ED97CDE9CB45B6BF5C7A4096A09138C1D0B89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:14.0243 0x0698  AdobeFlashPlayerUpdateSvc - ok
20:24:14.0247 0x0698  ADP80XX - ok
20:24:14.0252 0x0698  AFD - ok
20:24:14.0260 0x0698  ahcache - ok
20:24:14.0262 0x0698  AJRouter - ok
20:24:14.0264 0x0698  ALG - ok
20:24:14.0267 0x0698  AmdK8 - ok
20:24:14.0270 0x0698  AmdPPM - ok
20:24:14.0272 0x0698  amdsata - ok
20:24:14.0275 0x0698  amdsbs - ok
20:24:14.0278 0x0698  amdxata - ok
20:24:14.0302 0x0698  [ 2C5A37BC42D91CD54FEAFCC51D3E4924, FDF678E91D1FAF789A2E0C8315D65D4BAF7997705D66D0450EFF81631BD79F59 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:24:14.0388 0x0698  AntiVirMailService - ok
20:24:14.0400 0x0698  [ 1CE285653AD840CBC168957C5ACA6DDE, DBF70B3AFBF5287332B27534E94F2917E3960B74ADBEED938AFD16B87065A2A9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:24:14.0428 0x0698  AntiVirSchedulerService - ok
20:24:14.0445 0x0698  [ 1CE285653AD840CBC168957C5ACA6DDE, DBF70B3AFBF5287332B27534E94F2917E3960B74ADBEED938AFD16B87065A2A9 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:24:14.0481 0x0698  AntiVirService - ok
20:24:14.0654 0x0698  [ B1DEA30E906DC1A90AA9D89FBF3FE490, B37AA43BA8B3C91A657C94D9621C40818BAAFF6C2445D66C4C225E9DB657C2A3 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:24:14.0694 0x0698  AntiVirWebService - ok
20:24:14.0701 0x0698  AppID - ok
20:24:14.0704 0x0698  AppIDSvc - ok
20:24:14.0706 0x0698  Appinfo - ok
20:24:14.0715 0x0698  [ A5E8EB3B4244358F62DADF769DB59567, 76FE364D9A896424E4C2BCA5F66CFF31F22513851B7E4B65EDE206DF159DA67F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:14.0753 0x0698  Apple Mobile Device Service - ok
20:24:14.0755 0x0698  applockerfltr - ok
20:24:14.0758 0x0698  AppReadiness - ok
20:24:14.0761 0x0698  AppXSvc - ok
20:24:14.0764 0x0698  arcsas - ok
20:24:14.0767 0x0698  AsyncMac - ok
20:24:14.0773 0x0698  atapi - ok
20:24:14.0775 0x0698  AudioEndpointBuilder - ok
20:24:14.0778 0x0698  Audiosrv - ok
20:24:14.0782 0x0698  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\WINDOWS\system32\DRIVERS\avdevprot.sys
20:24:14.0795 0x0698  avdevprot - ok
20:24:14.0811 0x0698  [ 0C6D49FFD4B70F95E24EF5311ED57A28, AB58DC263E3B5DE2E5E76DCBE8061D9B6736B411C2D572E56AD68BB326818FAF ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:24:14.0824 0x0698  avgntflt - ok
20:24:14.0830 0x0698  [ DAA6BD143D3AC4274791018FFAD5543A, 2D85818C52FF768579528A81DEB8D106421D986B28837B301F53B600E382E6CF ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:24:14.0840 0x0698  avipbb - ok
20:24:14.0852 0x0698  [ 0BEA4FBBB8AE477B437A8077C48AE5D0, 5B1ABDB03E2B0B99D16E95CDD61802C9D89A98718CF59E783DA1B77EF305C8C5 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:24:14.0865 0x0698  Avira.ServiceHost - ok
20:24:14.0869 0x0698  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:24:14.0883 0x0698  avkmgr - ok
20:24:14.0887 0x0698  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
20:24:14.0911 0x0698  avnetflt - ok
20:24:14.0914 0x0698  AxInstSV - ok
20:24:14.0916 0x0698  b06bdrv - ok
20:24:14.0919 0x0698  BasicDisplay - ok
20:24:14.0922 0x0698  BasicRender - ok
20:24:14.0926 0x0698  bcmfn - ok
20:24:14.0928 0x0698  bcmfn2 - ok
20:24:14.0931 0x0698  BDESVC - ok
20:24:14.0933 0x0698  Beep - ok
20:24:14.0964 0x0698  [ 34E728ACD12ACC3C8502F437DF4D6601, 025B8A3C463ADEA72FB0A3F70B148547E45091F54A2040E3B07E82EC37430D7E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
20:24:15.0065 0x0698  BEService - ok
20:24:15.0068 0x0698  BFE - ok
20:24:15.0070 0x0698  BITS - ok
20:24:15.0080 0x0698  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:15.0144 0x0698  Bonjour Service - ok
20:24:15.0147 0x0698  bowser - ok
20:24:15.0149 0x0698  BrokerInfrastructure - ok
20:24:15.0154 0x0698  Browser - ok
20:24:15.0156 0x0698  BthAvrcpTg - ok
20:24:15.0158 0x0698  BthHFEnum - ok
20:24:15.0161 0x0698  bthhfhid - ok
20:24:15.0164 0x0698  BthHFSrv - ok
20:24:15.0166 0x0698  BTHMODEM - ok
20:24:15.0171 0x0698  bthserv - ok
20:24:15.0174 0x0698  buttonconverter - ok
20:24:15.0176 0x0698  CapImg - ok
20:24:15.0179 0x0698  cdfs - ok
20:24:15.0181 0x0698  CDPSvc - ok
20:24:15.0184 0x0698  CDPUserSvc - ok
20:24:15.0187 0x0698  cdrom - ok
20:24:15.0190 0x0698  CertPropSvc - ok
20:24:15.0192 0x0698  cht4iscsi - ok
20:24:15.0195 0x0698  cht4vbd - ok
20:24:15.0197 0x0698  circlass - ok
20:24:15.0200 0x0698  CLFS - ok
20:24:15.0202 0x0698  ClipSVC - ok
20:24:15.0204 0x0698  clreg - ok
20:24:15.0211 0x0698  CmBatt - ok
20:24:15.0213 0x0698  [ 84FC81FF9F291A0FC8D10933C1748F66, 46B6C64659A24C1D4917963FECEC2D6AED516C047762F0B4E67651CF8241A7D8 ] CM_VENDER_CMD   C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys
20:24:15.0302 0x0698  CM_VENDER_CMD - ok
20:24:15.0304 0x0698  CNG - ok
20:24:15.0307 0x0698  cnghwassist - ok
20:24:15.0535 0x0698  CompositeBus - ok
20:24:15.0538 0x0698  COMSysApp - ok
20:24:15.0540 0x0698  condrv - ok
20:24:15.0542 0x0698  CoreMessagingRegistrar - ok
20:24:15.0549 0x0698  CryptSvc - ok
20:24:15.0552 0x0698  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA64.sys
20:24:15.0562 0x0698  CVirtA - ok
20:24:15.0566 0x0698  dam - ok
20:24:15.0572 0x0698  DcomLaunch - ok
20:24:15.0574 0x0698  DcpSvc - ok
20:24:15.0578 0x0698  defragsvc - ok
20:24:15.0580 0x0698  DeviceAssociationService - ok
20:24:15.0589 0x0698  DeviceInstall - ok
20:24:15.0597 0x0698  DevQueryBroker - ok
20:24:15.0600 0x0698  Dfsc - ok
20:24:15.0607 0x0698  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:24:15.0620 0x0698  dg_ssudbus - ok
20:24:15.0633 0x0698  Dhcp - ok
20:24:15.0663 0x0698  diagnosticshub.standardcollector.service - ok
20:24:15.0666 0x0698  DiagTrack - ok
20:24:15.0669 0x0698  disk - ok
20:24:15.0680 0x0698  DmEnrollmentSvc - ok
20:24:15.0689 0x0698  dmvsc - ok
20:24:15.0697 0x0698  dmwappushservice - ok
20:24:15.0752 0x0698  Dnscache - ok
20:24:15.0759 0x0698  dot3svc - ok
20:24:15.0767 0x0698  DPS - ok
20:24:15.0841 0x0698  drmkaud - ok
20:24:15.0843 0x0698  DsmSvc - ok
20:24:15.0845 0x0698  DsSvc - ok
20:24:15.0847 0x0698  DXGKrnl - ok
20:24:15.0850 0x0698  EapHost - ok
20:24:15.0852 0x0698  ebdrv - ok
20:24:15.0855 0x0698  EFS - ok
20:24:15.0857 0x0698  EhStorClass - ok
20:24:15.0860 0x0698  EhStorTcgDrv - ok
20:24:15.0862 0x0698  embeddedmode - ok
20:24:15.0867 0x0698  EntAppSvc - ok
20:24:15.0871 0x0698  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
20:24:15.0905 0x0698  EpsonScanSvc - ok
20:24:15.0910 0x0698  [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] EPSON_PM_RPCV4_06 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
20:24:15.0928 0x0698  EPSON_PM_RPCV4_06 - ok
20:24:15.0954 0x0698  ErrDev - ok
20:24:15.0959 0x0698  [ 5C9CA030C451CB3553DB9094C68EE6E9, 0C2E6C874F4B19CA4A603B7767077378ABBDA325D9D73DB971D5DDF52C827745 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
20:24:15.0992 0x0698  ESProtectionDriver - ok
20:24:15.0996 0x0698  EventSystem - ok
20:24:15.0998 0x0698  exfat - ok
20:24:16.0000 0x0698  fastfat - ok
20:24:16.0003 0x0698  Fax - ok
20:24:16.0005 0x0698  fdc - ok
20:24:16.0007 0x0698  fdPHost - ok
20:24:16.0010 0x0698  FDResPub - ok
20:24:16.0012 0x0698  fhsvc - ok
20:24:16.0015 0x0698  FileCrypt - ok
20:24:16.0017 0x0698  FileInfo - ok
20:24:16.0019 0x0698  Filetrace - ok
20:24:16.0021 0x0698  flpydisk - ok
20:24:16.0023 0x0698  FltMgr - ok
20:24:16.0026 0x0698  FontCache - ok
20:24:16.0029 0x0698  FontCache3.0.0.0 - ok
20:24:16.0031 0x0698  FrameServer - ok
20:24:16.0034 0x0698  FsDepends - ok
20:24:16.0036 0x0698  Fs_Rec - ok
20:24:16.0039 0x0698  fvevol - ok
20:24:16.0104 0x0698  [ 11DD69E94F3B3F2614E88C5657011583, C87D588C3F6517F5ED42BB2512653E0D9860D98E043161686F3A4750F6ECBD40 ] GalaxyClientService E:\Spiele\The Witcher\GalaxyClient\GalaxyClientService.exe
20:24:16.0143 0x0698  GalaxyClientService - ok
20:24:16.0310 0x0698  [ CB8157B535DA674CA6CBEBE7E3BD5268, 1028FDA5207E9CF412BB0B1F0B984FEFEE511EBF8BD353F392F7052B0021F531 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
20:24:16.0512 0x0698  GalaxyCommunication - ok
20:24:16.0548 0x0698  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
20:24:16.0563 0x0698  gdrv - ok
20:24:16.0566 0x0698  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:24:16.0618 0x0698  GEARAspiWDM - ok
20:24:16.0621 0x0698  gencounter - ok
20:24:16.0624 0x0698  genericusbfn - ok
20:24:16.0686 0x0698  GPIOClx0101 - ok
20:24:16.0690 0x0698  gpsvc - ok
20:24:16.0693 0x0698  GpuEnergyDrv - ok
20:24:16.0703 0x0698  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:16.0771 0x0698  gupdate - ok
20:24:16.0815 0x0698  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:16.0889 0x0698  gupdatem - ok
20:24:16.0893 0x0698  [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
20:24:16.0960 0x0698  hamachi - ok
20:24:16.0964 0x0698  HDAudBus - ok
20:24:16.0971 0x0698  HidBatt - ok
20:24:16.0976 0x0698  HidBth - ok
20:24:16.0978 0x0698  hidi2c - ok
20:24:16.0981 0x0698  hidinterrupt - ok
20:24:16.0983 0x0698  HidIr - ok
20:24:16.0988 0x0698  hidserv - ok
20:24:16.0990 0x0698  HidUsb - ok
20:24:16.0993 0x0698  HomeGroupListener - ok
20:24:16.0995 0x0698  HomeGroupProvider - ok
20:24:16.0998 0x0698  HpSAMD - ok
20:24:17.0000 0x0698  HTTP - ok
20:24:17.0003 0x0698  HvHost - ok
20:24:17.0006 0x0698  hvservice - ok
20:24:17.0008 0x0698  hwpolicy - ok
20:24:17.0011 0x0698  hyperkbd - ok
20:24:17.0013 0x0698  i8042prt - ok
20:24:17.0016 0x0698  iagpio - ok
20:24:17.0018 0x0698  iai2c - ok
20:24:17.0022 0x0698  iaLPSS2i_GPIO2 - ok
20:24:17.0024 0x0698  iaLPSS2i_I2C - ok
20:24:17.0027 0x0698  iaLPSSi_GPIO - ok
20:24:17.0029 0x0698  iaLPSSi_I2C - ok
20:24:17.0042 0x0698  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:24:17.0100 0x0698  iaStorA - ok
20:24:17.0109 0x0698  iaStorAV - ok
20:24:17.0111 0x0698  [ 7F7A03D03FA18A0DB2DAC37A8D620E7F, B867A6B38EB81B6FE2501441D4CB69A2488A1F13BA558AB2B728A7507AB1BAC3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:24:17.0386 0x0698  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:24:17.0927 0x0698  Detect skipped due to KSN trusted
20:24:17.0927 0x0698  IAStorDataMgrSvc - ok
20:24:17.0929 0x0698  iaStorV - ok
20:24:17.0932 0x0698  ibbus - ok
20:24:17.0934 0x0698  icssvc - ok
20:24:17.0937 0x0698  IKEEXT - ok
20:24:17.0939 0x0698  IndirectKmd - ok
20:24:17.0996 0x0698  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:24:18.0136 0x0698  IntcAzAudAddService - ok
20:24:18.0153 0x0698  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:24:18.0241 0x0698  Intel(R) Capability Licensing Service Interface - ok
20:24:18.0244 0x0698  intelide - ok
20:24:18.0247 0x0698  intelpep - ok
20:24:18.0249 0x0698  intelppm - ok
20:24:18.0252 0x0698  iorate - ok
20:24:18.0254 0x0698  IpFilterDriver - ok
20:24:18.0256 0x0698  iphlpsvc - ok
20:24:18.0258 0x0698  IPMIDRV - ok
20:24:18.0261 0x0698  IPNAT - ok
20:24:18.0274 0x0698  [ 6F836118C67812A6CC3F8FC9EAF0E65D, 0E8F977B304890CC9D2FE07C713B2B3F1106A79D97CECDE105AD7FC084638F1F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:24:18.0331 0x0698  iPod Service - ok
20:24:18.0334 0x0698  irda - ok
20:24:18.0337 0x0698  IRENUM - ok
20:24:18.0339 0x0698  irmon - ok
20:24:18.0341 0x0698  isapnp - ok
20:24:18.0344 0x0698  iScsiPrt - ok
20:24:18.0349 0x0698  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:24:18.0418 0x0698  jhi_service - ok
20:24:18.0421 0x0698  kbdclass - ok
20:24:18.0424 0x0698  kbdhid - ok
20:24:18.0426 0x0698  kdnic - ok
20:24:18.0428 0x0698  KeyIso - ok
20:24:18.0430 0x0698  KSecDD - ok
20:24:18.0433 0x0698  KSecPkg - ok
20:24:18.0435 0x0698  ksthunk - ok
20:24:18.0438 0x0698  KtmRm - ok
20:24:18.0440 0x0698  L1C - ok
20:24:18.0444 0x0698  [ 35675894CDECE9175C82A15C1481C3D8, 2DDD7B41ECECB4F3388E58A0E84AB3E2143EB408CD51E1F447F6D778B0E1EE2B ] ladfGSS         C:\WINDOWS\system32\drivers\ladfGSS.sys
20:24:18.0549 0x0698  ladfGSS - ok
20:24:18.0559 0x0698  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
20:24:18.0616 0x0698  LADF_CaptureOnly - ok
20:24:18.0664 0x0698  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
20:24:18.0711 0x0698  LADF_RenderOnly - ok
20:24:18.0713 0x0698  LanmanServer - ok
20:24:18.0716 0x0698  LanmanWorkstation - ok
20:24:18.0728 0x0698  [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:24:18.0751 0x0698  LBTServ - ok
20:24:18.0790 0x0698  lfsvc - ok
20:24:18.0836 0x0698  [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
20:24:18.0880 0x0698  LGBusEnum - ok
20:24:18.0883 0x0698  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
20:24:18.0919 0x0698  LGCoreTemp - ok
20:24:19.0002 0x0698  [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
20:24:19.0048 0x0698  LGJoyXlCore - ok
20:24:19.0062 0x0698  [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
20:24:19.0136 0x0698  LGVirHid - ok
20:24:19.0138 0x0698  LicenseManager - ok
20:24:19.0140 0x0698  lltdio - ok
20:24:19.0143 0x0698  lltdsvc - ok
20:24:19.0146 0x0698  lmhosts - ok
20:24:19.0153 0x0698  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:24:19.0170 0x0698  LMS - ok
20:24:19.0176 0x0698  [ 102E0AA783836F31D44212D2F2BCC0AB, 95E948EDD4EBC5ABB42481FD3A98BBE9797AAB1753AF88EAD213FC6526BDC58A ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
20:24:19.0186 0x0698  LogiRegistryService - ok
20:24:19.0190 0x0698  LSI_SAS - ok
20:24:19.0192 0x0698  LSI_SAS2i - ok
20:24:19.0194 0x0698  LSI_SAS3i - ok
20:24:19.0197 0x0698  LSI_SSS - ok
20:24:19.0199 0x0698  LSM - ok
20:24:19.0202 0x0698  luafv - ok
20:24:19.0204 0x0698  MapsBroker - ok
20:24:19.0312 0x0698  [ F53C8F96F750CC8ECAE9A2AEC4881EB9, 7978C2785185B436BEA2FA77FFC0258A00C1CA4E8F68889FCEB3F5323531ACE4 ] MATLAB License Server E:\Matlab\etc\win64\lmgrd.exe
20:24:19.0366 0x0698  MATLAB License Server - ok
20:24:19.0471 0x0698  [ E095FFE590241C1765D093E91E325147, 1D1B05A441249F41BFF410DA8A9A32A60D604B002B98E945B9909E5C7E8F0C79 ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
20:24:19.0660 0x0698  MBAMChameleon - ok
20:24:19.0664 0x0698  [ C51267EE2726707D38C489C06DDF01ED, BFA9BFB8D2E1581CBF4833DC3D86A88C94B64B3B17D440894AEB111E749E4497 ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
20:24:19.0687 0x0698  MBAMFarflt - ok
20:24:19.0713 0x0698  [ 68B3141EEFEA3AF9C244945B52247241, D1FADE0D02E3F3518057BC730018B749813B4A4930796D26908080B43675E3DA ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
20:24:19.0731 0x0698  MBAMProtection - ok
20:24:19.0891 0x0698  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
20:24:20.0010 0x0698  MBAMService - ok
20:24:20.0095 0x0698  [ 913F4230E29E312D1B4B02E2BAC67C87, 5C772DA7F2454CAFEA981E18ABCE717FE0D065EE996FB758817F3EF775B0AC14 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:24:20.0110 0x0698  MBAMSwissArmy - ok
20:24:20.0114 0x0698  [ 80F6C490D2966D0135DF5999E6DE1A0B, B866CC2806A25108281B6530FC9D8D72CB30E3B2B505D18E0401BA63275D3B50 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
20:24:20.0128 0x0698  MBAMWebProtection - ok
20:24:20.0140 0x0698  megasas - ok
20:24:20.0143 0x0698  megasas2i - ok
20:24:20.0152 0x0698  megasr - ok
20:24:20.0155 0x0698  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
20:24:20.0173 0x0698  MEIx64 - ok
20:24:20.0180 0x0698  MessagingService - ok
20:24:20.0452 0x0698  Microsoft SharePoint Workspace Audit Service - ok
20:24:20.0454 0x0698  mlx4_bus - ok
20:24:20.0456 0x0698  MMCSS - ok
20:24:20.0459 0x0698  Modem - ok
20:24:20.0461 0x0698  monitor - ok
20:24:20.0463 0x0698  mouclass - ok
20:24:20.0466 0x0698  mouhid - ok
20:24:20.0468 0x0698  mountmgr - ok
20:24:20.0475 0x0698  [ 210E9F5AA212E9E669A1B4131ED01AFA, FB2FF1C32497697F4ABE9F6A4754F5C4B1324318546E7274C0F05022C637AE33 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:20.0498 0x0698  MozillaMaintenance - ok
20:24:20.0501 0x0698  mpsdrv - ok
20:24:20.0648 0x0698  MpsSvc - ok
20:24:20.0655 0x0698  MRxDAV - ok
20:24:20.0660 0x0698  mrxsmb - ok
20:24:20.0663 0x0698  mrxsmb10 - ok
20:24:20.0696 0x0698  mrxsmb20 - ok
20:24:20.0740 0x0698  MsBridge - ok
20:24:20.0768 0x0698  MSDTC - ok
20:24:20.0772 0x0698  Msfs - ok
20:24:20.0775 0x0698  msgpiowin32 - ok
20:24:20.0782 0x0698  mshidkmdf - ok
20:24:20.0784 0x0698  mshidumdf - ok
20:24:20.0788 0x0698  msisadrv - ok
20:24:20.0791 0x0698  MSiSCSI - ok
20:24:20.0794 0x0698  msiserver - ok
20:24:20.0796 0x0698  MSKSSRV - ok
20:24:20.0798 0x0698  MsLldp - ok
20:24:20.0801 0x0698  MSPCLOCK - ok
20:24:20.0803 0x0698  MSPQM - ok
20:24:20.0805 0x0698  MsRPC - ok
20:24:20.0809 0x0698  mssmbios - ok
20:24:20.0893 0x0698  MSTEE - ok
20:24:20.0897 0x0698  MTConfig - ok
20:24:20.0899 0x0698  Mup - ok
20:24:20.0919 0x0698  mvumis - ok
20:24:20.0923 0x0698  NativeWifiP - ok
20:24:20.0927 0x0698  NcaSvc - ok
20:24:20.0934 0x0698  NcbService - ok
20:24:20.0936 0x0698  NcdAutoSetup - ok
20:24:20.0938 0x0698  ndfltr - ok
20:24:20.0943 0x0698  NDIS - ok
20:24:20.0954 0x0698  NdisCap - ok
20:24:20.0978 0x0698  NdisImPlatform - ok
20:24:20.0980 0x0698  NdisTapi - ok
20:24:20.0982 0x0698  Ndisuio - ok
20:24:20.0989 0x0698  NdisVirtualBus - ok
20:24:20.0991 0x0698  NdisWan - ok
20:24:20.0993 0x0698  ndiswanlegacy - ok
20:24:21.0002 0x0698  ndproxy - ok
20:24:21.0004 0x0698  Ndu - ok
20:24:21.0010 0x0698  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
20:24:21.0100 0x0698  Netaapl - ok
20:24:21.0102 0x0698  NetAdapterCx - ok
20:24:21.0105 0x0698  NetBIOS - ok
20:24:21.0108 0x0698  NetBT - ok
20:24:21.0111 0x0698  Netlogon - ok
20:24:21.0138 0x0698  Netman - ok
20:24:21.0143 0x0698  netprofm - ok
20:24:21.0146 0x0698  NetSetupSvc - ok
20:24:21.0154 0x0698  NetTcpPortSharing - ok
20:24:21.0172 0x0698  NgcCtnrSvc - ok
20:24:21.0175 0x0698  NgcSvc - ok
20:24:21.0178 0x0698  NlaSvc - ok
20:24:21.0180 0x0698  Npfs - ok
20:24:21.0182 0x0698  npggsvc - ok
20:24:21.0185 0x0698  npsvctrig - ok
20:24:21.0188 0x0698  nsi - ok
20:24:21.0190 0x0698  nsiproxy - ok
20:24:21.0194 0x0698  NTFS - ok
20:24:21.0196 0x0698  Null - ok
20:24:21.0206 0x0698  [ C93013BBB38330C73285547174F8FEE1, 2CCC8B1A868098EBEACF4D4E178002D382E9BB28CC0D57D76E0813C56DB1BC98 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
20:24:21.0242 0x0698  NvContainerLocalSystem - ok
20:24:21.0259 0x0698  [ C93013BBB38330C73285547174F8FEE1, 2CCC8B1A868098EBEACF4D4E178002D382E9BB28CC0D57D76E0813C56DB1BC98 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
20:24:21.0287 0x0698  NvContainerNetworkService - ok
20:24:21.0377 0x0698  [ 302A57479E9A2A95CE723521A7ED1BD0, CEF8E26DBCA2E840ED32378193127FDC321828D28941AE42C5AA800613A85E91 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
20:24:21.0416 0x0698  NVHDA - ok
20:24:22.0511 0x0698  [ E0854DA823FBC14F750BFD46E690F60F, BAACD13006B7EA377BC57CA502D342097E327486957F905DD720C870C1B4C67C ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys
20:24:22.0768 0x0698  nvlddmkm - ok
20:24:22.0799 0x0698  nvraid - ok
20:24:22.0802 0x0698  nvstor - ok
20:24:22.0805 0x0698  [ 4F75E1292E95EBFAD3A0CABB0972F7B8, E4E3AC25AFA4949765F75777769310CB6200A5F537F56205960B40775282FEC0 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:24:22.0828 0x0698  NvStreamKms - ok
20:24:22.0841 0x0698  [ 4D205C0A3C0118D41361F945F337977E, DBEF90119B68EEC7FECBF73D64A0AD63401237048B104B4570E7CEC5D2F38E3A ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
20:24:22.0865 0x0698  NvTelemetryContainer - ok
20:24:22.0956 0x0698  [ 54ABC4EA39DDE92977DCE644D325213A, D754E5D0418B3C48AD9988D1A2705975C78C8B87990E211651C388A76FB17E51 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:24:22.0965 0x0698  nvvad_WaveExtensible - ok
20:24:22.0980 0x0698  [ B6704EE5A17116F0723014F0C3DA1954, 2319837173981DCC818E433AAE87A2BA7C90EAE43C6C218C18AD8353C4162114 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
20:24:22.0989 0x0698  nvvhci - ok
20:24:23.0032 0x0698  OneSyncSvc - ok
20:24:23.0110 0x0698  [ 42467D28DCFAEDBA6DC0EE30017DDECE, C77430D4AE994E526B293957303AB725E09C3D3712562E3FA1B0EA68CFEE6C34 ] Origin Client Service E:\Spiele\Origin\OriginClientService.exe
20:24:23.0165 0x0698  Origin Client Service - ok
20:24:23.0234 0x0698  [ CD8AC370189D6B4A899D9E9C011D58AC, 158757A34AC35BCFDA6ECE5D2C8E695A26DA864E15D855938FE6B6EB7416CEE9 ] Origin Web Helper Service E:\Spiele\Origin\OriginWebHelperService.exe
20:24:23.0298 0x0698  Origin Web Helper Service - ok
20:24:23.0429 0x0698  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:24:23.0455 0x0698  ose - ok
20:24:23.0621 0x0698  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:24:23.0711 0x0698  osppsvc - ok
20:24:23.0825 0x0698  [ FB225D5F63524DC7B9EC0E126AB2E95F, D5DEE9256A5378AA9E92E55FDBCED5B2457F90DC4385AD5A2E7B6DDBC63F0FE3 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
20:24:23.0874 0x0698  OverwolfUpdater - ok
20:24:23.0885 0x0698  p2pimsvc - ok
20:24:23.0888 0x0698  p2psvc - ok
20:24:23.0891 0x0698  Parport - ok
20:24:23.0894 0x0698  partmgr - ok
20:24:23.0897 0x0698  PcaSvc - ok
20:24:23.0899 0x0698  pci - ok
20:24:23.0903 0x0698  pciide - ok
20:24:23.0906 0x0698  pcmcia - ok
20:24:23.0908 0x0698  pcw - ok
20:24:23.0915 0x0698  pdc - ok
20:24:23.0918 0x0698  PEAUTH - ok
20:24:23.0920 0x0698  percsas2i - ok
20:24:23.0924 0x0698  percsas3i - ok
20:24:23.0994 0x0698  PerfHost - ok
20:24:24.0000 0x0698  PhoneSvc - ok
20:24:24.0003 0x0698  PimIndexMaintenanceSvc - ok
20:24:24.0007 0x0698  pla - ok
20:24:24.0010 0x0698  PlugPlay - ok
20:24:24.0012 0x0698  PnkBstrA - ok
20:24:24.0016 0x0698  PNRPAutoReg - ok
20:24:24.0019 0x0698  PNRPsvc - ok
20:24:24.0022 0x0698  PolicyAgent - ok
20:24:24.0026 0x0698  Power - ok
20:24:24.0029 0x0698  PptpMiniport - ok
20:24:24.0130 0x0698  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:24:24.0375 0x0698  PrintNotify - ok
20:24:24.0381 0x0698  Processor - ok
20:24:24.0384 0x0698  ProfSvc - ok
20:24:24.0387 0x0698  Psched - ok
20:24:24.0390 0x0698  QWAVE - ok
20:24:24.0392 0x0698  QWAVEdrv - ok
20:24:24.0395 0x0698  RasAcd - ok
20:24:24.0423 0x0698  RasAgileVpn - ok
20:24:24.0426 0x0698  RasAuto - ok
20:24:24.0429 0x0698  Rasl2tp - ok
20:24:24.0431 0x0698  RasMan - ok
20:24:24.0436 0x0698  RasPppoe - ok
20:24:24.0440 0x0698  RasSstp - ok
20:24:24.0442 0x0698  rdbss - ok
20:24:24.0446 0x0698  rdpbus - ok
20:24:24.0502 0x0698  RDPDR - ok
20:24:24.0510 0x0698  RdpVideoMiniport - ok
20:24:24.0512 0x0698  rdyboost - ok
20:24:24.0515 0x0698  ReFSv1 - ok
20:24:24.0522 0x0698  RemoteAccess - ok
20:24:24.0542 0x0698  RemoteRegistry - ok
20:24:24.0545 0x0698  RetailDemo - ok
20:24:24.0548 0x0698  RmSvc - ok
20:24:24.0551 0x0698  RpcEptMapper - ok
20:24:24.0553 0x0698  RpcLocator - ok
20:24:24.0556 0x0698  RpcSs - ok
20:24:24.0559 0x0698  rspndr - ok
20:24:24.0562 0x0698  s3cap - ok
20:24:24.0564 0x0698  SamSs - ok
20:24:24.0568 0x0698  sbp2port - ok
20:24:24.0572 0x0698  SCardSvr - ok
20:24:24.0576 0x0698  ScDeviceEnum - ok
20:24:24.0580 0x0698  scfilter - ok
20:24:24.0583 0x0698  Schedule - ok
20:24:24.0586 0x0698  scmbus - ok
20:24:24.0589 0x0698  scmdisk0101 - ok
20:24:24.0593 0x0698  SCPolicySvc - ok
20:24:24.0596 0x0698  sdbus - ok
20:24:24.0599 0x0698  SDRSVC - ok
20:24:24.0603 0x0698  sdstor - ok
20:24:24.0606 0x0698  seclogon - ok
20:24:24.0609 0x0698  SENS - ok
20:24:24.0613 0x0698  SensorDataService - ok
20:24:24.0615 0x0698  SensorService - ok
20:24:24.0618 0x0698  SensrSvc - ok
20:24:24.0621 0x0698  SerCx - ok
20:24:24.0624 0x0698  SerCx2 - ok
20:24:24.0627 0x0698  Serenum - ok
20:24:24.0630 0x0698  Serial - ok
20:24:24.0632 0x0698  sermouse - ok
20:24:24.0641 0x0698  SessionEnv - ok
20:24:24.0644 0x0698  sfloppy - ok
20:24:24.0647 0x0698  SharedAccess - ok
20:24:24.0650 0x0698  ShellHWDetection - ok
20:24:24.0655 0x0698  shpamsvc - ok
20:24:24.0706 0x0698  SiSRaid2 - ok
20:24:24.0709 0x0698  SiSRaid4 - ok
20:24:24.0731 0x0698  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:24:24.0751 0x0698  SkypeUpdate - ok
20:24:24.0829 0x0698  smphost - ok
20:24:24.0847 0x0698  SmsRouter - ok
20:24:24.0856 0x0698  SNMPTRAP - ok
20:24:24.0928 0x0698  spaceport - ok
20:24:24.0932 0x0698  SpbCx - ok
20:24:24.0943 0x0698  Spooler - ok
20:24:24.0948 0x0698  sppsvc - ok
20:24:24.0952 0x0698  srv - ok
20:24:24.0959 0x0698  srv2 - ok
20:24:24.0997 0x0698  srvnet - ok
20:24:25.0001 0x0698  SSDPSRV - ok
20:24:25.0020 0x0698  SstpSvc - ok
20:24:25.0029 0x0698  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:24:25.0042 0x0698  ssudmdm - ok
20:24:25.0046 0x0698  StateRepository - ok
20:24:25.0082 0x0698  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:24:25.0193 0x0698  Steam Client Service - ok
20:24:25.0256 0x0698  stexstor - ok
20:24:25.0259 0x0698  stisvc - ok
20:24:25.0262 0x0698  storahci - ok
20:24:25.0265 0x0698  storflt - ok
20:24:25.0267 0x0698  stornvme - ok
20:24:25.0270 0x0698  storqosflt - ok
20:24:25.0273 0x0698  StorSvc - ok
20:24:25.0276 0x0698  storufs - ok
20:24:25.0278 0x0698  storvsc - ok
20:24:25.0282 0x0698  svsvc - ok
20:24:25.0286 0x0698  swenum - ok
20:24:25.0289 0x0698  swprv - ok
20:24:25.0292 0x0698  Synth3dVsc - ok
20:24:25.0295 0x0698  SysMain - ok
20:24:25.0334 0x0698  SystemEventsBroker - ok
20:24:25.0337 0x0698  TabletInputService - ok
20:24:25.0340 0x0698  TapiSrv - ok
20:24:25.0343 0x0698  Tcpip - ok
20:24:25.0346 0x0698  Tcpip6 - ok
20:24:25.0351 0x0698  tcpipreg - ok
20:24:25.0355 0x0698  tdx - ok
20:24:25.0358 0x0698  terminpt - ok
20:24:25.0361 0x0698  TermService - ok
20:24:25.0364 0x0698  Themes - ok
20:24:25.0367 0x0698  TieringEngineService - ok
20:24:25.0370 0x0698  tiledatamodelsvc - ok
20:24:25.0373 0x0698  TimeBrokerSvc - ok
20:24:25.0376 0x0698  TPM - ok
20:24:25.0379 0x0698  TrkWks - ok
20:24:25.0382 0x0698  TrustedInstaller - ok
20:24:25.0401 0x0698  tsusbflt - ok
20:24:25.0404 0x0698  TsUsbGD - ok
20:24:25.0407 0x0698  tunnel - ok
20:24:25.0410 0x0698  tzautoupdate - ok
20:24:25.0413 0x0698  UASPStor - ok
20:24:25.0416 0x0698  UcmCx0101 - ok
20:24:25.0419 0x0698  UcmTcpciCx0101 - ok
20:24:25.0422 0x0698  UcmUcsi - ok
20:24:25.0425 0x0698  Ucx01000 - ok
20:24:25.0428 0x0698  UdeCx - ok
20:24:25.0431 0x0698  udfs - ok
20:24:25.0434 0x0698  UEFI - ok
20:24:25.0437 0x0698  Ufx01000 - ok
20:24:25.0440 0x0698  UfxChipidea - ok
20:24:25.0443 0x0698  ufxsynopsys - ok
20:24:25.0449 0x0698  [ E5DA87DAB3A32FA03F13FCFAE4255084, B2155BD7A87F5A07FF4E30A9BA6650489519B0BD58B26367856D29C7DDC31981 ] UHSfiltv        C:\WINDOWS\system32\drivers\UHSfiltv.sys
20:24:25.0584 0x0698  UHSfiltv - ok
20:24:25.0587 0x0698  UI0Detect - ok
20:24:25.0590 0x0698  umbus - ok
20:24:25.0593 0x0698  UmPass - ok
20:24:25.0596 0x0698  UmRdpService - ok
20:24:25.0602 0x0698  UnistoreSvc - ok
20:24:25.0638 0x0698  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:24:25.0657 0x0698  UNS - ok
20:24:25.0663 0x0698  upnphost - ok
20:24:25.0667 0x0698  UrsChipidea - ok
20:24:25.0670 0x0698  UrsCx01000 - ok
20:24:25.0672 0x0698  UrsSynopsys - ok
20:24:25.0676 0x0698  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:24:25.0743 0x0698  USBAAPL64 - ok
20:24:25.0746 0x0698  usbaudio - ok
20:24:25.0749 0x0698  usbccgp - ok
20:24:25.0753 0x0698  usbcir - ok
20:24:25.0756 0x0698  usbehci - ok
20:24:25.0759 0x0698  usbhub - ok
20:24:25.0762 0x0698  USBHUB3 - ok
20:24:25.0765 0x0698  usbohci - ok
20:24:25.0768 0x0698  usbprint - ok
20:24:25.0772 0x0698  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:24:25.0817 0x0698  usbscan - ok
20:24:25.0866 0x0698  usbser - ok
20:24:25.0870 0x0698  USBSTOR - ok
20:24:25.0873 0x0698  usbuhci - ok
20:24:25.0878 0x0698  USBXHCI - ok
20:24:25.0881 0x0698  UserDataSvc - ok
20:24:25.0886 0x0698  UserManager - ok
20:24:25.0892 0x0698  UsoSvc - ok
20:24:25.0895 0x0698  VaultSvc - ok
20:24:25.0900 0x0698  vdrvroot - ok
20:24:25.0903 0x0698  vds - ok
20:24:25.0907 0x0698  VerifierExt - ok
20:24:25.0910 0x0698  vhdmp - ok
20:24:25.0913 0x0698  vhf - ok
20:24:25.0963 0x0698  vmbus - ok
20:24:25.0966 0x0698  VMBusHID - ok
20:24:25.0972 0x0698  vmgid - ok
20:24:25.0979 0x0698  vmicguestinterface - ok
20:24:25.0982 0x0698  vmicheartbeat - ok
20:24:25.0986 0x0698  vmickvpexchange - ok
20:24:25.0994 0x0698  vmicrdv - ok
20:24:25.0997 0x0698  vmicshutdown - ok
20:24:26.0000 0x0698  vmictimesync - ok
20:24:26.0004 0x0698  vmicvmsession - ok
20:24:26.0007 0x0698  vmicvss - ok
20:24:26.0010 0x0698  volmgr - ok
20:24:26.0016 0x0698  volmgrx - ok
20:24:26.0019 0x0698  volsnap - ok
20:24:26.0029 0x0698  volume - ok
20:24:26.0032 0x0698  vpci - ok
20:24:26.0110 0x0698  [ 05F1897706AA0C9F7336C0DC20E46B5B, 6F567997EC2C97922DB69F3A02F7A5443614312C37BC9F689FAB5B4661A9A29C ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:24:26.0131 0x0698  vpnagent - ok
20:24:26.0240 0x0698  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\System32\drivers\vpnva64-6.sys
20:24:26.0261 0x0698  vpnva - ok
20:24:26.0264 0x0698  vsmraid - ok
20:24:26.0267 0x0698  VSS - ok
20:24:26.0270 0x0698  VSTXRAID - ok
20:24:26.0273 0x0698  vwifibus - ok
20:24:26.0276 0x0698  vwififlt - ok
20:24:26.0279 0x0698  W32Time - ok
20:24:26.0282 0x0698  WacomPen - ok
20:24:26.0286 0x0698  WalletService - ok
20:24:26.0289 0x0698  wanarp - ok
20:24:26.0291 0x0698  wanarpv6 - ok
20:24:26.0323 0x0698  wbengine - ok
20:24:26.0327 0x0698  WbioSrvc - ok
20:24:26.0330 0x0698  wcifs - ok
20:24:26.0333 0x0698  Wcmsvc - ok
20:24:26.0336 0x0698  wcncsvc - ok
20:24:26.0339 0x0698  wcnfs - ok
20:24:26.0342 0x0698  WdBoot - ok
20:24:26.0345 0x0698  Wdf01000 - ok
20:24:26.0348 0x0698  WdFilter - ok
20:24:26.0351 0x0698  WdiServiceHost - ok
20:24:26.0355 0x0698  WdiSystemHost - ok
20:24:26.0358 0x0698  wdiwifi - ok
20:24:26.0361 0x0698  WdNisDrv - ok
20:24:26.0364 0x0698  WdNisSvc - ok
20:24:26.0369 0x0698  WebClient - ok
20:24:26.0373 0x0698  Wecsvc - ok
20:24:26.0376 0x0698  WEPHOSTSVC - ok
20:24:26.0379 0x0698  wercplsupport - ok
20:24:26.0382 0x0698  WerSvc - ok
20:24:26.0385 0x0698  WFPLWFS - ok
20:24:26.0389 0x0698  WiaRpc - ok
20:24:26.0394 0x0698  WIMMount - ok
20:24:26.0396 0x0698  WinDefend - ok
20:24:26.0445 0x0698  WindowsTrustedRT - ok
20:24:26.0451 0x0698  WindowsTrustedRTProxy - ok
20:24:26.0454 0x0698  WinHttpAutoProxySvc - ok
20:24:26.0458 0x0698  WinMad - ok
20:24:26.0467 0x0698  Winmgmt - ok
20:24:26.0470 0x0698  WinRM - ok
20:24:26.0476 0x0698  WINUSB - ok
20:24:26.0479 0x0698  WinVerbs - ok
20:24:26.0484 0x0698  wisvc - ok
20:24:26.0490 0x0698  WlanSvc - ok
20:24:26.0493 0x0698  wlidsvc - ok
20:24:26.0497 0x0698  WmiAcpi - ok
20:24:26.0502 0x0698  wmiApSrv - ok
20:24:26.0506 0x0698  WMPNetworkSvc - ok
20:24:26.0510 0x0698  Wof - ok
20:24:26.0530 0x0698  workfolderssvc - ok
20:24:26.0534 0x0698  WPDBusEnum - ok
20:24:26.0539 0x0698  WpdUpFltr - ok
20:24:26.0542 0x0698  WpnService - ok
20:24:26.0545 0x0698  WpnUserService - ok
20:24:26.0550 0x0698  ws2ifsl - ok
20:24:26.0607 0x0698  wscsvc - ok
20:24:26.0610 0x0698  WSearch - ok
20:24:26.0617 0x0698  wuauserv - ok
20:24:26.0620 0x0698  WudfPf - ok
20:24:26.0628 0x0698  WUDFRd - ok
20:24:26.0721 0x0698  wudfsvc - ok
20:24:26.0724 0x0698  WUDFWpdFs - ok
20:24:26.0727 0x0698  WUDFWpdMtp - ok
20:24:26.0731 0x0698  WwanSvc - ok
20:24:26.0734 0x0698  XblAuthManager - ok
20:24:26.0738 0x0698  XblGameSave - ok
20:24:26.0741 0x0698  xboxgip - ok
20:24:26.0744 0x0698  XboxNetApiSvc - ok
20:24:26.0749 0x0698  [ BD546B3E73971E53D76E63F3888B9D93, D9F906B707DD1C8D5B5D2EFF488921CDE99E06D35C2A16BCCBF41A74D3314482 ] xhunter1        C:\WINDOWS\xhunter1.sys
20:24:26.0755 0x0698  xhunter1 - ok
20:24:26.0832 0x0698  xinputhid - ok
20:24:26.0838 0x0698  xusb22 - ok
20:24:26.0839 0x0698  ================ Scan global ===============================
20:24:26.0860 0x0698  [ Global ] - ok
20:24:26.0860 0x0698  ================ Scan MBR ==================================
20:24:26.0865 0x0698  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:24:27.0987 0x0698  \Device\Harddisk0\DR0 - ok
20:24:28.0003 0x0698  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:24:28.0068 0x0698  \Device\Harddisk1\DR1 - ok
20:24:28.0068 0x0698  ================ Scan VBR ==================================
20:24:28.0069 0x0698  [ 6AE2B4478CCFBE5EF4ED97CD8300A63E ] \Device\Harddisk0\DR0\Partition1
20:24:28.0071 0x0698  \Device\Harddisk0\DR0\Partition1 - ok
20:24:28.0072 0x0698  [ 89FFCD70E136EE0BC5E3410F55F82363 ] \Device\Harddisk0\DR0\Partition2
20:24:28.0075 0x0698  \Device\Harddisk0\DR0\Partition2 - ok
20:24:28.0076 0x0698  [ D0124074A568228B9B07FDFE7C355E45 ] \Device\Harddisk1\DR1\Partition1
20:24:28.0077 0x0698  \Device\Harddisk1\DR1\Partition1 - ok
20:24:28.0077 0x0698  ================ Scan generic autorun ======================
20:24:28.0333 0x0698  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:24:28.0743 0x0698  RtHDVCpl - ok
20:24:28.0808 0x0698  [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
20:24:28.0900 0x0698  EvtMgr6 - ok
20:24:29.0440 0x0698  [ 23D6372CDF9D045BA22F50EF6889E025, 3F41E7CF5019ABEAF917FA86A0E182AAF1A3F18890767A82EFE3BFCEBA229CA1 ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:24:29.0758 0x0698  Launch LCore - ok
20:24:29.0777 0x0698  [ 782A31DB311AAC5F9CB50DDD9228867A, E200DFE8E1F8F8EEA26EDD76A3A3843EFDAE0A2284808D65C9DA6C4F76970E29 ] C:\Program Files\iTunes\iTunesHelper.exe
20:24:29.0838 0x0698  iTunesHelper - ok
20:24:29.0895 0x0698  [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
20:24:29.0964 0x0698  Malwarebytes TrayApp - ok
20:24:29.0970 0x0698  [ D1931AB351D1F3935BDE2BEFD427F925, 680F9597B313EEDB5524975348BBB5F5F3114FE23D5FC2061CD3C00E5F6ED034 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:24:29.0981 0x0698  IAStorIcon - ok
20:24:29.0985 0x0698  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
20:24:30.0002 0x0698  BCSSync - ok
20:24:30.0021 0x0698  [ 323B5D30CEA1179661F03E87B95B79D8, 1F3A11B908FF01D850DA71EF8FD4CD4D60C3EA76DDF308DA090C4EBF752599CE ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:24:30.0048 0x0698  avgnt - ok
20:24:30.0054 0x0698  [ 2CFE20EA0DB2174B564E6A1E4D378213, E2919B1ABC7F5D2269E6DE9A9B32BD3CD8DA4689A19C1594A02E1F7B2A67EEEC ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:24:30.0078 0x0698  Avira SystrayStartTrigger - ok
20:24:30.0101 0x0698  [ 68F1419721354EC1F78A71E10B54FCA8, 5BB4814BD28EE8ABB15BE6B8E723F6960F37EC17A619F5D93EFBCC6FC59502F6 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
20:24:30.0137 0x0698  Cisco AnyConnect Secure Mobility Agent for Windows - ok
20:24:30.0153 0x0698  OneDriveSetup - ok
20:24:30.0154 0x0698  OneDriveSetup - ok
20:24:30.0167 0x0698  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
20:24:30.0201 0x0698  OfficeSyncProcess - ok
20:24:30.0235 0x0698  [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\Jan-Niklas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:24:30.0278 0x0698  OneDrive - ok
20:24:30.0440 0x0698  [ 8D3D5BA1638778DE87503E5FEA68DC9F, D54C2B375A6F8A49BC53CAA3ED8A0EEBF53FD113BB47622F4AE6DA762D194FE7 ] C:\Program Files\CCleaner\CCleaner64.exe
20:24:30.0608 0x0698  CCleaner Monitoring - ok
20:24:30.0828 0x0698  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE
20:24:30.0839 0x0698  EPLTarget\P0000000000000000 - ok
20:24:30.0840 0x0698  Waiting for KSN requests completion. In queue: 63
20:24:31.0888 0x0698  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.27.34 ), 0x41000 ( enabled : updated )
20:24:31.0890 0x0698  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
20:24:32.0015 0x0698  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
20:24:32.0076 0x0698  Win FW state via NFP2: enabled ( trusted )
20:24:32.0326 0x0698  ============================================================
20:24:32.0326 0x0698  Scan finished
20:24:32.0326 0x0698  ============================================================
20:24:32.0334 0x14fc  Detected object count: 0
20:24:32.0334 0x14fc  Actual detected object count: 0

cosinus · 02.07.2017, 13:20

Zitat:

System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe

Sehr bekannter Crack für Microsoft Office. Dieser Crack muss runter, ebenso das gecrackte Microsoft Office und alle etwaigen weiteren gecrackten Programme und Spiele. Ansonsten gibt es hier keinen Support.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Windows 10 64 Bit: Antivir findet TR/Crypt.ZPACK.gen2

Log-Analyse und Auswertung: Windows 10 64 Bit: Antivir findet TR/Crypt.ZPACK.gen2