Browser öffnen sich von selbst und laden immer wieder die Startseite (neue Tab)

schoko. · 08.07.2017, 20:15

Ich habe dieses Problem schon circa 2-3 Jahre und habe schon ein mal mein pc zurückgesetzt (kam aber wieder zurück) .
Ich habe das Problem das sich die Internet Browser selbständig öffnen und immer wieder zur Startseite Zurück katapultiert werde.
Dieses Problem habe ich bei Internet Explorer , google Chrom und Firefox.
Es kommt meistens zufällig und die geöffneten Seiten sind manchmal mehr und manchmal weniger
meistens wenn ich was mit der Maus was anklicke.
Fee Antivirus findet auch nichts merkwürdiges in der Art .
Ich habe herausgefunden wenn ich beim Task Manager bei Diensten die Explorer.exe schließe die Tabs aufhören sich automatisch zu öffnen jedoch immer wieder zurück zur Startseite gehen.
Ich danke schon mal im voraus für die Hilfe.

M-K-D-B · 09.07.2017, 12:58

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

schoko. · 09.07.2017, 21:19

[CODE
FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von luca (Administrator) auf LOCA (09-07-2017 21:50:21)
Gestartet von C:\Users\luca\Downloads
Geladene Profile: luca (Verfügbare Profile: luca)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Akamai Technologies, Inc.) C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Gaijin Entertainment) C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-06-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [66656 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Akamai NetSession Interface] => C:\Users\luca\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Discord] => C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048312 2017-06-29] (Electronic Arts)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Gaijin.Net Agent] => C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-29] (Gaijin Entertainment)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2017-04-17] (Wargaming.net)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [OpenOffice Updater] => C:\Users\luca\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-10] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{35ECA3E1-6589-4B86-B447-B8F42B038F1E}: [NameServer] 8.8.8.8,8.8.8.1
Tcpip\..\Interfaces\{35ECA3E1-6589-4B86-B447-B8F42B038F1E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-06-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-06-14] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default [2016-05-06]
FF Extension: (Avira Browser Safety) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\abs@avira.com [2016-05-01]
FF Extension: (Avira Password Manager) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\passwordmanager@avira.com [2017-06-22]
FF Extension: (Avira SafeSearch Plus) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\safesearchplus2@avira.com [2017-06-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2017-05-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2017-05-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-06-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-06-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-22] (NVIDIA Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-22] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-22] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default [2017-07-09]
CHR Extension: (Google Docs) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-08]
CHR Extension: (Google Drive) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-08]
CHR Extension: (YouTube) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-08]
CHR Extension: (Avira Password Manager) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2017-07-08]
CHR Extension: (Avira Browserschutz) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-08]
CHR Extension: (Google Docs Offline) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-08]
CHR Extension: (Google Mail) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-08]
CHR Profile: C:\Users\luca\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-22]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-06-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [335088 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [100816 2017-04-21] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-19] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-03-18] (BitRaider, LLC)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-05-01] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-03-19] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [778024 2017-06-27] (Reto-Moto ApS)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-22] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-22] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-06-29] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148184 2017-06-29] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-07-09] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-07-09] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-06-22] (Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-06-22] (Avira Operations GmbH & Co. KG)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-05-27] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-03-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-03-09] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2016-03-28] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-06-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-06-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-27] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7546544 2017-01-16] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-03-19] (BitRaider)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-12-04] (LogMeIn Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2016-03-28] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-22] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-10] (NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2016-03-09] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2016-03-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-03-09] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-09 21:50 - 2017-07-09 21:51 - 00022151 _____ C:\Users\luca\Downloads\FRST.txt
2017-07-09 21:50 - 2017-07-09 21:50 - 00000000 ____D C:\FRST
2017-07-09 21:47 - 2017-06-22 11:27 - 04110280 _____ C:\Users\luca\Desktop\adwcleaner_6.047 (1).exe
2017-07-09 21:44 - 2017-07-09 21:44 - 04922400 _____ (AO Kaspersky Lab) C:\Users\luca\Downloads\tdsskiller.exe
2017-07-09 21:42 - 2017-07-09 21:42 - 02437120 _____ (Farbar) C:\Users\luca\Downloads\FRST64.exe
2017-07-09 20:09 - 2017-07-09 20:09 - 00001251 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2017-07-09 20:08 - 2017-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-07-07 21:45 - 2017-07-07 21:45 - 00025839 _____ C:\Users\luca\Downloads\Lebenslauf Luca Müller (1).pdf
2017-07-07 21:44 - 2017-07-07 21:44 - 00025799 _____ C:\Users\luca\Downloads\Lebenslauf Luca Müller.pdf
2017-07-04 20:02 - 2017-07-04 20:02 - 00145203 _____ C:\Users\luca\Downloads\RB_Müller.pdf
2017-07-03 23:14 - 2017-07-08 21:14 - 00014901 _____ C:\Users\luca\Desktop\Unbenannt 1.odt
2017-07-02 19:13 - 2017-07-02 19:34 - 00000000 ____D C:\Users\luca\AppData\Local\MXM
2017-07-02 19:08 - 2017-07-02 19:08 - 00002025 _____ C:\Users\luca\Desktop\MXM.lnk
2017-07-02 19:08 - 2017-07-02 19:08 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayNC
2017-07-02 19:03 - 2017-07-02 19:03 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-07-01 11:48 - 2017-07-01 11:48 - 00000000 ____D C:\Users\luca\Screenshot
2017-06-27 20:50 - 2017-06-27 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-27 20:26 - 2017-06-27 20:27 - 00141850 _____ C:\Users\luca\Downloads\DeutschMod_2017-06-05.zip
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-25 03:41 - 2017-06-25 03:51 - 747242006 _____ C:\Users\luca\Downloads\CSS Game Content.zip
2017-06-25 03:41 - 2017-06-25 03:46 - 104042939 _____ C:\Users\luca\Downloads\CSS Maps.zip
2017-06-24 18:56 - 2017-06-24 18:56 - 00000000 ____D C:\Users\luca\AppData\LocalLow\PinoklGames
2017-06-24 01:12 - 2017-07-02 18:29 - 00000000 ____D C:\Program Files (x86)\NC Launcher
2017-06-24 01:12 - 2017-06-24 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NC Launcher
2017-06-24 01:08 - 2017-06-24 01:08 - 98562208 _____ (NCSOFT Corporation) C:\Users\luca\Downloads\MXMInstaller.exe
2017-06-23 00:07 - 2017-06-02 19:58 - 00000000 _____ C:\END
2017-06-22 17:19 - 2017-06-22 17:42 - 00000000 ____D C:\Users\luca\AppData\Local\FreeReign
2017-06-22 17:19 - 2017-06-22 17:19 - 00000000 ____D C:\Users\luca\Documents\FreeReign
2017-06-22 12:17 - 2017-06-22 12:18 - 00000000 ____D C:\ProgramData\TruckersMP
2017-06-22 11:41 - 2017-06-22 11:41 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-22 11:31 - 2017-07-08 18:21 - 00000000 ____D C:\AdwCleaner
2017-06-22 11:27 - 2017-06-22 11:27 - 04110280 _____ C:\Users\luca\Downloads\adwcleaner_6.047 (1).exe
2017-06-22 09:25 - 2017-06-22 09:25 - 00003718 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineUA
2017-06-22 09:25 - 2017-06-22 09:25 - 00003590 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineCore
2017-06-22 09:24 - 2017-07-09 18:32 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-06-22 09:24 - 2017-06-22 09:24 - 00003662 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate
2017-06-22 09:24 - 2017-06-22 09:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avira
2017-06-22 09:22 - 2017-06-22 09:22 - 04799712 _____ (Avira Operations GmbH & Co. KG) C:\Users\luca\Downloads\avira_de_fass0_594b6fc9de33a__adw (1).exe
2017-06-22 09:20 - 2017-06-22 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2017-06-22 09:20 - 2017-06-22 09:20 - 00000000 ____D C:\Program Files\TruckersMP Launcher
2017-06-22 09:19 - 2017-06-22 09:19 - 00667351 _____ C:\Users\luca\Downloads\launcher_1004.zip
2017-06-22 09:11 - 2017-06-22 09:11 - 00000000 ____D C:\Users\luca\AppData\Roaming\Google
2017-06-16 15:44 - 2017-06-16 15:44 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Hyper Hippo Games
2017-06-15 18:42 - 2017-06-15 18:42 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-06-15 13:29 - 2017-06-15 13:29 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Dire Wolf Digital
2017-06-11 13:50 - 2017-06-11 14:04 - 2193842540 _____ C:\Users\luca\Downloads\Tsuyoshi2_31052017.zip
2017-06-10 00:15 - 2017-06-10 00:15 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-06-10 00:14 - 2017-06-10 00:14 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-06-10 00:13 - 2017-06-10 09:39 - 00000000 ____D C:\Users\luca\AppData\Roaming\OpenOffice Updater
2017-06-10 00:11 - 2017-06-10 00:12 - 171801512 _____ C:\Users\luca\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-09 21:48 - 2016-06-13 17:07 - 00000000 ____D C:\Users\luca\AppData\Roaming\Origin
2017-07-09 21:47 - 2016-05-04 19:39 - 00000000 ____D C:\Users\luca\Desktop\ordner
2017-07-09 20:54 - 2017-04-26 21:49 - 00001220 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-09 20:25 - 2016-10-02 15:38 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-07-09 20:25 - 2016-06-14 23:23 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2017-07-09 20:25 - 2016-03-05 17:04 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-07-09 20:08 - 2016-10-02 15:38 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-09 20:08 - 2016-02-07 23:01 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-09 19:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-09 19:12 - 2016-06-13 16:59 - 00000000 ____D C:\ProgramData\Origin
2017-07-09 18:34 - 2017-01-15 21:39 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-09 18:33 - 2016-04-30 22:16 - 00000000 ____D C:\Users\luca\AppData\Roaming\Skype
2017-07-09 18:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-09 18:32 - 2017-04-26 21:49 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-09 18:32 - 2016-02-05 23:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-09 11:06 - 2016-02-05 23:27 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1307209835-1344803613-922493989-1002
2017-07-09 10:59 - 2016-03-28 02:27 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4D5675F6-0A5E-481D-8BE1-CC4E9DD7FA38}
2017-07-09 10:30 - 2016-10-13 13:08 - 00000000 ____D C:\Users\luca\AppData\Roaming\discord
2017-07-08 21:55 - 2017-01-17 20:30 - 00000000 ____D C:\Users\luca\AppData\Local\CrashDumps
2017-07-08 19:01 - 2016-03-18 21:54 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-08 19:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-08 18:25 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-07-08 14:50 - 2016-02-12 23:52 - 00000000 ____D C:\Users\luca\AppData\Local\Ubisoft Game Launcher
2017-07-06 10:47 - 2016-10-02 14:30 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Heroes and Generals
2017-07-06 10:45 - 2016-03-09 20:18 - 00000000 ____D C:\Users\luca
2017-07-05 16:02 - 2016-02-16 22:18 - 00000000 ____D C:\Users\luca\AppData\Roaming\TS3Client
2017-07-02 19:09 - 2016-02-16 22:18 - 00000000 ____D C:\Users\luca\AppData\Local\TeamSpeak 3 Client
2017-06-30 18:57 - 2017-01-20 16:47 - 00000000 ____D C:\Users\luca\AppData\Roaming\obs-studio
2017-06-30 14:13 - 2016-05-01 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-29 22:34 - 2017-01-03 15:30 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-27 22:49 - 2016-05-02 20:20 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2017-06-27 20:50 - 2017-04-26 21:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 16:39 - 2016-05-01 09:59 - 00000000 ____D C:\Users\luca\AppData\Local\Avira
2017-06-26 22:40 - 2016-02-05 23:41 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-26 00:07 - 2016-06-01 08:40 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-06-25 09:05 - 2016-02-06 01:57 - 00000000 ____D C:\Users\luca\Documents\My Games
2017-06-25 01:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-06-24 02:51 - 2016-06-15 19:30 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-23 22:01 - 2016-05-16 14:28 - 00000000 ____D C:\Users\luca\AppData\Local\Arma 3 Launcher
2017-06-22 12:24 - 2016-08-13 11:27 - 00000000 ____D C:\Users\luca\Documents\Euro Truck Simulator 2
2017-06-22 09:25 - 2016-05-01 09:47 - 00000000 ____D C:\Program Files (x86)\Avira
2017-06-22 09:24 - 2016-05-01 09:47 - 00000000 ____D C:\ProgramData\Avira
2017-06-20 15:06 - 2013-08-22 16:44 - 00380880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-19 16:05 - 2016-03-05 11:40 - 00000000 ____D C:\Users\luca\AppData\Local\ElevatedDiagnostics
2017-06-18 17:56 - 2017-01-03 15:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-06-18 01:26 - 2016-12-25 21:41 - 00000000 ____D C:\Users\luca\Documents\EA Games
2017-06-18 00:07 - 2017-05-06 12:53 - 00000000 ____D C:\Users\luca\Documents\Command and Conquer Generals Zero Hour Data
2017-06-16 15:51 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 18:42 - 2016-10-08 22:07 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-06-15 18:42 - 2016-05-01 09:51 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-06-15 18:42 - 2016-05-01 09:51 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-06-15 10:50 - 2017-04-26 21:49 - 00000000 ____D C:\Users\luca\AppData\Local\Dropbox
2017-06-13 14:10 - 2017-06-03 14:03 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-13 14:09 - 2017-06-03 14:02 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-12 00:03 - 2016-05-16 14:30 - 00000000 ____D C:\Users\luca\AppData\Local\Arma 3
2017-06-11 19:52 - 2016-05-16 15:19 - 00000000 ____D C:\Users\luca\Documents\Arma 3 - Other Profiles
2017-06-11 12:23 - 2016-06-23 18:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-11 12:23 - 2016-06-22 16:32 - 00000000 ____D C:\Users\luca\AppData\Local\Battle.net
2017-06-11 12:23 - 2016-06-22 16:14 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-10 00:14 - 2016-02-28 22:17 - 00206848 ___SH C:\Users\luca\Desktop\Thumbs.db
2017-06-09 23:10 - 2017-01-15 21:42 - 00000000 ____D C:\Users\luca\AppData\Local\NVIDIA Corporation

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-05-06 19:32 - 2017-04-17 19:18 - 0007598 _____ () C:\Users\luca\AppData\Local\Resmon.ResmonCfg
2016-12-17 19:01 - 2016-12-17 19:01 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
2011-11-03 16:13 - 2011-11-03 16:13 - 1786688 _____ () C:\Users\luca\AppData\Local\Temp\sonarinst.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-08 19:25

==================== Ende von FRST.txt ============================

--- --- ---
][/CODE]

schoko. · 09.07.2017, 21:31

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von luca (09-07-2017 21:51:49)
Gestartet von C:\Users\luca\Downloads
Windows 8.1 (Update) (X64) (2016-03-09 18:49:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1307209835-1344803613-922493989-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1307209835-1344803613-922493989-1007 - Limited - Enabled)
Gast (S-1-5-21-1307209835-1344803613-922493989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1307209835-1344803613-922493989-1006 - Limited - Enabled)
luca (S-1-5-21-1307209835-1344803613-922493989-1002 - Administrator - Enabled) => C:\Users\luca

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM\...\Steam App 255280) (Version:  - Daedalic Entertainment)
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
A New Beginning - Final Cut (HKLM\...\Steam App 105000) (Version:  - Daedalic Entertainment)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{1AB4D394-B72C-86E8-4D58-27147BC4071E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
APB Reloaded (HKLM\...\Steam App 113400) (Version:  - Reloaded Productions)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{14d00649-a178-473f-bf48-eec016dc4bfa}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{271D5399-34AF-4611-BCD9-B09185B2BBE0}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.8.4.30090 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.5.3029.2783 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{A4DF9D2A-AB95-4F30-9CA4-2F49662BA39D}) (Version: 2.0.2.27024 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.7.0.5478 - Avira Operations GmbH & Co. KG)
Batman: Arkham City GOTY (HKLM\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Breath of Death VII  (HKLM\...\Steam App 107300) (Version:  - Zeboyd Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
Chaos on Deponia (HKLM\...\Steam App 220740) (Version:  - Daedalic Entertainment)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes (New Steam Version) (HKLM\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version:  - Relic Entertainment)
Controller Companion (HKLM\...\Steam App 367670) (Version:  - Koga Tech Limited)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crysis (HKLM\...\Steam App 17300) (Version:  - Crytek)
Cthulhu Saves the World  (HKLM\...\Steam App 107310) (Version:  - Zeboyd Games)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Messiah of Might & Magic Single Player (HKLM\...\Steam App 2100) (Version:  - Arkane Studios)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Darksiders Warmastered Edition (HKLM\...\Steam App 462780) (Version:  - KAIKO)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Deponia (HKLM\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Discord (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Divine Divinity (HKLM\...\Steam App 214170) (Version:  - Larian Studios)
Divinity: Original Sin (Classic) (HKLM\...\Steam App 230230) (Version:  - Larian Studios)
Divinity: Original Sin Enhanced Edition (HKLM\...\Steam App 373420) (Version:  - Larian Studios)
Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
E.Y.E: Divine Cybermancy (HKLM\...\Steam App 91700) (Version:  - Streum On Studio)
Edna & Harvey: Harvey's New Eyes (HKLM\...\Steam App 219910) (Version:  - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM\...\Steam App 255320) (Version:  - Daedalic Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout Shelter (HKLM\...\Steam App 588430) (Version:  - Bethesda Game Studios)
Fotogalerie (HKLM-x32\...\{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{1F0C818D-4A41-4E40-BAFB-BB940C82A518}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{E354D495-5DA4-4CCF-AB39-080F6A4141BE}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{9F470E17-4FC3-4091-A508-D5347A16A2B9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{DB7B6508-2AAB-4F26-99D4-74559A2F5E42}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameMaker: Studio (HKLM\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameRanger (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
Geometry Dash (HKLM\...\Steam App 322170) (Version:  - RobTop Games)
Goodbye Deponia (HKLM\...\Steam App 241910) (Version:  - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Quest (HKLM\...\Steam App 547680) (Version:  - Hyper Hippo Games)
Gunpoint (HKLM\...\Steam App 206190) (Version:  - Suspicious Developments)
Guns'N'Zombies (HKLM\...\Steam App 264300) (Version:  - Krealit)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version:  - Elias Viglione)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.5.5 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
How to Survive (HKLM\...\Steam App 250400) (Version:  - EKO Software)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Killer is Dead (HKLM\...\Steam App 261110) (Version:  - KADOKAWA GAMES / GRASSHOPPER MANUFACTURE)
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Labyronia RPG (HKLM\...\Steam App 391260) (Version:  - Labyrinthine)
Labyronia RPG 2 (HKLM\...\Steam App 397500) (Version:  - Labyrinthine)
Last Man Standing (HKLM\...\Steam App 506540) (Version:  - Free Reign Entertainment)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend of Mysteria (HKLM\...\Steam App 407230) (Version:  - Labyrinthine)
Legends of Aethereus (HKLM\...\Steam App 248410) (Version:  - Three Gates)
LEGO Batman 2 (HKLM\...\Steam App 213330) (Version:  - TT Games)
LEGO® MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
LEGO® The Hobbit™ (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
LEGO® The Lord of the Rings™ (HKLM\...\Steam App 214510) (Version:  - Traveller's Tales)
Lost Moon (HKLM\...\Steam App 406090) (Version:  - Eplixe)
Mark of the Ninja (HKLM\...\Steam App 214560) (Version:  - Klei Entertainment)
Mass Effect (HKLM\...\Steam App 17460) (Version:  - BioWare)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.281 - Electronic Arts)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.1924 - CyberLink Corp.) Hidden
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Memoria (HKLM\...\Steam App 243200) (Version:  - Daedalic Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM\...\Steam App 17410) (Version:  - DICE)
Mortal Kombat X (HKLM\...\Steam App 307780) (Version:  - NetherRealm Studios)
Movie Maker (HKLM-x32\...\{03CC9D58-B132-4CC0-A521-4F3660AA43C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{058EDEC8-1873-4B49-9A08-54ADE9CC129B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{306C7AEF-16C7-428D-93AA-99D4A4090243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{36BEC461-B58A-414D-993E-E2BDD1F1A14B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{62BBCDDC-4979-4E59-9D97-5B8E874C3191}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{701FE1BC-834A-4857-AF62-6EBA50CFBC78}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{751EB657-3F22-4150-8CE4-D79A262F1D92}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7E63F102-A9E9-4F4C-8004-BC62974736BF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MXMCLIENT (HKLM-x32\...\MXM) (Version:  - NCSOFT)
NC Launcher (HKLM-x32\...\NCLauncherS_plaync) (Version:  - NCSOFT)
NOT A HERO (HKLM\...\Steam App 274270) (Version:  - Roll7)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project)
OMG Zombies! (HKLM\...\Steam App 259870) (Version:  - Laughing Jackal LTD)
One More Line (HKLM\...\Steam App 356890) (Version:  - SMG Studio)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.)
Outlast (HKLM\...\Steam App 238320) (Version:  - Red Barrels)
Overlord (HKLM\...\Steam App 11450) (Version:  - Triumph Studios)
Overture (HKLM\...\Steam App 343100) (Version:  - Black Shell Games)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PAC-MAN Championship Edition DX+ (HKLM\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Party Hard (HKLM\...\Steam App 356570) (Version:  - Pinokl Games)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
Penumbra: Black Plague (HKLM\...\Steam App 22120) (Version:  - Frictional Games)
Penumbra: Overture (HKLM\...\Steam App 22180) (Version:  - Frictional Games)
Penumbra: Requiem (HKLM\...\Steam App 22140) (Version:  - Frictional Games)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (HKLM-x32\...\{D04EBB49-C985-4A38-8695-62000861293A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realm of the Mad God (HKLM\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - Hopoo Games, LLC)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version:  - Crytek)
Saints Row 2 (HKLM\...\Steam App 9480) (Version:  - Volition)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
Shakes and Fidget (HKLM\...\Steam App 438040) (Version:  - Playa Games GmbH)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Sins Of The Demon RPG (HKLM\...\Steam App 461640) (Version:  - Chandler Rounsley)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spikit (HKLM\...\Steam App 509110) (Version:  - Blastoid Entertainment)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version:  - Petroglyph)
Starbound - Unstable (HKLM\...\Steam App 367540) (Version:  - )
Starbound (HKLM\...\Steam App 211820) (Version:  - Chucklefish)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storm of Spears (HKLM\...\Steam App 463350) (Version:  - Warfare Studios)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
TeamSpeak 3 Client (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Terrorhedron (HKLM\...\Steam App 299720) (Version:  - Dan Walters)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Chosen RPG (HKLM\...\Steam App 434420) (Version:  - Little Big Lee)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Dark Eye: Chains of Satinav (HKLM\...\Steam App 203830) (Version:  - Daedalic Entertainment)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls: Legends (HKLM\...\Steam App 364470) (Version:  - Dire Wolf Digital)
The Evil Within (HKLM\...\Steam App 268050) (Version:  - Tango Gameworks)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Night of the Rabbit (HKLM\...\Steam App 230820) (Version:  - Daedalic Entertainment)
The Secret World (HKLM\...\Steam App 215280) (Version:  - Funcom)
The Whispered World Special Edition (HKLM\...\Steam App 268540) (Version:  - Daedalic Entertainment)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Timberman (HKLM\...\Steam App 398710) (Version:  - Digital Melody)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Trine 2 (HKLM\...\Steam App 35720) (Version:  - Frozenbyte)
Trine 3: The Artifacts of Power (HKLM\...\Steam App 319910) (Version:  - Frozenbyte)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
UE4 Prerequisites (x64) (HKLM\...\{457BE011-43FF-44A7-9FA7-B3BE181E2076}) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
Vokabelcheck Spanisch (HKLM-x32\...\Vokabelcheck Spanisch) (Version: 1.0.0.0 - Genehmigte Lizenzausgabe)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wargame: European Escalation (HKLM\...\Steam App 58610) (Version:  - Eugen Systems)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wolfenstein: The Old Blood German Edition (HKLM\...\Steam App 354830) (Version:  - MachineGames)
World of Tanks (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Συλλογή φωτογραφιών (HKLM-x32\...\{A19A8C25-272A-4CD6-8BA8-3772321A021B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-03] (Cyberlink)
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers02: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-03] (Cyberlink)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Keine Datei
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers05: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CA31420-43BB-45C7-A619-C7D20C155D08} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {0ED72862-60EF-4C89-819C-5CA6414E0811} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-22] (Avira Operations GmbH & Co. KG)
Task: {11857D59-6944-4E30-97F2-2E592C024F87} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-22] (NVIDIA Corporation)
Task: {2CC22CC9-774F-4190-8863-DE2CF91C6F99} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-06-13] (Avira Operations GmbH & Co. KG)
Task: {35EDCFE6-7074-439D-B7BD-D7AC74DEF009} - System32\Tasks\{93A54DF0-C15E-488A-B80A-D768FA03D9B3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=404
Task: {3F480002-AC7C-48A1-B092-7B74EC625C2D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-26] (Dropbox, Inc.)
Task: {42A599EE-DBCD-4B74-90C3-99B00CE586EC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {480B1722-4A71-4AD7-84CE-82AB033497ED} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-22] (NVIDIA Corporation)
Task: {5DF31B83-0A8C-4D46-883C-5A49C9B8F0BF} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-22] (Avira Operations GmbH & Co. KG)
Task: {69B1F47F-04ED-4825-BC59-55D14CA34A60} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-22] (NVIDIA Corporation)
Task: {8A6AFFA4-5E62-4776-BB40-951A12833674} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-22] (NVIDIA Corporation)
Task: {9B8A95FA-7E5D-46D3-9094-096313CA5143} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {9DB81685-34FD-4BD0-BE44-E9A99EE6F079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-05] (Google Inc.)
Task: {A01A38BD-FA2C-420A-85FE-6FD3EE8217B5} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A2ADDC75-3199-4889-9BB7-5BC33F894BB3} - System32\Tasks\{93808D44-1BEE-4250-8A72-439F6F69E3D5} => pcalua.exe -a E:\AutoRun.exe -d E:\
Task: {A4B4D8B3-648B-4A64-B3BE-333CD44A53FD} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-06-13] (Avira Operations GmbH & Co. KG)
Task: {A61B660E-E773-4D28-A834-E2414AD7D620} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-22] (NVIDIA Corporation)
Task: {ACE4036C-B804-4512-94E8-31E44740AE8E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-22] (NVIDIA Corporation)
Task: {B9E57456-8BB7-412D-A4F5-4BCAD7EA4E09} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-26] (Dropbox, Inc.)
Task: {C7DB9097-40DB-45FD-9A68-CA62D5F93951} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-22] (NVIDIA Corporation)
Task: {CA282174-F92E-45F6-86B2-E17AA929B8D0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-22] (NVIDIA Corporation)
Task: {CC023602-3A3E-4DE9-B0A7-C3E5B2D1C2B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-05] (Google Inc.)
Task: {F1ADC9D1-5B59-423D-BAF8-18DED41CC322} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-06-22] (Avira Operations GmbH & Co. KG                              )
Task: {F2EE2B96-6E3C-4FE3-9F49-66DBE6FB7B4D} - System32\Tasks\{3506EA9B-12B7-4192-A68B-45432F385DAD} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=404
Task: {F5E5E2FD-2128-4006-96C7-F3A3AFB73673} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www1.aldi-blumenservice.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Reisen.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nord.aldi-reisen.de/html_nord
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Startseite.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-154514-44482-13/4
ShortcutWithArgument: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ad;Block Plus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gppglejjadnhbalmblladacjggieapge
ShortcutWithArgument: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Fair AdBlocker App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-08-06 14:09 - 2012-08-06 14:09 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 18:03 - 2012-03-05 18:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 16:53 - 2012-02-16 16:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-08-06 14:09 - 2012-08-06 14:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-01-15 21:41 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2012-11-09 16:36 - 2010-08-19 19:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-01-15 21:39 - 2017-05-18 07:48 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-06-26 22:40 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 22:40 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-05-31 17:48 - 2017-06-29 22:33 - 00022928 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2016-06-14 23:23 - 2017-07-09 20:25 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2017-05-31 17:48 - 2017-06-29 22:33 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-01-15 21:41 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-15 19:50 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-05 23:44 - 2017-03-29 20:12 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-05 23:44 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-05 23:44 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 18:29 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00147232 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2016-02-05 23:44 - 2014-04-09 06:25 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2016-02-05 23:44 - 2014-04-09 06:25 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2016-12-13 15:57 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-08 17:50 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-01-15 21:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-15 21:27 - 2017-01-15 21:27 - 01082880 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-15 21:27 - 2017-01-15 21:27 - 03750400 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-15 21:27 - 2017-01-15 21:27 - 00914432 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-15 21:27 - 2017-01-15 21:27 - 01127424 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-15 21:27 - 2017-05-22 20:22 - 01385976 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_overlay\discord_overlay.node
2017-01-15 21:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-15 21:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-07-09 18:32 - 2017-07-09 18:32 - 00148992 _____ () \\?\C:\Users\luca\AppData\Local\Temp\B857.tmp.node
2017-01-15 21:27 - 2017-04-26 21:23 - 02658296 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-15 21:27 - 2017-03-22 20:17 - 02665976 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2012-11-09 16:34 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-31 21:24 - 2017-06-26 12:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-27 20:50 - 2017-06-26 12:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-27 20:50 - 2017-06-26 12:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-31 21:24 - 2017-06-26 12:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-27 20:50 - 2017-06-26 12:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-27 20:50 - 2017-06-26 12:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-31 21:24 - 2017-06-26 12:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-31 21:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-05-31 17:48 - 2017-06-29 22:33 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-01-03 15:33 - 2017-01-03 15:33 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-02-05 23:44 - 2017-03-29 20:12 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\NvContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\NvTelemetryContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcmihvsrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcmihvui64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvd3dumx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437633.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437849.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437866.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437878.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437892.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438189.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438205.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438233.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437633.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437849.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437866.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437878.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437892.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438189.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438205.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438233.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdagenco6420103.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdap64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvinitx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvmcumd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglshim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvwgf2umx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-42-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EasyAntiCheat.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lastpass_1337.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lastpass_downloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvd3dum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvinit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglshim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvStreaming.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvumdshim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvwgf2um.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avnetflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BCMWL63a.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Hamdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvhda64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvhci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tap0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca:Heroes & Generals [38]
AlternateDataStreams: C:\Users\luca\Downloads\0.9.12 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\0.9.12.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\15578691_1646917675612878_964531673916360488_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\4.2.4.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\4kyoutubetomp3_3.0.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\4kyoutubetomp3_3.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\@Exile-1.0.2.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-Classic-2017-0122 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-Classic-2017-0122.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-for-Steam-2017-0122.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ArmoredWarfareMycomLoader_ee507c12538b76672777980993d5b5cd_A_de.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\ArmoredWarfareMycomLoader_ee507c12538b76672777980993d5b5cd_A_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\autodetectutility (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\autodetectutility (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Bin64 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CEB2N8.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Credits.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CSScontentinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\CSScontentinstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CSS_Content_Addon_(Dec2013).rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Diablo-III-Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Diablo-III-Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\DiscordSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\DiscordSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Download.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\DropboxInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ets2mp_20400.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GTAV_Setup_Tool (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GTAV_Setup_Tool (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GTA_V_Launcher_1_0_877_1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GTA_V_Launcher_1_0_877_1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\hamachi.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\install_flash_player.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\install_flash_player.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\LibreOffice_5.1.6_Win_x86.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Luca Foto.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\MarkC_Windows_10+8.x+7_MouseFix.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\mikuskin50.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Nicht bestätigt 854861.crdownload:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Penumbra_Steam_German_Patch.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup (1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\sr2_uncut.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\VID-20170428-WA0001.mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\WhatsAppSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\WhatsAppSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ysd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\ysd.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\luca\Desktop\ordner\bilder\547265.jpg
DNS Servers: 8.8.8.8 - 8.8.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\StartupApproved\Run: => "World of Warships"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{C07E0427-AA05-4FF1-B27F-98A476A77BBF}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [UDP Query User{300B34DC-B1EC-466E-BA06-8A35741FA7BE}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [TCP Query User{1E7A3CC8-D36B-44D7-B21D-BC566CFAC3E9}C:\users\luca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luca\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7C5497D3-9DE8-43CE-8881-C67675D010F7}C:\users\luca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luca\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{859F8E0D-F6CC-4617-A8F2-93D35D0791AF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1306A1BD-308F-461A-B42B-3F8959293E79}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BF56667C-C355-439D-A9A2-C6ABBB6F7178}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C7D5D1A7-2A12-4115-AC81-6900FCBA2EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AAC32483-646E-40F1-857B-E0975A2CC538}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5AE17DA2-828A-4BF4-B42B-2DEFDE2148FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{9980821A-22AE-4CAF-B8B8-A352A6835802}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [UDP Query User{3C6C4B0F-AD02-45C3-872C-D5F6A6DEC6B1}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [TCP Query User{786A483D-8F26-47F8-AACF-F057EDD8510C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{7822527E-BA69-476D-9326-6A783CC2B40E}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{C6704EED-2388-4993-8E45-5B01EE54B077}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{329E35DD-6389-41BA-A85B-1C6A1AE29ADD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C17D46FF-3A39-449D-BB7C-167154F17CC6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E07878F4-8A0F-452C-9F38-68D44018681D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A0B889BF-EA39-423E-8990-E8C192CB8C96}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E5D27F1A-B955-47C3-99DB-CD48749BBF31}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{F348008C-9506-4F75-A1DF-AFC54B6A583D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{AD724CE0-ADBF-4F2C-AAE9-6B8468D846A8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{910A4138-2ECF-408A-862B-D869CB2C7942}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{3A76F568-83B0-427E-A3B0-963FC562F4BE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [TCP Query User{657E2D87-7482-4DA8-949C-41BA9DAC0476}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{25DDAB0F-A144-4152-843C-CA90797CAB25}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 19:48:15 Geplanter Prüfpunkt
09-07-2017 20:05:38 DirectX wurde installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/08/2017 09:55:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avgnt.exe, Version: 15.0.27.30, Zeitstempel: 0x592fe300
Name des fehlerhaften Moduls: ccmsg.dll, Version: 15.0.27.30, Zeitstempel: 0x592fe284
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000144a3
ID des fehlerhaften Prozesses: 0x1418
Startzeit der fehlerhaften Anwendung: 0x01d2f80c36673c25
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
Pfad des fehlerhaften Moduls: c:\program files (x86)\avira\antivirus\ccmsg.dll
Berichtskennung: 739c167a-6417-11e7-befd-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/08/2017 06:59:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x501fec0e
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6ac
Startzeit der fehlerhaften Anwendung: 0x01d2f80b1eadb51c
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: dd29d175-63fe-11e7-befc-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/08/2017 06:55:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x501fec0e
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6a4
Startzeit der fehlerhaften Anwendung: 0x01d2f806e1946032
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: 342327a1-63fe-11e7-befb-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/08/2017 06:18:40 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.


Systemfehler:
=============
Error: (07/09/2017 08:09:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Netzwerkdienst" (SID: S-1-5-20) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{135FD325-45B7-4C30-89F8-4386961669F0}
 und der APPID 
{135FD325-45B7-4C30-89F8-4386961669F0}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/09/2017 06:14:22 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (07/09/2017 11:11:19 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (07/09/2017 11:08:02 AM) (Source: DCOM) (EventID: 10010) (User: loca)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/09/2017 11:07:32 AM) (Source: DCOM) (EventID: 10010) (User: loca)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/09/2017 06:54:11 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (07/08/2017 10:23:53 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (07/08/2017 07:26:49 PM) (Source: DCOM) (EventID: 10010) (User: loca)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/08/2017 07:26:19 PM) (Source: DCOM) (EventID: 10010) (User: loca)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/08/2017 07:03:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===================================
  Date: 2017-06-03 13:27:30.954
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-03 08:45:27.365
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 08:38:27.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 07:47:46.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 06:12:46.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:29:53.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:14:08.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:07:50.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 22:24:41.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 21:25:33.166
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8164.38 MB
Verfügbarer physikalischer RAM: 4750.5 MB
Summe virtueller Speicher: 12741.27 MB
Verfügbarer virtueller Speicher: 8131.18 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:89.89 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:42.73 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.39 GB) (Free:132.58 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

schoko. · 09.07.2017, 21:58

Code:

ATTFilter

22:25:28.0274 0x0cc0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
22:25:28.0283 0x0cc0  UEFI system
22:26:14.0097 0x0cc0  ============================================================
22:26:14.0097 0x0cc0  Current date / time: 2017/07/09 22:26:14.0097
22:26:14.0097 0x0cc0  SystemInfo:
22:26:14.0097 0x0cc0  
22:26:14.0097 0x0cc0  OS Version: 6.3.9600 ServicePack: 0.0
22:26:14.0097 0x0cc0  Product type: Workstation
22:26:14.0097 0x0cc0  ComputerName: LOCA
22:26:14.0097 0x0cc0  UserName: luca
22:26:14.0097 0x0cc0  Windows directory: C:\WINDOWS
22:26:14.0097 0x0cc0  System windows directory: C:\WINDOWS
22:26:14.0097 0x0cc0  Running under WOW64
22:26:14.0097 0x0cc0  Processor architecture: Intel x64
22:26:14.0097 0x0cc0  Number of processors: 8
22:26:14.0097 0x0cc0  Page size: 0x1000
22:26:14.0097 0x0cc0  Boot type: Normal boot
22:26:14.0097 0x0cc0  CodeIntegrityOptions = 0x00000001
22:26:14.0097 0x0cc0  ============================================================
22:26:14.0807 0x0cc0  KLMD registered as C:\WINDOWS\system32\drivers\49042741.sys
22:26:14.0807 0x0cc0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18202, osProperties = 0x19
22:26:15.0345 0x0cc0  System UUID: {3A2E11BA-C03B-8F31-DB04-898ED2B39B66}
22:26:16.0431 0x0cc0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:26:16.0440 0x0cc0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:26:16.0452 0x0cc0  ============================================================
22:26:16.0452 0x0cc0  \Device\Harddisk0\DR0:
22:26:16.0452 0x0cc0  GPT partitions:
22:26:16.0474 0x0cc0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3512902D-F58B-4109-A977-959C28300B1F}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
22:26:16.0474 0x0cc0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F332F935-025C-4E06-934D-9E51A3A93A1C}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
22:26:16.0474 0x0cc0  MBR partitions:
22:26:16.0474 0x0cc0  \Device\Harddisk1\DR1:
22:26:16.0474 0x0cc0  GPT partitions:
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {262AAFE3-004C-41AF-8B00-245F0A19F79F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8767DF02-1686-42DE-AFBC-B56670064097}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8890E05F-EA6B-4909-8B70-29B35A624097}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {D3D64FD4-DFC9-4BD1-8C95-6B7DFA0FA582}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7A060CAD-1322-4669-9AC0-FFC567E25BE5}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x6CAB8000
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {691758A8-A30D-4504-B696-1CCB6CF676CA}, Name: , StartLBA 0x6CE24000, BlocksNum 0xE2000
22:26:16.0475 0x0cc0  \Device\Harddisk1\DR1\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AE4B2B2E-3BEE-4D7A-AB87-D089E0FCBEAB}, Name: Basic data partition, StartLBA 0x6CF06000, BlocksNum 0x77FE000
22:26:16.0475 0x0cc0  MBR partitions:
22:26:16.0475 0x0cc0  ============================================================
22:26:16.0492 0x0cc0  C: <-> \Device\Harddisk1\DR1\Partition5
22:26:16.0523 0x0cc0  D: <-> \Device\Harddisk1\DR1\Partition7
22:26:16.0544 0x0cc0  F: <-> \Device\Harddisk0\DR0\Partition2
22:26:16.0544 0x0cc0  ============================================================
22:26:16.0544 0x0cc0  Initialize success
22:26:16.0544 0x0cc0  ============================================================
22:27:25.0705 0x19d0  ============================================================
22:27:25.0705 0x19d0  Scan started
22:27:25.0705 0x19d0  Mode: Manual; SigCheck; TDLFS; 
22:27:25.0705 0x19d0  ============================================================
22:27:25.0705 0x19d0  KSN ping started
22:27:28.0164 0x19d0  KSN ping finished: true
22:27:30.0264 0x19d0  ================ Scan system memory ========================
22:27:30.0264 0x19d0  System memory - ok
22:27:30.0265 0x19d0  ================ Scan services =============================
22:27:30.0450 0x19d0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
22:27:30.0649 0x19d0  1394ohci - ok
22:27:30.0674 0x19d0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
22:27:30.0685 0x19d0  3ware - ok
22:27:30.0709 0x19d0  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
22:27:30.0730 0x19d0  ACPI - ok
22:27:30.0742 0x19d0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
22:27:30.0752 0x19d0  acpiex - ok
22:27:30.0763 0x19d0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
22:27:30.0772 0x19d0  acpipagr - ok
22:27:30.0817 0x19d0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
22:27:30.0826 0x19d0  AcpiPmi - ok
22:27:30.0830 0x19d0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
22:27:30.0840 0x19d0  acpitime - ok
22:27:30.0901 0x19d0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:27:30.0951 0x19d0  ADP80XX - ok
22:27:31.0007 0x19d0  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
22:27:31.0048 0x19d0  AeLookupSvc - ok
22:27:31.0111 0x19d0  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
22:27:31.0152 0x19d0  AFD - ok
22:27:31.0167 0x19d0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
22:27:31.0184 0x19d0  agp440 - ok
22:27:31.0225 0x19d0  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:27:31.0236 0x19d0  ahcache - ok
22:27:31.0276 0x19d0  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
22:27:31.0287 0x19d0  ALG - ok
22:27:31.0337 0x19d0  AMD FUEL Service - ok
22:27:31.0363 0x19d0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
22:27:31.0385 0x19d0  AmdK8 - ok
22:27:32.0036 0x19d0  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
22:27:32.0322 0x19d0  amdkmdag - ok
22:27:32.0395 0x19d0  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
22:27:32.0419 0x19d0  amdkmdap - ok
22:27:32.0426 0x19d0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
22:27:32.0436 0x19d0  AmdPPM - ok
22:27:32.0468 0x19d0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
22:27:32.0477 0x19d0  amdsata - ok
22:27:32.0491 0x19d0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
22:27:32.0504 0x19d0  amdsbs - ok
22:27:32.0536 0x19d0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
22:27:32.0544 0x19d0  amdxata - ok
22:27:32.0561 0x19d0  [ A2EFE3869B976296E097DEF368280F95, 121CD4A16146A9DF59D6E415181F48CA0D1DCD4D2B6BC4CBDABC2F3D296E28C6 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
22:27:32.0571 0x19d0  amd_sata - ok
22:27:32.0601 0x19d0  [ 625396421C29FB305C6C6235D01130B8, 3FAF8D3B530F1B74B2C9B0ED3377836746CE2D0A4008E1BC454095671AC9E1AF ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
22:27:32.0606 0x19d0  amd_xata - ok
22:27:32.0737 0x19d0  [ 2C5A37BC42D91CD54FEAFCC51D3E4924, FDF678E91D1FAF789A2E0C8315D65D4BAF7997705D66D0450EFF81631BD79F59 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
22:27:32.0771 0x19d0  AntiVirMailService - ok
22:27:32.0801 0x19d0  [ 1CE285653AD840CBC168957C5ACA6DDE, DBF70B3AFBF5287332B27534E94F2917E3960B74ADBEED938AFD16B87065A2A9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
22:27:32.0817 0x19d0  AntiVirSchedulerService - ok
22:27:32.0863 0x19d0  [ 1CE285653AD840CBC168957C5ACA6DDE, DBF70B3AFBF5287332B27534E94F2917E3960B74ADBEED938AFD16B87065A2A9 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
22:27:32.0887 0x19d0  AntiVirService - ok
22:27:32.0930 0x19d0  [ B1DEA30E906DC1A90AA9D89FBF3FE490, B37AA43BA8B3C91A657C94D9621C40818BAAFF6C2445D66C4C225E9DB657C2A3 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
22:27:32.0966 0x19d0  AntiVirWebService - ok
22:27:32.0983 0x19d0  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:27:32.0989 0x19d0  AODDriver4.1 - ok
22:27:33.0027 0x19d0  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
22:27:33.0056 0x19d0  AppID - ok
22:27:33.0101 0x19d0  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
22:27:33.0112 0x19d0  AppIDSvc - ok
22:27:33.0158 0x19d0  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
22:27:33.0169 0x19d0  Appinfo - ok
22:27:33.0191 0x19d0  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
22:27:33.0211 0x19d0  AppReadiness - ok
22:27:33.0252 0x19d0  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
22:27:33.0286 0x19d0  AppXSvc - ok
22:27:33.0301 0x19d0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
22:27:33.0312 0x19d0  arcsas - ok
22:27:33.0317 0x19d0  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:27:33.0333 0x19d0  AsyncMac - ok
22:27:33.0338 0x19d0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
22:27:33.0345 0x19d0  atapi - ok
22:27:33.0369 0x19d0  [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
22:27:33.0375 0x19d0  AtiHDAudioService - ok
22:27:33.0398 0x19d0  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
22:27:33.0410 0x19d0  atksgt - ok
22:27:33.0466 0x19d0  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:27:33.0503 0x19d0  AudioEndpointBuilder - ok
22:27:33.0532 0x19d0  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
22:27:33.0561 0x19d0  Audiosrv - ok
22:27:33.0604 0x19d0  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\WINDOWS\system32\DRIVERS\avdevprot.sys
22:27:33.0616 0x19d0  avdevprot - ok
22:27:33.0673 0x19d0  [ 0C6D49FFD4B70F95E24EF5311ED57A28, AB58DC263E3B5DE2E5E76DCBE8061D9B6736B411C2D572E56AD68BB326818FAF ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:27:33.0687 0x19d0  avgntflt - ok
22:27:33.0739 0x19d0  [ DAA6BD143D3AC4274791018FFAD5543A, 2D85818C52FF768579528A81DEB8D106421D986B28837B301F53B600E382E6CF ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:27:33.0749 0x19d0  avipbb - ok
22:27:33.0883 0x19d0  [ 0BEA4FBBB8AE477B437A8077C48AE5D0, 5B1ABDB03E2B0B99D16E95CDD61802C9D89A98718CF59E783DA1B77EF305C8C5 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:27:33.0933 0x19d0  Avira.ServiceHost - ok
22:27:33.0960 0x19d0  [ 184077A3D7BF1B100EF21F79420C42FC, 95322B9E1E219CAF7B7560F197AC8609C88159049F32520BF9F9A214BE3B12FC ] AviraPhantomVPN C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
22:27:33.0972 0x19d0  AviraPhantomVPN - ok
22:27:33.0997 0x19d0  [ 51C5943C99952803DAACF59E9FA70D3B, 4F89DEDCECA8F113BB44F80883E65AD8C3E5AE3808095EF195A6CD9A089BE232 ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
22:27:34.0007 0x19d0  AviraUpdaterService - ok
22:27:34.0030 0x19d0  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:27:34.0039 0x19d0  avkmgr - ok
22:27:34.0066 0x19d0  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
22:27:34.0087 0x19d0  avnetflt - ok
22:27:34.0136 0x19d0  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
22:27:34.0162 0x19d0  AxInstSV - ok
22:27:34.0195 0x19d0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
22:27:34.0216 0x19d0  b06bdrv - ok
22:27:34.0231 0x19d0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:27:34.0241 0x19d0  BasicDisplay - ok
22:27:34.0245 0x19d0  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
22:27:34.0253 0x19d0  BasicRender - ok
22:27:34.0421 0x19d0  [ 833824639D5B60AFC6B2926C84DBB01B, BDB4CA73B07B10C6407DE5BD837CF89864D75D6D4E9B333B1E84D3CB36CAD01D ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
22:27:34.0566 0x19d0  BCM43XX - ok
22:27:34.0588 0x19d0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
22:27:34.0593 0x19d0  bcmfn2 - ok
22:27:34.0638 0x19d0  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
22:27:34.0653 0x19d0  BDESVC - ok
22:27:34.0688 0x19d0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:27:34.0697 0x19d0  Beep - ok
22:27:34.0797 0x19d0  [ 9A11E8F9C71C087FCB57B48D80D3079A, C887560E8D1A9F53287A2409BD9727DEF40AFE69861943E2A5ADF4497A30E17C ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
22:27:34.0834 0x19d0  BEService - ok
22:27:34.0924 0x19d0  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
22:27:34.0954 0x19d0  BFE - ok
22:27:35.0068 0x19d0  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
22:27:35.0117 0x19d0  BITS - ok
22:27:35.0132 0x19d0  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
22:27:35.0142 0x19d0  bowser - ok
22:27:35.0214 0x19d0  [ 7487B46E104303E247F68D485C12326F, BAC6A4FFD5B4009B4B673479630FAA2784618438925DFB6489F07BF163188114 ] BRDriver64_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys
22:27:35.0233 0x19d0  BRDriver64_1_3_3_E02B25FC - ok
22:27:35.0278 0x19d0  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:27:35.0312 0x19d0  BrokerInfrastructure - ok
22:27:35.0345 0x19d0  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
22:27:35.0373 0x19d0  Browser - ok
22:27:35.0393 0x19d0  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
22:27:35.0410 0x19d0  BRSptStub - ok
22:27:35.0425 0x19d0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:27:35.0436 0x19d0  BthAvrcpTg - ok
22:27:35.0445 0x19d0  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
22:27:35.0454 0x19d0  BthHFEnum - ok
22:27:35.0463 0x19d0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
22:27:35.0472 0x19d0  bthhfhid - ok
22:27:35.0491 0x19d0  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
22:27:35.0505 0x19d0  BthHFSrv - ok
22:27:35.0547 0x19d0  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
22:27:35.0569 0x19d0  BTHMODEM - ok
22:27:35.0609 0x19d0  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
22:27:35.0623 0x19d0  bthserv - ok
22:27:35.0642 0x19d0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:27:35.0657 0x19d0  cdfs - ok
22:27:35.0677 0x19d0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
22:27:35.0688 0x19d0  cdrom - ok
22:27:35.0701 0x19d0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
22:27:35.0724 0x19d0  CertPropSvc - ok
22:27:35.0737 0x19d0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
22:27:35.0746 0x19d0  circlass - ok
22:27:35.0793 0x19d0  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
22:27:35.0809 0x19d0  CLFS - ok
22:27:35.0836 0x19d0  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
22:27:35.0843 0x19d0  CLVirtualDrive - ok
22:27:35.0853 0x19d0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
22:27:35.0864 0x19d0  CmBatt - ok
22:27:35.0911 0x19d0  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
22:27:35.0932 0x19d0  CNG - ok
22:27:35.0945 0x19d0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
22:27:35.0955 0x19d0  CompositeBus - ok
22:27:35.0959 0x19d0  COMSysApp - ok
22:27:35.0978 0x19d0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
22:27:35.0988 0x19d0  condrv - ok
22:27:36.0032 0x19d0  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
22:27:36.0052 0x19d0  CryptSvc - ok
22:27:36.0107 0x19d0  [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
22:27:36.0114 0x19d0  CyberLink PowerDVD 10 MS Monitor Service - ok
22:27:36.0131 0x19d0  [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
22:27:36.0142 0x19d0  CyberLink PowerDVD 10 MS Service - ok
22:27:36.0178 0x19d0  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
22:27:36.0187 0x19d0  dam - ok
22:27:36.0225 0x19d0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:27:36.0234 0x19d0  dbupdate - ok
22:27:36.0239 0x19d0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:27:36.0247 0x19d0  dbupdatem - ok
22:27:36.0289 0x19d0  [ 8FC11CF02CDF8C958EACCD8CC6479BE6, 451DF418FE72716B4AE75F36D77810F66046ABE4E870504AE4052D53121A526E ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
22:27:36.0309 0x19d0  DbxSvc - ok
22:27:36.0394 0x19d0  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:27:36.0426 0x19d0  DcomLaunch - ok
22:27:36.0444 0x19d0  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
22:27:36.0463 0x19d0  defragsvc - ok
22:27:36.0480 0x19d0  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:27:36.0504 0x19d0  DeviceAssociationService - ok
22:27:36.0513 0x19d0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
22:27:36.0525 0x19d0  DeviceInstall - ok
22:27:36.0533 0x19d0  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
22:27:36.0544 0x19d0  Dfsc - ok
22:27:36.0573 0x19d0  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:27:36.0583 0x19d0  dg_ssudbus - ok
22:27:36.0600 0x19d0  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
22:27:36.0625 0x19d0  Dhcp - ok
22:27:36.0719 0x19d0  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
22:27:36.0758 0x19d0  DiagTrack - ok
22:27:36.0774 0x19d0  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
22:27:36.0784 0x19d0  disk - ok
22:27:36.0809 0x19d0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
22:27:36.0817 0x19d0  dmvsc - ok
22:27:36.0858 0x19d0  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:27:36.0895 0x19d0  Dnscache - ok
22:27:36.0939 0x19d0  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:27:36.0959 0x19d0  dot3svc - ok
22:27:36.0978 0x19d0  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
22:27:36.0998 0x19d0  DPS - ok
22:27:37.0011 0x19d0  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:27:37.0022 0x19d0  drmkaud - ok
22:27:37.0034 0x19d0  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
22:27:37.0056 0x19d0  DsmSvc - ok
22:27:37.0098 0x19d0  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:27:37.0140 0x19d0  DXGKrnl - ok
22:27:37.0159 0x19d0  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
22:27:37.0170 0x19d0  Eaphost - ok
22:27:37.0174 0x19d0  EasyAntiCheat - ok
22:27:37.0249 0x19d0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
22:27:37.0332 0x19d0  ebdrv - ok
22:27:37.0345 0x19d0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
22:27:37.0355 0x19d0  EFS - ok
22:27:37.0364 0x19d0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
22:27:37.0374 0x19d0  EhStorClass - ok
22:27:37.0405 0x19d0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:27:37.0416 0x19d0  EhStorTcgDrv - ok
22:27:37.0424 0x19d0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
22:27:37.0433 0x19d0  ErrDev - ok
22:27:37.0485 0x19d0  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
22:27:37.0504 0x19d0  EventSystem - ok
22:27:37.0523 0x19d0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
22:27:37.0540 0x19d0  exfat - ok
22:27:37.0554 0x19d0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
22:27:37.0567 0x19d0  fastfat - ok
22:27:37.0624 0x19d0  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:27:37.0646 0x19d0  Fax - ok
22:27:37.0659 0x19d0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
22:27:37.0670 0x19d0  fdc - ok
22:27:37.0681 0x19d0  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
22:27:37.0690 0x19d0  fdPHost - ok
22:27:37.0706 0x19d0  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
22:27:37.0717 0x19d0  FDResPub - ok
22:27:37.0755 0x19d0  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
22:27:37.0766 0x19d0  fhsvc - ok
22:27:37.0777 0x19d0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
22:27:37.0787 0x19d0  FileInfo - ok
22:27:37.0802 0x19d0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
22:27:37.0816 0x19d0  Filetrace - ok
22:27:37.0823 0x19d0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
22:27:37.0833 0x19d0  flpydisk - ok
22:27:37.0849 0x19d0  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:27:37.0864 0x19d0  FltMgr - ok
22:27:37.0953 0x19d0  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
22:27:37.0988 0x19d0  FontCache - ok
22:27:38.0134 0x19d0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:27:38.0158 0x19d0  FontCache3.0.0.0 - ok
22:27:38.0175 0x19d0  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
22:27:38.0201 0x19d0  FsDepends - ok
22:27:38.0217 0x19d0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:27:38.0240 0x19d0  Fs_Rec - ok
22:27:38.0270 0x19d0  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:27:38.0294 0x19d0  fvevol - ok
22:27:38.0302 0x19d0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
22:27:38.0311 0x19d0  FxPPM - ok
22:27:38.0328 0x19d0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
22:27:38.0337 0x19d0  gagp30kx - ok
22:27:38.0378 0x19d0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
22:27:38.0386 0x19d0  gencounter - ok
22:27:38.0400 0x19d0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:27:38.0411 0x19d0  GPIOClx0101 - ok
22:27:38.0497 0x19d0  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
22:27:38.0535 0x19d0  gpsvc - ok
22:27:38.0559 0x19d0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:27:38.0569 0x19d0  gupdate - ok
22:27:38.0573 0x19d0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:27:38.0582 0x19d0  gupdatem - ok
22:27:38.0600 0x19d0  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
22:27:38.0610 0x19d0  Hamachi - ok
22:27:38.0660 0x19d0  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
22:27:38.0676 0x19d0  HdAudAddService - ok
22:27:38.0688 0x19d0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
22:27:38.0698 0x19d0  HDAudBus - ok
22:27:38.0706 0x19d0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
22:27:38.0715 0x19d0  HidBatt - ok
22:27:38.0762 0x19d0  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
22:27:38.0773 0x19d0  HidBth - ok
22:27:38.0786 0x19d0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
22:27:38.0795 0x19d0  hidi2c - ok
22:27:38.0810 0x19d0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
22:27:38.0820 0x19d0  HidIr - ok
22:27:38.0833 0x19d0  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
22:27:38.0843 0x19d0  hidserv - ok
22:27:38.0848 0x19d0  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
22:27:38.0857 0x19d0  HidUsb - ok
22:27:38.0890 0x19d0  [ B7081417E9037B5E8693E01E2FBC13D0, 5B2E4FF00507D6639B5A33281A9897F0DB84FE258B3F38C0B97BC577BB2B2DB6 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:27:38.0894 0x19d0  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
22:27:41.0374 0x19d0  Detect skipped due to KSN trusted
22:27:41.0374 0x19d0  HiPatchService - ok
22:27:41.0415 0x19d0  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
22:27:41.0429 0x19d0  hkmsvc - ok
22:27:41.0596 0x19d0  [ E1F66319693C459CB76A2868EBD5651C, FC707E87DDDDA6D319E761A47436295DA14C4D2B95836A6760C97907B3CB28B1 ] HnGSteamService C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe
22:27:41.0620 0x19d0  HnGSteamService - ok
22:27:41.0637 0x19d0  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:27:41.0651 0x19d0  HomeGroupListener - ok
22:27:41.0699 0x19d0  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:27:41.0739 0x19d0  HomeGroupProvider - ok
22:27:41.0768 0x19d0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
22:27:41.0781 0x19d0  HpSAMD - ok
22:27:41.0855 0x19d0  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
22:27:41.0889 0x19d0  HTTP - ok
22:27:41.0899 0x19d0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
22:27:41.0907 0x19d0  hwpolicy - ok
22:27:41.0918 0x19d0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
22:27:41.0927 0x19d0  hyperkbd - ok
22:27:41.0940 0x19d0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
22:27:41.0949 0x19d0  HyperVideo - ok
22:27:41.0994 0x19d0  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
22:27:42.0004 0x19d0  i8042prt - ok
22:27:42.0017 0x19d0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:27:42.0024 0x19d0  iaLPSSi_GPIO - ok
22:27:42.0040 0x19d0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:27:42.0048 0x19d0  iaLPSSi_I2C - ok
22:27:42.0072 0x19d0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
22:27:42.0090 0x19d0  iaStorAV - ok
22:27:42.0105 0x19d0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
22:27:42.0122 0x19d0  iaStorV - ok
22:27:42.0126 0x19d0  IEEtwCollectorService - ok
22:27:42.0186 0x19d0  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
22:27:42.0216 0x19d0  IKEEXT - ok
22:27:42.0339 0x19d0  [ DC052337C24A87AA1ACC8FCE4F2D5C7F, A438A7A519E9B05DAC2AB097BFBDCD42766E9EAA66054DD6946D27802F0B150A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:27:42.0419 0x19d0  IntcAzAudAddService - ok
22:27:42.0437 0x19d0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
22:27:42.0446 0x19d0  intelide - ok
22:27:42.0489 0x19d0  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
22:27:42.0497 0x19d0  intelpep - ok
22:27:42.0511 0x19d0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
22:27:42.0521 0x19d0  intelppm - ok
22:27:42.0534 0x19d0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:27:42.0557 0x19d0  IpFilterDriver - ok
22:27:42.0620 0x19d0  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
22:27:42.0657 0x19d0  iphlpsvc - ok
22:27:42.0668 0x19d0  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:27:42.0678 0x19d0  IPMIDRV - ok
22:27:42.0695 0x19d0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
22:27:42.0706 0x19d0  IPNAT - ok
22:27:42.0718 0x19d0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
22:27:42.0730 0x19d0  IRENUM - ok
22:27:42.0734 0x19d0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
22:27:42.0743 0x19d0  isapnp - ok
22:27:42.0761 0x19d0  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
22:27:42.0774 0x19d0  iScsiPrt - ok
22:27:42.0788 0x19d0  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
22:27:42.0797 0x19d0  kbdclass - ok
22:27:42.0803 0x19d0  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
22:27:42.0812 0x19d0  kbdhid - ok
22:27:42.0820 0x19d0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
22:27:42.0829 0x19d0  kdnic - ok
22:27:42.0836 0x19d0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
22:27:42.0846 0x19d0  KeyIso - ok
22:27:42.0853 0x19d0  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
22:27:42.0863 0x19d0  KSecDD - ok
22:27:42.0879 0x19d0  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:27:42.0891 0x19d0  KSecPkg - ok
22:27:42.0904 0x19d0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
22:27:42.0914 0x19d0  ksthunk - ok
22:27:42.0957 0x19d0  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
22:27:42.0994 0x19d0  KtmRm - ok
22:27:43.0046 0x19d0  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
22:27:43.0081 0x19d0  LanmanServer - ok
22:27:43.0098 0x19d0  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:27:43.0116 0x19d0  LanmanWorkstation - ok
22:27:43.0170 0x19d0  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
22:27:43.0209 0x19d0  lfsvc - ok
22:27:43.0222 0x19d0  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
22:27:43.0229 0x19d0  lirsgt - ok
22:27:43.0234 0x19d0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
22:27:43.0245 0x19d0  lltdio - ok
22:27:43.0262 0x19d0  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
22:27:43.0281 0x19d0  lltdsvc - ok
22:27:43.0294 0x19d0  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
22:27:43.0303 0x19d0  lmhosts - ok
22:27:43.0320 0x19d0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
22:27:43.0330 0x19d0  LSI_SAS - ok
22:27:43.0347 0x19d0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
22:27:43.0356 0x19d0  LSI_SAS2 - ok
22:27:43.0371 0x19d0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
22:27:43.0381 0x19d0  LSI_SAS3 - ok
22:27:43.0395 0x19d0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
22:27:43.0404 0x19d0  LSI_SSS - ok
22:27:43.0469 0x19d0  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
22:27:43.0501 0x19d0  LSM - ok
22:27:43.0513 0x19d0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
22:27:43.0524 0x19d0  luafv - ok
22:27:43.0540 0x19d0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
22:27:43.0549 0x19d0  megasas - ok
22:27:43.0573 0x19d0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
22:27:43.0594 0x19d0  megasr - ok
22:27:43.0639 0x19d0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
22:27:43.0658 0x19d0  MMCSS - ok
22:27:43.0677 0x19d0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
22:27:43.0688 0x19d0  Modem - ok
22:27:43.0712 0x19d0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
22:27:43.0721 0x19d0  monitor - ok
22:27:43.0742 0x19d0  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
22:27:43.0751 0x19d0  mouclass - ok
22:27:43.0757 0x19d0  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
22:27:43.0766 0x19d0  mouhid - ok
22:27:43.0825 0x19d0  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
22:27:43.0853 0x19d0  mountmgr - ok
22:27:43.0877 0x19d0  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
22:27:43.0897 0x19d0  mpsdrv - ok
22:27:43.0932 0x19d0  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
22:27:43.0964 0x19d0  MpsSvc - ok
22:27:44.0011 0x19d0  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
22:27:44.0023 0x19d0  MRxDAV - ok
22:27:44.0066 0x19d0  [ 61000E7155E92342D0D5338CE05D102A, BCFA1A82B9727040C496A84F42D4613B96EC445018BDFBF2E180889B1B561559 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:27:44.0106 0x19d0  mrxsmb - ok
22:27:44.0180 0x19d0  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:27:44.0205 0x19d0  mrxsmb10 - ok
22:27:44.0221 0x19d0  [ B0A106352DEF6D52332EA39E00462EA7, 274422C1E172B673130944F2FF2A2D9A9A364CFFC02FD04DD7D6D45B34C5022A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:27:44.0239 0x19d0  mrxsmb20 - ok
22:27:44.0253 0x19d0  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
22:27:44.0264 0x19d0  MsBridge - ok
22:27:44.0308 0x19d0  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:27:44.0320 0x19d0  MSDTC - ok
22:27:44.0330 0x19d0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:27:44.0354 0x19d0  Msfs - ok
22:27:44.0369 0x19d0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:27:44.0377 0x19d0  msgpiowin32 - ok
22:27:44.0385 0x19d0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:27:44.0394 0x19d0  mshidkmdf - ok
22:27:44.0401 0x19d0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
22:27:44.0410 0x19d0  mshidumdf - ok
22:27:44.0419 0x19d0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
22:27:44.0427 0x19d0  msisadrv - ok
22:27:44.0477 0x19d0  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
22:27:44.0500 0x19d0  MSiSCSI - ok
22:27:44.0505 0x19d0  msiserver - ok
22:27:44.0517 0x19d0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:27:44.0529 0x19d0  MSKSSRV - ok
22:27:44.0540 0x19d0  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
22:27:44.0552 0x19d0  MsLldp - ok
22:27:44.0556 0x19d0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:27:44.0565 0x19d0  MSPCLOCK - ok
22:27:44.0570 0x19d0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:27:44.0578 0x19d0  MSPQM - ok
22:27:44.0597 0x19d0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
22:27:44.0613 0x19d0  MsRPC - ok
22:27:44.0626 0x19d0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
22:27:44.0635 0x19d0  mssmbios - ok
22:27:44.0638 0x19d0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
22:27:44.0647 0x19d0  MSTEE - ok
22:27:44.0658 0x19d0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
22:27:44.0667 0x19d0  MTConfig - ok
22:27:44.0672 0x19d0  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
22:27:44.0681 0x19d0  Mup - ok
22:27:44.0694 0x19d0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
22:27:44.0703 0x19d0  mvumis - ok
22:27:44.0757 0x19d0  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
22:27:44.0776 0x19d0  napagent - ok
22:27:44.0797 0x19d0  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:27:44.0814 0x19d0  NativeWifiP - ok
22:27:44.0850 0x19d0  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
22:27:44.0863 0x19d0  NcaSvc - ok
22:27:44.0875 0x19d0  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
22:27:44.0887 0x19d0  NcbService - ok
22:27:44.0898 0x19d0  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
22:27:44.0908 0x19d0  NcdAutoSetup - ok
22:27:44.0969 0x19d0  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
22:27:45.0003 0x19d0  NDIS - ok
22:27:45.0014 0x19d0  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
22:27:45.0024 0x19d0  NdisCap - ok
22:27:45.0038 0x19d0  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
22:27:45.0048 0x19d0  NdisImPlatform - ok
22:27:45.0088 0x19d0  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:27:45.0097 0x19d0  NdisTapi - ok
22:27:45.0108 0x19d0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:27:45.0118 0x19d0  Ndisuio - ok
22:27:45.0129 0x19d0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:27:45.0140 0x19d0  NdisVirtualBus - ok
22:27:45.0155 0x19d0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:27:45.0169 0x19d0  NdisWan - ok
22:27:45.0176 0x19d0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:27:45.0190 0x19d0  NdisWanLegacy - ok
22:27:45.0206 0x19d0  [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:27:45.0216 0x19d0  NDProxy - ok
22:27:45.0228 0x19d0  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
22:27:45.0239 0x19d0  Ndu - ok
22:27:45.0246 0x19d0  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:27:45.0256 0x19d0  NetBIOS - ok
22:27:45.0267 0x19d0  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:27:45.0281 0x19d0  NetBT - ok
22:27:45.0295 0x19d0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:27:45.0304 0x19d0  Netlogon - ok
22:27:45.0343 0x19d0  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
22:27:45.0358 0x19d0  Netman - ok
22:27:45.0378 0x19d0  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
22:27:45.0399 0x19d0  netprofm - ok
22:27:45.0476 0x19d0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:27:45.0543 0x19d0  NetTcpPortSharing - ok
22:27:45.0563 0x19d0  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
22:27:45.0589 0x19d0  netvsc - ok
22:27:45.0701 0x19d0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
22:27:45.0734 0x19d0  NlaSvc - ok
22:27:45.0747 0x19d0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:27:45.0759 0x19d0  Npfs - ok
22:27:45.0769 0x19d0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
22:27:45.0778 0x19d0  npsvctrig - ok
22:27:45.0789 0x19d0  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
22:27:45.0799 0x19d0  nsi - ok
22:27:45.0804 0x19d0  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
22:27:45.0813 0x19d0  nsiproxy - ok
22:27:45.0895 0x19d0  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:27:45.0974 0x19d0  Ntfs - ok
22:27:46.0003 0x19d0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:27:46.0013 0x19d0  Null - ok
22:27:46.0164 0x19d0  [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:27:46.0189 0x19d0  NvContainerLocalSystem - ok
22:27:46.0205 0x19d0  [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:27:46.0226 0x19d0  NvContainerNetworkService - ok
22:27:46.0252 0x19d0  [ C27427C9D79DE00A01B9987B68485F60, D385AFADECC3B1ECD62211D5501050A66F6A334AE3799DDA8F8CA4C231CFB075 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
22:27:46.0263 0x19d0  NVHDA - ok
22:27:46.0633 0x19d0  [ 1228B41A0EDEB81F26AD9F22C680F4C4, 19C1D819C47C2B0DCD7891133FF8F6A166E94A3DFE231745F49E651BC63CA6DA ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
22:27:46.0906 0x19d0  nvlddmkm - ok
22:27:46.0982 0x19d0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
22:27:46.0993 0x19d0  nvraid - ok
22:27:47.0017 0x19d0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
22:27:47.0028 0x19d0  nvstor - ok
22:27:47.0055 0x19d0  [ 4942EC595A4A10F94BB060CB2DFE83BD, 2FDBA6AFFCA0E85D840AFD149762CE82C95861C370469DF8A5C5B5F213CD9488 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:27:47.0061 0x19d0  NvStreamKms - ok
22:27:47.0175 0x19d0  [ 90DCD15F2FCD20474DE896DAEC146308, A3CD21CA15F359A3BEC6D659372E303C21EF1A290F3B7DC18D6452C89BDDF700 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
22:27:47.0214 0x19d0  NvTelemetryContainer - ok
22:27:47.0234 0x19d0  [ F489CE4A8456F9EB0F0C5532E2FD7549, 145D8A8EBF5120C735FBCDCA6593AB29088E2AB77130749E3727CB1434C9ABEA ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
22:27:47.0244 0x19d0  nvvad_WaveExtensible - ok
22:27:47.0286 0x19d0  [ 61BD2E2560FD1C5E0A8B8738816A0B93, 1057A6C4F7D04E81BFFD5B806295B3A5D12DE4D13F66E8542426D83D97E68C97 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
22:27:47.0296 0x19d0  nvvhci - ok
22:27:47.0321 0x19d0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
22:27:47.0336 0x19d0  nv_agp - ok
22:27:47.0449 0x19d0  [ AE2283E94A1C28199474CBFFCEF496B5, ACD97614331FDFD5A9E66BDBBC31168E11149660F8E49CB555F29DF5EB6DE3EB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
22:27:47.0501 0x19d0  Origin Client Service - ok
22:27:47.0574 0x19d0  [ 64D9AFC0116648756F92C244F862E1B3, 25034915865F5D5AA50EE815ECF61A3BCC813E19CCA4E3C24C3C42620739935E ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
22:27:47.0638 0x19d0  Origin Web Helper Service - ok
22:27:47.0694 0x19d0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
22:27:47.0711 0x19d0  p2pimsvc - ok
22:27:47.0734 0x19d0  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
22:27:47.0751 0x19d0  p2psvc - ok
22:27:47.0764 0x19d0  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
22:27:47.0776 0x19d0  Parport - ok
22:27:47.0786 0x19d0  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
22:27:47.0795 0x19d0  partmgr - ok
22:27:47.0810 0x19d0  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
22:27:47.0828 0x19d0  PcaSvc - ok
22:27:47.0844 0x19d0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
22:27:47.0858 0x19d0  pci - ok
22:27:47.0872 0x19d0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
22:27:47.0880 0x19d0  pciide - ok
22:27:47.0898 0x19d0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
22:27:47.0908 0x19d0  pcmcia - ok
22:27:47.0920 0x19d0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
22:27:47.0929 0x19d0  pcw - ok
22:27:47.0973 0x19d0  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
22:27:47.0982 0x19d0  pdc - ok
22:27:48.0035 0x19d0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
22:27:48.0056 0x19d0  PEAUTH - ok
22:27:48.0150 0x19d0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
22:27:48.0159 0x19d0  PerfHost - ok
22:27:48.0208 0x19d0  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
22:27:48.0247 0x19d0  pla - ok
22:27:48.0296 0x19d0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
22:27:48.0324 0x19d0  PlugPlay - ok
22:27:48.0395 0x19d0  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
22:27:48.0416 0x19d0  PnkBstrA - ok
22:27:48.0434 0x19d0  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
22:27:48.0448 0x19d0  PNRPAutoReg - ok
22:27:48.0461 0x19d0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
22:27:48.0483 0x19d0  PNRPsvc - ok
22:27:48.0528 0x19d0  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
22:27:48.0544 0x19d0  PolicyAgent - ok
22:27:48.0560 0x19d0  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
22:27:48.0571 0x19d0  Power - ok
22:27:48.0584 0x19d0  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:27:48.0597 0x19d0  PptpMiniport - ok
22:27:48.0709 0x19d0  [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:27:48.0773 0x19d0  PrintNotify - ok
22:27:48.0790 0x19d0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
22:27:48.0800 0x19d0  Processor - ok
22:27:48.0839 0x19d0  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
22:27:48.0853 0x19d0  ProfSvc - ok
22:27:48.0897 0x19d0  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
22:27:48.0908 0x19d0  Psched - ok
22:27:48.0922 0x19d0  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
22:27:48.0937 0x19d0  QWAVE - ok
22:27:48.0947 0x19d0  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
22:27:48.0956 0x19d0  QWAVEdrv - ok
22:27:48.0964 0x19d0  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:27:48.0973 0x19d0  RasAcd - ok
22:27:48.0988 0x19d0  [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
22:27:48.0998 0x19d0  RasAgileVpn - ok
22:27:49.0013 0x19d0  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:27:49.0025 0x19d0  RasAuto - ok
22:27:49.0035 0x19d0  [ 1BD3022FD6E450B00DE560265638FD2A, 3878B443053DFFED62641BE8736891F426C7121EB8C4DB38FF0F218697133A6D ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:27:49.0045 0x19d0  Rasl2tp - ok
22:27:49.0066 0x19d0  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:27:49.0086 0x19d0  RasMan - ok
22:27:49.0099 0x19d0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:27:49.0111 0x19d0  RasPppoe - ok
22:27:49.0121 0x19d0  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
22:27:49.0131 0x19d0  RasSstp - ok
22:27:49.0153 0x19d0  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:27:49.0169 0x19d0  rdbss - ok
22:27:49.0178 0x19d0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
22:27:49.0187 0x19d0  rdpbus - ok
22:27:49.0201 0x19d0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
22:27:49.0213 0x19d0  RDPDR - ok
22:27:49.0232 0x19d0  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:27:49.0240 0x19d0  RdpVideoMiniport - ok
22:27:49.0254 0x19d0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
22:27:49.0267 0x19d0  rdyboost - ok
22:27:49.0303 0x19d0  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
22:27:49.0332 0x19d0  ReFS - ok
22:27:49.0377 0x19d0  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:27:49.0395 0x19d0  RemoteAccess - ok
22:27:49.0408 0x19d0  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:27:49.0420 0x19d0  RemoteRegistry - ok
22:27:49.0498 0x19d0  [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
22:27:49.0531 0x19d0  RichVideo64 - ok
22:27:49.0541 0x19d0  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
22:27:49.0555 0x19d0  RpcEptMapper - ok
22:27:49.0592 0x19d0  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:27:49.0617 0x19d0  RpcLocator - ok
22:27:49.0647 0x19d0  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:27:49.0673 0x19d0  RpcSs - ok
22:27:49.0680 0x19d0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:27:49.0692 0x19d0  rspndr - ok
22:27:49.0711 0x19d0  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
22:27:49.0731 0x19d0  RTL8168 - ok
22:27:49.0831 0x19d0  [ A5278C648EBE09D953B8F8B326C220AC, 2A46AEFA02DF801FFBE3DBA9FA81BBDB6EB9EEF35C4695D919BF86B9C1FF5C47 ] RtlWlanu        C:\WINDOWS\system32\DRIVERS\rtwlanu.sys
22:27:49.0910 0x19d0  RtlWlanu - ok
22:27:49.0929 0x19d0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
22:27:49.0938 0x19d0  s3cap - ok
22:27:49.0995 0x19d0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
22:27:50.0004 0x19d0  SamSs - ok
22:27:50.0022 0x19d0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
22:27:50.0032 0x19d0  sbp2port - ok
22:27:50.0044 0x19d0  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
22:27:50.0058 0x19d0  SCardSvr - ok
22:27:50.0092 0x19d0  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
22:27:50.0105 0x19d0  ScDeviceEnum - ok
22:27:50.0145 0x19d0  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:27:50.0155 0x19d0  scfilter - ok
22:27:50.0253 0x19d0  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:27:50.0290 0x19d0  Schedule - ok
22:27:50.0334 0x19d0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
22:27:50.0346 0x19d0  SCPolicySvc - ok
22:27:50.0465 0x19d0  [ 7A22063722BBC476EF73D59B6BBA7050, 63661BC4A167D3547FFD042AEF8F6534C6B813AA12FA5D879C9F8B6F5C8F0331 ] scupdate        C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
22:27:50.0476 0x19d0  scupdate - ok
22:27:50.0482 0x19d0  [ 7A22063722BBC476EF73D59B6BBA7050, 63661BC4A167D3547FFD042AEF8F6534C6B813AA12FA5D879C9F8B6F5C8F0331 ] scupdatem       C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
22:27:50.0492 0x19d0  scupdatem - ok
22:27:50.0551 0x19d0  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
22:27:50.0565 0x19d0  sdbus - ok
22:27:50.0580 0x19d0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
22:27:50.0590 0x19d0  sdstor - ok
22:27:50.0605 0x19d0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
22:27:50.0616 0x19d0  secdrv - ok
22:27:50.0662 0x19d0  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
22:27:50.0672 0x19d0  seclogon - ok
22:27:50.0685 0x19d0  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
22:27:50.0697 0x19d0  SENS - ok
22:27:50.0715 0x19d0  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
22:27:50.0729 0x19d0  SensrSvc - ok
22:27:50.0744 0x19d0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
22:27:50.0753 0x19d0  SerCx - ok
22:27:50.0765 0x19d0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
22:27:50.0776 0x19d0  SerCx2 - ok
22:27:50.0788 0x19d0  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
22:27:50.0797 0x19d0  Serenum - ok
22:27:50.0811 0x19d0  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
22:27:50.0821 0x19d0  Serial - ok
22:27:50.0859 0x19d0  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
22:27:50.0867 0x19d0  sermouse - ok
22:27:50.0889 0x19d0  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
22:27:50.0905 0x19d0  SessionEnv - ok
22:27:50.0921 0x19d0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
22:27:50.0930 0x19d0  sfloppy - ok
22:27:50.0980 0x19d0  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:27:50.0998 0x19d0  SharedAccess - ok
22:27:51.0022 0x19d0  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:27:51.0044 0x19d0  ShellHWDetection - ok
22:27:51.0058 0x19d0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:27:51.0067 0x19d0  SiSRaid2 - ok
22:27:51.0076 0x19d0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
22:27:51.0085 0x19d0  SiSRaid4 - ok
22:27:51.0148 0x19d0  [ E84771625FE46CB5C53B475932EA4BE8, D6480BDFDB765690D4DF40234B1B7B3E9C08B3716D33CA7A379EBB7373F9A573 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:27:51.0166 0x19d0  SkypeUpdate - ok
22:27:51.0206 0x19d0  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
22:27:51.0230 0x19d0  smphost - ok
22:27:51.0274 0x19d0  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
22:27:51.0288 0x19d0  SNMPTRAP - ok
22:27:51.0362 0x19d0  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
22:27:51.0403 0x19d0  spaceport - ok
22:27:51.0419 0x19d0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
22:27:51.0432 0x19d0  SpbCx - ok
22:27:51.0486 0x19d0  [ 577DD08B78DFD31E9191255ECD8EC0C2, C4936DBA01E49B4882129DA6D2626AF402F7F148B5DE80940636A436E7BA64BA ] SpeedupService  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
22:27:51.0494 0x19d0  SpeedupService - ok
22:27:51.0553 0x19d0  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
22:27:51.0578 0x19d0  Spooler - ok
22:27:51.0726 0x19d0  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
22:27:51.0886 0x19d0  sppsvc - ok
22:27:51.0944 0x19d0  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:27:51.0960 0x19d0  srv - ok
22:27:51.0983 0x19d0  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
22:27:52.0004 0x19d0  srv2 - ok
22:27:52.0017 0x19d0  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:27:52.0029 0x19d0  srvnet - ok
22:27:52.0073 0x19d0  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:27:52.0088 0x19d0  SSDPSRV - ok
22:27:52.0101 0x19d0  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
22:27:52.0113 0x19d0  SstpSvc - ok
22:27:52.0138 0x19d0  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:27:52.0149 0x19d0  ssudmdm - ok
22:27:52.0250 0x19d0  [ AC5DE2689B571942E08128D0EC771495, 46A0932F0AC4911B6778D7C09DFB640A9225092CDC028BF74E8FD6374A1E8035 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:27:52.0288 0x19d0  Steam Client Service - ok
22:27:52.0298 0x19d0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
22:27:52.0307 0x19d0  stexstor - ok
22:27:52.0380 0x19d0  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
22:27:52.0406 0x19d0  stisvc - ok
22:27:52.0420 0x19d0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
22:27:52.0430 0x19d0  storahci - ok
22:27:52.0447 0x19d0  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
22:27:52.0456 0x19d0  storflt - ok
22:27:52.0496 0x19d0  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
22:27:52.0514 0x19d0  stornvme - ok
22:27:52.0531 0x19d0  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
22:27:52.0545 0x19d0  StorSvc - ok
22:27:52.0585 0x19d0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
22:27:52.0597 0x19d0  storvsc - ok
22:27:52.0614 0x19d0  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
22:27:52.0627 0x19d0  svsvc - ok
22:27:52.0641 0x19d0  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
22:27:52.0651 0x19d0  swenum - ok
22:27:52.0676 0x19d0  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
22:27:52.0701 0x19d0  swprv - ok
22:27:52.0771 0x19d0  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
22:27:52.0803 0x19d0  SysMain - ok
22:27:52.0845 0x19d0  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:27:52.0860 0x19d0  SystemEventsBroker - ok
22:27:52.0876 0x19d0  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:27:52.0888 0x19d0  TabletInputService - ok
22:27:52.0941 0x19d0  [ BB3F041ACE6FF23FD8F51B4CDDAB111B, A74544001291AB5E03E4B728CE7A336B17AA351C5E57C48536F62EAA756DFF7B ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
22:27:52.0957 0x19d0  tap0901 - ok
22:27:52.0989 0x19d0  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:27:53.0019 0x19d0  TapiSrv - ok
22:27:53.0146 0x19d0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
22:27:53.0214 0x19d0  Tcpip - ok
22:27:53.0284 0x19d0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:27:53.0348 0x19d0  TCPIP6 - ok
22:27:53.0393 0x19d0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
22:27:53.0403 0x19d0  tcpipreg - ok
22:27:53.0451 0x19d0  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
22:27:53.0479 0x19d0  tdx - ok
22:27:53.0757 0x19d0  [ 52BE9C0316E3533D8CF6445C2C4E3AA2, F32FDDFA5C1EE57F264CF37E4E18D1F2A42675785649509EA17F7D066B223522 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:27:53.0968 0x19d0  TeamViewer - ok
22:27:54.0005 0x19d0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
22:27:54.0014 0x19d0  terminpt - ok
22:27:54.0174 0x19d0  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
22:27:54.0206 0x19d0  TermService - ok
22:27:54.0213 0x19d0  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
22:27:54.0224 0x19d0  Themes - ok
22:27:54.0264 0x19d0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
22:27:54.0283 0x19d0  THREADORDER - ok
22:27:54.0303 0x19d0  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
22:27:54.0323 0x19d0  TimeBroker - ok
22:27:54.0365 0x19d0  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
22:27:54.0381 0x19d0  TPM - ok
22:27:54.0395 0x19d0  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
22:27:54.0407 0x19d0  TrkWks - ok
22:27:54.0455 0x19d0  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:27:54.0482 0x19d0  TrustedInstaller - ok
22:27:54.0501 0x19d0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
22:27:54.0514 0x19d0  TsUsbFlt - ok
22:27:54.0527 0x19d0  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:27:54.0539 0x19d0  TsUsbGD - ok
22:27:54.0581 0x19d0  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
22:27:54.0596 0x19d0  tunnel - ok
22:27:54.0638 0x19d0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
22:27:54.0651 0x19d0  uagp35 - ok
22:27:54.0663 0x19d0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
22:27:54.0676 0x19d0  UASPStor - ok
22:27:54.0696 0x19d0  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
22:27:54.0713 0x19d0  UCX01000 - ok
22:27:54.0763 0x19d0  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
22:27:54.0789 0x19d0  udfs - ok
22:27:54.0801 0x19d0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
22:27:54.0811 0x19d0  UEFI - ok
22:27:54.0850 0x19d0  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
22:27:54.0862 0x19d0  UI0Detect - ok
22:27:54.0878 0x19d0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
22:27:54.0889 0x19d0  uliagpkx - ok
22:27:54.0894 0x19d0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
22:27:54.0904 0x19d0  umbus - ok
22:27:54.0916 0x19d0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
22:27:54.0925 0x19d0  UmPass - ok
22:27:54.0940 0x19d0  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
22:27:54.0956 0x19d0  UmRdpService - ok
22:27:54.0978 0x19d0  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:27:54.0996 0x19d0  upnphost - ok
22:27:55.0003 0x19d0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
22:27:55.0014 0x19d0  usbccgp - ok
22:27:55.0028 0x19d0  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
22:27:55.0038 0x19d0  usbcir - ok
22:27:55.0075 0x19d0  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
22:27:55.0085 0x19d0  usbehci - ok
22:27:55.0107 0x19d0  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
22:27:55.0113 0x19d0  usbfilter - ok
22:27:55.0134 0x19d0  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
22:27:55.0152 0x19d0  usbhub - ok
22:27:55.0199 0x19d0  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
22:27:55.0218 0x19d0  USBHUB3 - ok
22:27:55.0225 0x19d0  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
22:27:55.0234 0x19d0  usbohci - ok
22:27:55.0248 0x19d0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
22:27:55.0258 0x19d0  usbprint - ok
22:27:55.0310 0x19d0  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:27:55.0331 0x19d0  USBSTOR - ok
22:27:55.0352 0x19d0  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
22:27:55.0366 0x19d0  usbuhci - ok
22:27:55.0417 0x19d0  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:27:55.0438 0x19d0  USBXHCI - ok
22:27:55.0444 0x19d0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
22:27:55.0453 0x19d0  VaultSvc - ok
22:27:55.0458 0x19d0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
22:27:55.0466 0x19d0  vdrvroot - ok
22:27:55.0548 0x19d0  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
22:27:55.0587 0x19d0  vds - ok
22:27:55.0599 0x19d0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
22:27:55.0611 0x19d0  VerifierExt - ok
22:27:55.0659 0x19d0  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
22:27:55.0679 0x19d0  vhdmp - ok
22:27:55.0696 0x19d0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
22:27:55.0704 0x19d0  viaide - ok
22:27:55.0714 0x19d0  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
22:27:55.0724 0x19d0  vmbus - ok
22:27:55.0738 0x19d0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
22:27:55.0747 0x19d0  VMBusHID - ok
22:27:55.0795 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:27:55.0814 0x19d0  vmicguestinterface - ok
22:27:55.0827 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
22:27:55.0846 0x19d0  vmicheartbeat - ok
22:27:55.0857 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:27:55.0876 0x19d0  vmickvpexchange - ok
22:27:55.0888 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
22:27:55.0907 0x19d0  vmicrdv - ok
22:27:55.0919 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
22:27:55.0938 0x19d0  vmicshutdown - ok
22:27:55.0950 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
22:27:55.0969 0x19d0  vmictimesync - ok
22:27:55.0980 0x19d0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
22:27:55.0999 0x19d0  vmicvss - ok
22:27:56.0006 0x19d0  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
22:27:56.0015 0x19d0  volmgr - ok
22:27:56.0033 0x19d0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
22:27:56.0049 0x19d0  volmgrx - ok
22:27:56.0086 0x19d0  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
22:27:56.0100 0x19d0  volsnap - ok
22:27:56.0116 0x19d0  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
22:27:56.0125 0x19d0  vpci - ok
22:27:56.0171 0x19d0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
22:27:56.0182 0x19d0  vsmraid - ok
22:27:56.0221 0x19d0  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\WINDOWS\system32\vssvc.exe
22:27:56.0258 0x19d0  VSS - ok
22:27:56.0280 0x19d0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
22:27:56.0294 0x19d0  VSTXRAID - ok
22:27:56.0312 0x19d0  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
22:27:56.0320 0x19d0  vwifibus - ok
22:27:56.0330 0x19d0  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
22:27:56.0342 0x19d0  vwififlt - ok
22:27:56.0348 0x19d0  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
22:27:56.0359 0x19d0  vwifimp - ok
22:27:56.0383 0x19d0  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
22:27:56.0404 0x19d0  W32Time - ok
22:27:56.0425 0x19d0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
22:27:56.0434 0x19d0  WacomPen - ok
22:27:56.0451 0x19d0  [ B41F3E5780D97CFD44A717153AD9CF2C, 6133104D9E5BCFDCDF55E3C52AA701766102A8F86D3F2667BBBF7168E3B3E2AB ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:27:56.0460 0x19d0  Wanarp - ok
22:27:56.0464 0x19d0  [ B41F3E5780D97CFD44A717153AD9CF2C, 6133104D9E5BCFDCDF55E3C52AA701766102A8F86D3F2667BBBF7168E3B3E2AB ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:27:56.0474 0x19d0  Wanarpv6 - ok
22:27:56.0518 0x19d0  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
22:27:56.0557 0x19d0  wbengine - ok
22:27:56.0613 0x19d0  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
22:27:56.0632 0x19d0  WbioSrvc - ok
22:27:56.0646 0x19d0  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
22:27:56.0663 0x19d0  Wcmsvc - ok
22:27:56.0679 0x19d0  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
22:27:56.0697 0x19d0  wcncsvc - ok
22:27:56.0711 0x19d0  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:27:56.0721 0x19d0  WcsPlugInService - ok
22:27:56.0765 0x19d0  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
22:27:56.0775 0x19d0  WdBoot - ok
22:27:56.0805 0x19d0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
22:27:56.0828 0x19d0  Wdf01000 - ok
22:27:56.0850 0x19d0  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
22:27:56.0864 0x19d0  WdFilter - ok
22:27:56.0881 0x19d0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
22:27:56.0894 0x19d0  WdiServiceHost - ok
22:27:56.0898 0x19d0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
22:27:56.0911 0x19d0  WdiSystemHost - ok
22:27:56.0923 0x19d0  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:27:56.0933 0x19d0  WdNisDrv - ok
22:27:56.0973 0x19d0  WdNisSvc - ok
22:27:57.0020 0x19d0  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:27:57.0044 0x19d0  WebClient - ok
22:27:57.0062 0x19d0  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
22:27:57.0076 0x19d0  Wecsvc - ok
22:27:57.0093 0x19d0  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
22:27:57.0103 0x19d0  WEPHOSTSVC - ok
22:27:57.0119 0x19d0  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
22:27:57.0143 0x19d0  wercplsupport - ok
22:27:57.0163 0x19d0  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
22:27:57.0176 0x19d0  WerSvc - ok
22:27:57.0222 0x19d0  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
22:27:57.0246 0x19d0  WFPLWFS - ok
22:27:57.0265 0x19d0  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
22:27:57.0280 0x19d0  WiaRpc - ok
22:27:57.0292 0x19d0  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
22:27:57.0302 0x19d0  WIMMount - ok
22:27:57.0304 0x19d0  WinDefend - ok
22:27:57.0366 0x19d0  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:27:57.0399 0x19d0  WinHttpAutoProxySvc - ok
22:27:57.0452 0x19d0  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:27:57.0465 0x19d0  Winmgmt - ok
22:27:57.0537 0x19d0  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
22:27:57.0598 0x19d0  WinRM - ok
22:27:57.0645 0x19d0  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
22:27:57.0655 0x19d0  WinUsb - ok
22:27:57.0723 0x19d0  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
22:27:57.0761 0x19d0  WlanSvc - ok
22:27:57.0815 0x19d0  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
22:27:57.0855 0x19d0  wlidsvc - ok
22:27:57.0867 0x19d0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
22:27:57.0876 0x19d0  WmiAcpi - ok
22:27:57.0890 0x19d0  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:27:57.0902 0x19d0  wmiApSrv - ok
22:27:57.0912 0x19d0  WMPNetworkSvc - ok
22:27:57.0924 0x19d0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
22:27:57.0936 0x19d0  Wof - ok
22:27:57.0987 0x19d0  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
22:27:58.0028 0x19d0  workfolderssvc - ok
22:27:58.0073 0x19d0  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:27:58.0082 0x19d0  wpcfltr - ok
22:27:58.0097 0x19d0  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
22:27:58.0106 0x19d0  WPCSvc - ok
22:27:58.0121 0x19d0  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
22:27:58.0131 0x19d0  WPDBusEnum - ok
22:27:58.0147 0x19d0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:27:58.0155 0x19d0  WpdUpFltr - ok
22:27:58.0167 0x19d0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:27:58.0177 0x19d0  ws2ifsl - ok
22:27:58.0234 0x19d0  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
22:27:58.0263 0x19d0  wscsvc - ok
22:27:58.0277 0x19d0  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
22:27:58.0286 0x19d0  WSDPrintDevice - ok
22:27:58.0310 0x19d0  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
22:27:58.0319 0x19d0  WSDScan - ok
22:27:58.0327 0x19d0  WSearch - ok
22:27:58.0461 0x19d0  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
22:27:58.0552 0x19d0  WSService - ok
22:27:58.0702 0x19d0  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
22:27:58.0781 0x19d0  wuauserv - ok
22:27:58.0801 0x19d0  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
22:27:58.0811 0x19d0  WudfPf - ok
22:27:58.0825 0x19d0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
22:27:58.0837 0x19d0  WUDFRd - ok
22:27:58.0845 0x19d0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:27:58.0857 0x19d0  WUDFSensorLP - ok
22:27:58.0868 0x19d0  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
22:27:58.0880 0x19d0  wudfsvc - ok
22:27:58.0888 0x19d0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:27:58.0900 0x19d0  WUDFWpdFs - ok
22:27:58.0906 0x19d0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:27:58.0918 0x19d0  WUDFWpdMtp - ok
22:27:58.0944 0x19d0  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
22:27:58.0964 0x19d0  WwanSvc - ok
22:27:58.0966 0x19d0  xhunter1 - ok
22:27:59.0003 0x19d0  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
22:27:59.0018 0x19d0  xusb22 - ok
22:27:59.0034 0x19d0  ================ Scan global ===============================
22:27:59.0050 0x19d0  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
22:27:59.0071 0x19d0  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
22:27:59.0087 0x19d0  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
22:27:59.0143 0x19d0  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
22:27:59.0161 0x19d0  [ Global ] - ok
22:27:59.0162 0x19d0  ================ Scan MBR ==================================
22:27:59.0163 0x19d0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:27:59.0214 0x19d0  \Device\Harddisk0\DR0 - ok
22:27:59.0219 0x19d0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:27:59.0310 0x19d0  \Device\Harddisk1\DR1 - ok
22:27:59.0311 0x19d0  ================ Scan VBR ==================================
22:27:59.0315 0x19d0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
22:27:59.0315 0x19d0  \Device\Harddisk0\DR0\Partition1 - ok
22:27:59.0322 0x19d0  [ CC8335A57C9D551350DDED7CDC57F917 ] \Device\Harddisk0\DR0\Partition2
22:27:59.0326 0x19d0  \Device\Harddisk0\DR0\Partition2 - ok
22:27:59.0357 0x19d0  [ 5F7675EB537A44FCD0ABF573D4CEFAB0 ] \Device\Harddisk1\DR1\Partition1
22:27:59.0359 0x19d0  \Device\Harddisk1\DR1\Partition1 - ok
22:27:59.0364 0x19d0  [ 3A6ED5B0889E65A39158873625795600 ] \Device\Harddisk1\DR1\Partition2
22:27:59.0366 0x19d0  \Device\Harddisk1\DR1\Partition2 - ok
22:27:59.0376 0x19d0  [ 9D327BA77F9A4BB193707A464C3EE21D ] \Device\Harddisk1\DR1\Partition3
22:27:59.0377 0x19d0  \Device\Harddisk1\DR1\Partition3 - ok
22:27:59.0386 0x19d0  [ 9F18C7B15C5AD13032661D6B06B48BF9 ] \Device\Harddisk1\DR1\Partition4
22:27:59.0388 0x19d0  \Device\Harddisk1\DR1\Partition4 - ok
22:27:59.0426 0x19d0  [ 0D9C9AD8489DD1383E175C7E8EF1ED6F ] \Device\Harddisk1\DR1\Partition5
22:27:59.0448 0x19d0  \Device\Harddisk1\DR1\Partition5 - ok
22:27:59.0496 0x19d0  [ F38FB13944480F65B2BE77CF01227194 ] \Device\Harddisk1\DR1\Partition6
22:27:59.0501 0x19d0  \Device\Harddisk1\DR1\Partition6 - ok
22:27:59.0541 0x19d0  [ EC58F61C4CE00952B716076BCF9A5679 ] \Device\Harddisk1\DR1\Partition7
22:27:59.0542 0x19d0  \Device\Harddisk1\DR1\Partition7 - ok
22:27:59.0543 0x19d0  ================ Scan generic autorun ======================
22:27:59.0586 0x19d0  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
22:27:59.0609 0x19d0  CLMLServer_For_P2G8 - ok
22:27:59.0647 0x19d0  [ BE14AD6D80F9A3B33262C62479199E61, DA661F2821235018BE22CB1B459DDC99BE6D969C754096A83B2B85C1E2E46651 ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
22:27:59.0677 0x19d0  CLVirtualDrive - ok
22:27:59.0690 0x19d0  [ A2221900B57AEC20577996744FA4A56A, AFEF9176DBA86CDB16A7E84AD0DF6433D4F5865948774FB6B619CBEBEC004592 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
22:27:59.0700 0x19d0  RemoteControl10 - ok
22:27:59.0739 0x19d0  [ 2CFE20EA0DB2174B564E6A1E4D378213, E2919B1ABC7F5D2269E6DE9A9B32BD3CD8DA4689A19C1594A02E1F7B2A67EEEC ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:27:59.0761 0x19d0  Avira SystrayStartTrigger - ok
22:27:59.0848 0x19d0  [ 323B5D30CEA1179661F03E87B95B79D8, 1F3A11B908FF01D850DA71EF8FD4CD4D60C3EA76DDF308DA090C4EBF752599CE ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
22:27:59.0874 0x19d0  avgnt - ok
22:27:59.0894 0x19d0  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
22:27:59.0911 0x19d0  amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
22:28:07.0616 0x19d0  amd_dc_opt ( UnsignedFile.Multi.Generic ) - warning
22:28:07.0756 0x19d0  [ 555ED8FE114EF3A2728625991DA64759, CF313C155FFB47304F2E06D68C62CEFF783D890B2331BE6F7B131B614EAFD1F3 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
22:28:07.0845 0x19d0  Dropbox - ok
22:28:07.0889 0x19d0  [ 8BF21E51C3704476F83F96A1B303955C, 2DE83CE933BD2ABF5ECF3FC662933FC59F0254FF931849917D09CFF40E079E0E ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
22:28:07.0898 0x19d0  Avira System Speedup User Starter - ok
22:28:08.0014 0x19d0  [ A69BC7203E0BFFEE8215C0913D02CB55, A4130AC877EEBAFD8F12B39807B36607CA3C3DD8F0CE365A5F976E690E112C03 ] C:\Program Files (x86)\Steam\steam.exe
22:28:08.0089 0x19d0  Steam - ok
22:28:08.0305 0x19d0  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
22:28:08.0449 0x19d0  Akamai NetSession Interface - ok
22:28:08.0540 0x19d0  Discord - ok
22:28:08.0687 0x19d0  [ 4DE6FE7EF9021E9C6FCF65B8CA7979DC, CDDB648D51A128F3DBD2318CEA611C622D9EEAC16166511ED56B5AA2F4ADC0ED ] C:\Program Files (x86)\Origin\Origin.exe
22:28:08.0748 0x19d0  EADM - ok
22:28:08.0815 0x19d0  [ F6B98B8DF6B6F8B7A2CE250A303F4086, DB9720E55FEF2E6759EE6284E234EDBD41469387E6A63A788D46B08234E23374 ] C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
22:28:08.0866 0x19d0  Gaijin.Net Agent - ok
22:28:08.0914 0x19d0  Skype - ok
22:28:09.0067 0x19d0  [ BBC048995985EB7CA9B2E8EFF196E3BB, FF10C2247A036DD6579D2AF76EF2DA4F98D8F4BA69167EF4B5D2E0EDB00F2DF9 ] C:\Games\World_of_Warships\WargamingGameUpdater.exe
22:28:09.0149 0x19d0  World of Warships - ok
22:28:09.0180 0x19d0  [ BCAF552FC839BA9E7B923DBE9F9F6218, 898826127320612304F04D44F02CC22DD86842BEB24D870F1F0E3594DE8C1A23 ] C:\Users\luca\AppData\Roaming\OpenOffice Updater\Updater.exe
22:28:09.0196 0x19d0  OpenOffice Updater - ok
22:28:09.0213 0x19d0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.27.34 ), 0x41000 ( enabled : updated )
22:28:09.0213 0x19d0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
22:28:09.0215 0x19d0  Win FW state via NFP2: enabled ( trusted )
22:28:09.0216 0x19d0  ============================================================
22:28:09.0216 0x19d0  Scan finished
22:28:09.0216 0x19d0  ============================================================
22:28:09.0222 0x11e0  Detected object count: 1
22:28:09.0222 0x11e0  Actual detected object count: 1
22:30:17.0869 0x11e0  amd_dc_opt ( UnsignedFile.Multi.Generic ) - skipped by user
22:30:17.0869 0x11e0  amd_dc_opt ( UnsignedFile.Multi.Generic ) - User select action: Skip

M-K-D-B · 10.07.2017, 15:26

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

schoko. · 10.07.2017, 17:33

Code:

ATTFilter

# AdwCleaner v6.047 - Bericht erstellt am 10/07/2017 um 17:26:08
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-07-07.1 [Lokal]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : luca - LOCA
# Gestartet von : C:\Users\luca\Desktop\adwcleaner_6.047 (1).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[-] Datei gelöscht: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5114 Bytes] - [22/06/2017 11:36:31]
C:\AdwCleaner\AdwCleaner[C2].txt - [1176 Bytes] - [22/06/2017 23:57:45]
C:\AdwCleaner\AdwCleaner[C3].txt - [1953 Bytes] - [24/06/2017 02:51:38]
C:\AdwCleaner\AdwCleaner[C4].txt - [2098 Bytes] - [25/06/2017 00:23:25]
C:\AdwCleaner\AdwCleaner[C5].txt - [2334 Bytes] - [08/07/2017 18:11:10]
C:\AdwCleaner\AdwCleaner[C6].txt - [2479 Bytes] - [08/07/2017 18:21:20]
C:\AdwCleaner\AdwCleaner[C7].txt - [1517 Bytes] - [10/07/2017 17:26:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [5273 Bytes] - [22/06/2017 11:34:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [1481 Bytes] - [22/06/2017 23:34:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [1626 Bytes] - [23/06/2017 00:00:54]
C:\AdwCleaner\AdwCleaner[S3].txt - [1699 Bytes] - [23/06/2017 00:05:53]
C:\AdwCleaner\AdwCleaner[S4].txt - [1758 Bytes] - [23/06/2017 00:09:07]
C:\AdwCleaner\AdwCleaner[S5].txt - [1832 Bytes] - [24/06/2017 02:43:40]
C:\AdwCleaner\AdwCleaner[S6].txt - [1977 Bytes] - [25/06/2017 00:22:40]
C:\AdwCleaner\AdwCleaner[S7].txt - [2124 Bytes] - [08/07/2017 18:10:34]
C:\AdwCleaner\AdwCleaner[S8].txt - [2269 Bytes] - [08/07/2017 18:20:40]
C:\AdwCleaner\AdwCleaner[S9].txt - [2413 Bytes] - [10/07/2017 17:24:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [2320 Bytes] ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 10.07.17
Scan-Zeit: 17:33
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2334
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: loca\luca

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 357990
Erkannte Bedrohungen: 7
In die Quarantäne verschobene Bedrohungen: 7
Abgelaufene Zeit: 11 Min., 32 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1307209835-1344803613-922493989-1002\CONSOLE\TASKENG.EXE, In Quarantäne, [9485], [408199],1.0.2334
PUP.Optional.GoHD, HKU\S-1-5-21-1307209835-1344803613-922493989-1002\SOFTWARE\-, In Quarantäne, [6642], [238796],1.0.2334
PUP.Optional.WinYahoo, HKU\S-1-5-21-1307209835-1344803613-922493989-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, In Quarantäne, [91], [262014],1.0.2334
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\WOW6432NODE\GeekBuddyRSP, In Quarantäne, [1966], [342277],1.0.2334

Registrierungswert: 3
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1307209835-1344803613-922493989-1002\CONSOLE\TASKENG.EXE|WINDOWPOSITION, In Quarantäne, [9485], [408199],1.0.2334
PUP.Optional.PSScriptLoad.EncJob, HKU\S-1-5-21-1307209835-1344803613-922493989-1002\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, In Quarantäne, [9485], [408201],1.0.2334
PUP.Optional.WinYahoo, HKU\S-1-5-21-1307209835-1344803613-922493989-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|FILENAME, In Quarantäne, [91], [262014],1.0.2334

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von luca (Administrator) auf LOCA (10-07-2017 18:26:58)
Gestartet von C:\Users\luca\Desktop
Geladene Profile: luca &  (Verfügbare Profile: luca)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Akamai Technologies, Inc.) C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Gaijin Entertainment) C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-06-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [66656 2017-06-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Akamai NetSession Interface] => C:\Users\luca\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Discord] => C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048312 2017-06-29] (Electronic Arts)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Gaijin.Net Agent] => C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-29] (Gaijin Entertainment)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2017-04-17] (Wargaming.net)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [OpenOffice Updater] => C:\Users\luca\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-10] ()
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [Akamai NetSession Interface] => C:\Users\luca\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [Discord] => C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048312 2017-06-29] (Electronic Arts)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [Gaijin.Net Agent] => C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-29] (Gaijin Entertainment)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2017-04-17] (Wargaming.net)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Run: [OpenOffice Updater] => C:\Users\luca\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-10] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{35ECA3E1-6589-4B86-B447-B8F42B038F1E}: [NameServer] 8.8.8.8,8.8.8.1
Tcpip\..\Interfaces\{35ECA3E1-6589-4B86-B447-B8F42B038F1E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-06-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-06-14] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default [2016-05-06]
FF Extension: (Avira Browser Safety) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\abs@avira.com [2016-05-01]
FF Extension: (Avira Password Manager) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\passwordmanager@avira.com [2017-06-22]
FF Extension: (Avira SafeSearch Plus) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\safesearchplus2@avira.com [2017-06-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2017-05-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2017-05-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-06-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-06-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-22] (NVIDIA Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-22] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-22] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default [2017-07-10]
CHR Extension: (Google Docs) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-08]
CHR Extension: (Google Drive) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-08]
CHR Extension: (YouTube) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-08]
CHR Extension: (Avira Password Manager) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2017-07-08]
CHR Extension: (Avira Browserschutz) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-08]
CHR Extension: (Google Docs Offline) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-08]
CHR Extension: (Google Mail) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-08]
CHR Profile: C:\Users\luca\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-22]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-06-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [335088 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [100816 2017-04-21] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-19] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-03-18] (BitRaider, LLC)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-05-01] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-03-19] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [778024 2017-06-27] (Reto-Moto ApS)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-22] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-06-29] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148184 2017-06-29] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-07-09] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-07-09] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-06-22] (Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-06-22] (Avira Operations GmbH & Co. KG)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-06-28] (Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-05-27] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-03-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-03-09] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2016-03-28] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-06-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-06-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-27] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7546544 2017-01-16] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-03-19] (BitRaider)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-12-04] (LogMeIn Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2016-03-28] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-10] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-22] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-10] (NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2016-03-09] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2016-03-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-03-09] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-10 18:26 - 2017-07-10 18:27 - 00025512 _____ C:\Users\luca\Desktop\FRST.txt
2017-07-10 18:23 - 2017-07-10 18:25 - 00002342 _____ C:\Users\luca\Desktop\mbam.txt
2017-07-10 18:20 - 2017-07-10 18:20 - 00000000 ____D C:\Users\luca\Desktop\Neuer Ordner
2017-07-10 17:39 - 2017-07-10 18:21 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-07-10 17:23 - 2017-07-10 18:05 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-10 17:23 - 2017-07-10 18:05 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-10 17:23 - 2017-07-10 18:05 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-10 17:23 - 2017-07-10 18:05 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-10 17:23 - 2017-07-10 17:23 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-10 17:22 - 2017-07-10 17:22 - 00001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-10 17:22 - 2017-07-10 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-10 17:22 - 2017-07-10 17:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-10 17:22 - 2017-07-10 17:22 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-10 17:22 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-10 17:20 - 2017-07-10 17:21 - 65033984 _____ (Malwarebytes ) C:\Users\luca\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-09 22:25 - 2017-07-09 22:58 - 00235916 _____ C:\TDSSKiller.3.1.0.15_09.07.2017_22.25.28_log.txt
2017-07-09 21:50 - 2017-07-10 18:26 - 00000000 ____D C:\FRST
2017-07-09 21:47 - 2017-06-22 11:27 - 04110280 _____ C:\Users\luca\Desktop\adwcleaner_6.047 (1).exe
2017-07-09 21:44 - 2017-07-09 21:44 - 04922400 _____ (AO Kaspersky Lab) C:\Users\luca\Desktop\tdsskiller.exe
2017-07-09 21:42 - 2017-07-09 21:42 - 02437120 _____ (Farbar) C:\Users\luca\Desktop\FRST64.exe
2017-07-09 20:09 - 2017-07-09 20:09 - 00001251 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2017-07-09 20:08 - 2017-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-07-07 21:45 - 2017-07-07 21:45 - 00025839 _____ C:\Users\luca\Downloads\Lebenslauf Luca Müller (1).pdf
2017-07-07 21:44 - 2017-07-07 21:44 - 00025799 _____ C:\Users\luca\Downloads\Lebenslauf Luca Müller.pdf
2017-07-04 20:02 - 2017-07-04 20:02 - 00145203 _____ C:\Users\luca\Downloads\RB_Müller.pdf
2017-07-02 19:13 - 2017-07-02 19:34 - 00000000 ____D C:\Users\luca\AppData\Local\MXM
2017-07-02 19:08 - 2017-07-02 19:08 - 00002025 _____ C:\Users\luca\Desktop\MXM.lnk
2017-07-02 19:08 - 2017-07-02 19:08 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayNC
2017-07-02 19:03 - 2017-07-02 19:03 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-07-01 11:48 - 2017-07-01 11:48 - 00000000 ____D C:\Users\luca\Screenshot
2017-06-27 20:50 - 2017-06-27 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-27 20:26 - 2017-06-27 20:27 - 00141850 _____ C:\Users\luca\Downloads\DeutschMod_2017-06-05.zip
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-25 03:41 - 2017-06-25 03:51 - 747242006 _____ C:\Users\luca\Downloads\CSS Game Content.zip
2017-06-25 03:41 - 2017-06-25 03:46 - 104042939 _____ C:\Users\luca\Downloads\CSS Maps.zip
2017-06-24 18:56 - 2017-06-24 18:56 - 00000000 ____D C:\Users\luca\AppData\LocalLow\PinoklGames
2017-06-24 01:12 - 2017-07-02 18:29 - 00000000 ____D C:\Program Files (x86)\NC Launcher
2017-06-24 01:12 - 2017-06-24 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NC Launcher
2017-06-24 01:08 - 2017-06-24 01:08 - 98562208 _____ (NCSOFT Corporation) C:\Users\luca\Downloads\MXMInstaller.exe
2017-06-22 17:19 - 2017-06-22 17:42 - 00000000 ____D C:\Users\luca\AppData\Local\FreeReign
2017-06-22 17:19 - 2017-06-22 17:19 - 00000000 ____D C:\Users\luca\Documents\FreeReign
2017-06-22 12:17 - 2017-06-22 12:18 - 00000000 ____D C:\ProgramData\TruckersMP
2017-06-22 11:41 - 2017-06-22 11:41 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-22 11:31 - 2017-07-10 17:26 - 00000000 ____D C:\AdwCleaner
2017-06-22 11:27 - 2017-06-22 11:27 - 04110280 _____ C:\Users\luca\Downloads\adwcleaner_6.047 (1).exe
2017-06-22 09:25 - 2017-06-22 09:25 - 00003718 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineUA
2017-06-22 09:25 - 2017-06-22 09:25 - 00003590 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineCore
2017-06-22 09:24 - 2017-07-10 17:39 - 00003658 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate
2017-06-22 09:24 - 2017-06-22 09:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avira
2017-06-22 09:22 - 2017-06-22 09:22 - 04799712 _____ (Avira Operations GmbH & Co. KG) C:\Users\luca\Downloads\avira_de_fass0_594b6fc9de33a__adw (1).exe
2017-06-22 09:20 - 2017-06-22 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2017-06-22 09:20 - 2017-06-22 09:20 - 00000000 ____D C:\Program Files\TruckersMP Launcher
2017-06-22 09:19 - 2017-06-22 09:19 - 00667351 _____ C:\Users\luca\Downloads\launcher_1004.zip
2017-06-22 09:11 - 2017-06-22 09:11 - 00000000 ____D C:\Users\luca\AppData\Roaming\Google
2017-06-16 15:44 - 2017-06-16 15:44 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Hyper Hippo Games
2017-06-15 18:42 - 2017-06-15 18:42 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-06-15 13:29 - 2017-06-15 13:29 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Dire Wolf Digital
2017-06-11 13:50 - 2017-06-11 14:04 - 2193842540 _____ C:\Users\luca\Downloads\Tsuyoshi2_31052017.zip
2017-06-10 00:15 - 2017-06-10 00:15 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-06-10 00:14 - 2017-06-10 00:14 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-06-10 00:13 - 2017-06-10 09:39 - 00000000 ____D C:\Users\luca\AppData\Roaming\OpenOffice Updater
2017-06-10 00:11 - 2017-06-10 00:12 - 171801512 _____ C:\Users\luca\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-10 18:22 - 2017-01-15 21:39 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-10 18:21 - 2016-06-13 17:07 - 00000000 ____D C:\Users\luca\AppData\Roaming\Origin
2017-07-10 18:21 - 2016-02-05 23:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-10 18:20 - 2016-06-13 16:59 - 00000000 ____D C:\ProgramData\Origin
2017-07-10 18:20 - 2016-04-30 22:16 - 00000000 ____D C:\Users\luca\AppData\Roaming\Skype
2017-07-10 18:19 - 2017-04-26 21:49 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-10 18:02 - 2016-03-18 21:54 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-10 18:02 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-10 17:54 - 2017-04-26 21:49 - 00001220 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-10 17:47 - 2016-02-05 23:27 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1307209835-1344803613-922493989-1002
2017-07-10 17:45 - 2016-03-28 02:27 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4D5675F6-0A5E-481D-8BE1-CC4E9DD7FA38}
2017-07-10 17:39 - 2016-05-01 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-10 17:38 - 2016-05-01 09:47 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-10 16:01 - 2017-01-20 16:47 - 00000000 ____D C:\Users\luca\AppData\Roaming\obs-studio
2017-07-10 15:25 - 2016-10-02 15:38 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-07-10 09:36 - 2016-03-05 17:04 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-07-09 23:02 - 2016-05-04 19:39 - 00000000 ____D C:\Users\luca\Desktop\ordner
2017-07-09 21:58 - 2017-01-17 20:30 - 00000000 ____D C:\Users\luca\AppData\Local\CrashDumps
2017-07-09 20:25 - 2016-06-14 23:23 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2017-07-09 20:08 - 2016-10-02 15:38 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-09 20:08 - 2016-02-07 23:01 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-09 19:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-09 18:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-09 10:30 - 2016-10-13 13:08 - 00000000 ____D C:\Users\luca\AppData\Roaming\discord
2017-07-08 18:25 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-07-08 14:50 - 2016-02-12 23:52 - 00000000 ____D C:\Users\luca\AppData\Local\Ubisoft Game Launcher
2017-07-06 10:47 - 2016-10-02 14:30 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Heroes and Generals
2017-07-06 10:45 - 2016-03-09 20:18 - 00000000 ____D C:\Users\luca
2017-07-05 16:02 - 2016-02-16 22:18 - 00000000 ____D C:\Users\luca\AppData\Roaming\TS3Client
2017-07-02 19:09 - 2016-02-16 22:18 - 00000000 ____D C:\Users\luca\AppData\Local\TeamSpeak 3 Client
2017-06-29 22:34 - 2017-01-03 15:30 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-27 22:49 - 2016-05-02 20:20 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2017-06-27 20:50 - 2017-04-26 21:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 16:39 - 2016-05-01 09:59 - 00000000 ____D C:\Users\luca\AppData\Local\Avira
2017-06-26 22:40 - 2016-02-05 23:41 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-26 00:07 - 2016-06-01 08:40 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-06-25 09:05 - 2016-02-06 01:57 - 00000000 ____D C:\Users\luca\Documents\My Games
2017-06-25 01:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-06-24 02:51 - 2016-06-15 19:30 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-23 22:01 - 2016-05-16 14:28 - 00000000 ____D C:\Users\luca\AppData\Local\Arma 3 Launcher
2017-06-22 12:24 - 2016-08-13 11:27 - 00000000 ____D C:\Users\luca\Documents\Euro Truck Simulator 2
2017-06-22 09:24 - 2016-05-01 09:47 - 00000000 ____D C:\ProgramData\Avira
2017-06-20 15:06 - 2013-08-22 16:44 - 00380880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-19 16:05 - 2016-03-05 11:40 - 00000000 ____D C:\Users\luca\AppData\Local\ElevatedDiagnostics
2017-06-18 17:56 - 2017-01-03 15:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-06-18 01:26 - 2016-12-25 21:41 - 00000000 ____D C:\Users\luca\Documents\EA Games
2017-06-18 00:07 - 2017-05-06 12:53 - 00000000 ____D C:\Users\luca\Documents\Command and Conquer Generals Zero Hour Data
2017-06-16 15:51 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 18:42 - 2016-10-08 22:07 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-06-15 18:42 - 2016-05-01 09:51 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-06-15 18:42 - 2016-05-01 09:51 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-06-15 10:50 - 2017-04-26 21:49 - 00000000 ____D C:\Users\luca\AppData\Local\Dropbox
2017-06-13 14:10 - 2017-06-03 14:03 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-13 14:09 - 2017-06-03 14:02 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-12 00:03 - 2016-05-16 14:30 - 00000000 ____D C:\Users\luca\AppData\Local\Arma 3
2017-06-11 19:52 - 2016-05-16 15:19 - 00000000 ____D C:\Users\luca\Documents\Arma 3 - Other Profiles
2017-06-11 12:23 - 2016-06-23 18:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-11 12:23 - 2016-06-22 16:32 - 00000000 ____D C:\Users\luca\AppData\Local\Battle.net
2017-06-11 12:23 - 2016-06-22 16:14 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-10 00:14 - 2016-02-28 22:17 - 00206848 ___SH C:\Users\luca\Desktop\Thumbs.db

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-05-06 19:32 - 2017-04-17 19:18 - 0007598 _____ () C:\Users\luca\AppData\Local\Resmon.ResmonCfg
2016-12-17 19:01 - 2016-12-17 19:01 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
2011-11-03 16:13 - 2011-11-03 16:13 - 1786688 _____ () C:\Users\luca\AppData\Local\Temp\sonarinst.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-10 18:15

==================== Ende von FRST.txt ============================

schoko. · 10.07.2017, 17:35

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von luca (10-07-2017 18:28:00)
Gestartet von C:\Users\luca\Desktop
Windows 8.1 (Update) (X64) (2016-03-09 18:49:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1307209835-1344803613-922493989-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1307209835-1344803613-922493989-1007 - Limited - Enabled)
Gast (S-1-5-21-1307209835-1344803613-922493989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1307209835-1344803613-922493989-1006 - Limited - Enabled)
luca (S-1-5-21-1307209835-1344803613-922493989-1002 - Administrator - Enabled) => C:\Users\luca

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM\...\Steam App 255280) (Version:  - Daedalic Entertainment)
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
A New Beginning - Final Cut (HKLM\...\Steam App 105000) (Version:  - Daedalic Entertainment)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{1AB4D394-B72C-86E8-4D58-27147BC4071E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
APB Reloaded (HKLM\...\Steam App 113400) (Version:  - Reloaded Productions)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{14d00649-a178-473f-bf48-eec016dc4bfa}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{271D5399-34AF-4611-BCD9-B09185B2BBE0}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.8.4.30090 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.5.3029.2783 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{A4DF9D2A-AB95-4F30-9CA4-2F49662BA39D}) (Version: 2.0.2.27024 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.7.1.5481 - Avira Operations GmbH & Co. KG)
Batman: Arkham City GOTY (HKLM\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Breath of Death VII  (HKLM\...\Steam App 107300) (Version:  - Zeboyd Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
Chaos on Deponia (HKLM\...\Steam App 220740) (Version:  - Daedalic Entertainment)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes (New Steam Version) (HKLM\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version:  - Relic Entertainment)
Controller Companion (HKLM\...\Steam App 367670) (Version:  - Koga Tech Limited)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crysis (HKLM\...\Steam App 17300) (Version:  - Crytek)
Cthulhu Saves the World  (HKLM\...\Steam App 107310) (Version:  - Zeboyd Games)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Messiah of Might & Magic Single Player (HKLM\...\Steam App 2100) (Version:  - Arkane Studios)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Darksiders Warmastered Edition (HKLM\...\Steam App 462780) (Version:  - KAIKO)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Deponia (HKLM\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Discord (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Divine Divinity (HKLM\...\Steam App 214170) (Version:  - Larian Studios)
Divinity: Original Sin (Classic) (HKLM\...\Steam App 230230) (Version:  - Larian Studios)
Divinity: Original Sin Enhanced Edition (HKLM\...\Steam App 373420) (Version:  - Larian Studios)
Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
E.Y.E: Divine Cybermancy (HKLM\...\Steam App 91700) (Version:  - Streum On Studio)
Edna & Harvey: Harvey's New Eyes (HKLM\...\Steam App 219910) (Version:  - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM\...\Steam App 255320) (Version:  - Daedalic Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout Shelter (HKLM\...\Steam App 588430) (Version:  - Bethesda Game Studios)
Fotogalerie (HKLM-x32\...\{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{1F0C818D-4A41-4E40-BAFB-BB940C82A518}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{E354D495-5DA4-4CCF-AB39-080F6A4141BE}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{9F470E17-4FC3-4091-A508-D5347A16A2B9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{DB7B6508-2AAB-4F26-99D4-74559A2F5E42}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameMaker: Studio (HKLM\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameRanger (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\GameRanger) (Version:  - GameRanger Technologies)
GameRanger (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
Geometry Dash (HKLM\...\Steam App 322170) (Version:  - RobTop Games)
Goodbye Deponia (HKLM\...\Steam App 241910) (Version:  - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Quest (HKLM\...\Steam App 547680) (Version:  - Hyper Hippo Games)
Gunpoint (HKLM\...\Steam App 206190) (Version:  - Suspicious Developments)
Guns'N'Zombies (HKLM\...\Steam App 264300) (Version:  - Krealit)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version:  - Elias Viglione)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.5.5 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
How to Survive (HKLM\...\Steam App 250400) (Version:  - EKO Software)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Killer is Dead (HKLM\...\Steam App 261110) (Version:  - KADOKAWA GAMES / GRASSHOPPER MANUFACTURE)
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Labyronia RPG (HKLM\...\Steam App 391260) (Version:  - Labyrinthine)
Labyronia RPG 2 (HKLM\...\Steam App 397500) (Version:  - Labyrinthine)
Last Man Standing (HKLM\...\Steam App 506540) (Version:  - Free Reign Entertainment)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend of Mysteria (HKLM\...\Steam App 407230) (Version:  - Labyrinthine)
Legends of Aethereus (HKLM\...\Steam App 248410) (Version:  - Three Gates)
LEGO Batman 2 (HKLM\...\Steam App 213330) (Version:  - TT Games)
LEGO® MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
LEGO® The Hobbit™ (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
LEGO® The Lord of the Rings™ (HKLM\...\Steam App 214510) (Version:  - Traveller's Tales)
Lost Moon (HKLM\...\Steam App 406090) (Version:  - Eplixe)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mark of the Ninja (HKLM\...\Steam App 214560) (Version:  - Klei Entertainment)
Mass Effect (HKLM\...\Steam App 17460) (Version:  - BioWare)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.281 - Electronic Arts)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.1924 - CyberLink Corp.) Hidden
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Memoria (HKLM\...\Steam App 243200) (Version:  - Daedalic Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM\...\Steam App 17410) (Version:  - DICE)
Mortal Kombat X (HKLM\...\Steam App 307780) (Version:  - NetherRealm Studios)
Movie Maker (HKLM-x32\...\{03CC9D58-B132-4CC0-A521-4F3660AA43C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{058EDEC8-1873-4B49-9A08-54ADE9CC129B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{306C7AEF-16C7-428D-93AA-99D4A4090243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{36BEC461-B58A-414D-993E-E2BDD1F1A14B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{62BBCDDC-4979-4E59-9D97-5B8E874C3191}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{701FE1BC-834A-4857-AF62-6EBA50CFBC78}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{751EB657-3F22-4150-8CE4-D79A262F1D92}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7E63F102-A9E9-4F4C-8004-BC62974736BF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MXMCLIENT (HKLM-x32\...\MXM) (Version:  - NCSOFT)
NC Launcher (HKLM-x32\...\NCLauncherS_plaync) (Version:  - NCSOFT)
NOT A HERO (HKLM\...\Steam App 274270) (Version:  - Roll7)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project)
OMG Zombies! (HKLM\...\Steam App 259870) (Version:  - Laughing Jackal LTD)
One More Line (HKLM\...\Steam App 356890) (Version:  - SMG Studio)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
OpenOffice Updater (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.)
Outlast (HKLM\...\Steam App 238320) (Version:  - Red Barrels)
Overlord (HKLM\...\Steam App 11450) (Version:  - Triumph Studios)
Overture (HKLM\...\Steam App 343100) (Version:  - Black Shell Games)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PAC-MAN Championship Edition DX+ (HKLM\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Party Hard (HKLM\...\Steam App 356570) (Version:  - Pinokl Games)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
Penumbra: Black Plague (HKLM\...\Steam App 22120) (Version:  - Frictional Games)
Penumbra: Overture (HKLM\...\Steam App 22180) (Version:  - Frictional Games)
Penumbra: Requiem (HKLM\...\Steam App 22140) (Version:  - Frictional Games)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (HKLM-x32\...\{D04EBB49-C985-4A38-8695-62000861293A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realm of the Mad God (HKLM\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - Hopoo Games, LLC)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version:  - Crytek)
Saints Row 2 (HKLM\...\Steam App 9480) (Version:  - Volition)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
Shakes and Fidget (HKLM\...\Steam App 438040) (Version:  - Playa Games GmbH)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Sins Of The Demon RPG (HKLM\...\Steam App 461640) (Version:  - Chandler Rounsley)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spikit (HKLM\...\Steam App 509110) (Version:  - Blastoid Entertainment)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version:  - Petroglyph)
Starbound - Unstable (HKLM\...\Steam App 367540) (Version:  - )
Starbound (HKLM\...\Steam App 211820) (Version:  - Chucklefish)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storm of Spears (HKLM\...\Steam App 463350) (Version:  - Warfare Studios)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
TeamSpeak 3 Client (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Terrorhedron (HKLM\...\Steam App 299720) (Version:  - Dan Walters)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Chosen RPG (HKLM\...\Steam App 434420) (Version:  - Little Big Lee)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Dark Eye: Chains of Satinav (HKLM\...\Steam App 203830) (Version:  - Daedalic Entertainment)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls: Legends (HKLM\...\Steam App 364470) (Version:  - Dire Wolf Digital)
The Evil Within (HKLM\...\Steam App 268050) (Version:  - Tango Gameworks)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Night of the Rabbit (HKLM\...\Steam App 230820) (Version:  - Daedalic Entertainment)
The Secret World (HKLM\...\Steam App 215280) (Version:  - Funcom)
The Whispered World Special Edition (HKLM\...\Steam App 268540) (Version:  - Daedalic Entertainment)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Timberman (HKLM\...\Steam App 398710) (Version:  - Digital Melody)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Trine 2 (HKLM\...\Steam App 35720) (Version:  - Frozenbyte)
Trine 3: The Artifacts of Power (HKLM\...\Steam App 319910) (Version:  - Frozenbyte)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
UE4 Prerequisites (x64) (HKLM\...\{457BE011-43FF-44A7-9FA7-B3BE181E2076}) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
Vokabelcheck Spanisch (HKLM-x32\...\Vokabelcheck Spanisch) (Version: 1.0.0.0 - Genehmigte Lizenzausgabe)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wargame: European Escalation (HKLM\...\Steam App 58610) (Version:  - Eugen Systems)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wolfenstein: The Old Blood German Edition (HKLM\...\Steam App 354830) (Version:  - MachineGames)
World of Tanks (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Tanks (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Συλλογή φωτογραφιών (HKLM-x32\...\{A19A8C25-272A-4CD6-8BA8-3772321A021B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-03] (Cyberlink)
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers02: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-03] (Cyberlink)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Keine Datei
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers05: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CA31420-43BB-45C7-A619-C7D20C155D08} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {0ED72862-60EF-4C89-819C-5CA6414E0811} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-22] (Avira Operations GmbH & Co. KG)
Task: {11857D59-6944-4E30-97F2-2E592C024F87} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-22] (NVIDIA Corporation)
Task: {35EDCFE6-7074-439D-B7BD-D7AC74DEF009} - System32\Tasks\{93A54DF0-C15E-488A-B80A-D768FA03D9B3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=404
Task: {3F480002-AC7C-48A1-B092-7B74EC625C2D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-26] (Dropbox, Inc.)
Task: {42A599EE-DBCD-4B74-90C3-99B00CE586EC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {480B1722-4A71-4AD7-84CE-82AB033497ED} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-22] (NVIDIA Corporation)
Task: {5DF31B83-0A8C-4D46-883C-5A49C9B8F0BF} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-22] (Avira Operations GmbH & Co. KG)
Task: {69B1F47F-04ED-4825-BC59-55D14CA34A60} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-22] (NVIDIA Corporation)
Task: {8A6AFFA4-5E62-4776-BB40-951A12833674} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-22] (NVIDIA Corporation)
Task: {95C13E9A-BFBC-47D9-A325-8EC82C1838AD} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {9B8A95FA-7E5D-46D3-9094-096313CA5143} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {9DB81685-34FD-4BD0-BE44-E9A99EE6F079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-05] (Google Inc.)
Task: {A01A38BD-FA2C-420A-85FE-6FD3EE8217B5} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A2ADDC75-3199-4889-9BB7-5BC33F894BB3} - System32\Tasks\{93808D44-1BEE-4250-8A72-439F6F69E3D5} => pcalua.exe -a E:\AutoRun.exe -d E:\
Task: {A61B660E-E773-4D28-A834-E2414AD7D620} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-22] (NVIDIA Corporation)
Task: {ACE4036C-B804-4512-94E8-31E44740AE8E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-22] (NVIDIA Corporation)
Task: {B9E57456-8BB7-412D-A4F5-4BCAD7EA4E09} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-26] (Dropbox, Inc.)
Task: {C7DB9097-40DB-45FD-9A68-CA62D5F93951} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-22] (NVIDIA Corporation)
Task: {CA282174-F92E-45F6-86B2-E17AA929B8D0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-22] (NVIDIA Corporation)
Task: {CC023602-3A3E-4DE9-B0A7-C3E5B2D1C2B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-05] (Google Inc.)
Task: {EF0BA3B6-1013-44D9-BBD1-8D31C26BEFFC} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {F1ADC9D1-5B59-423D-BAF8-18DED41CC322} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-07-10] (Avira Operations GmbH & Co. KG                              )
Task: {F2EE2B96-6E3C-4FE3-9F49-66DBE6FB7B4D} - System32\Tasks\{3506EA9B-12B7-4192-A68B-45432F385DAD} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=404
Task: {F5E5E2FD-2128-4006-96C7-F3A3AFB73673} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www1.aldi-blumenservice.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Reisen.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nord.aldi-reisen.de/html_nord
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Startseite.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-154514-44482-13/4
ShortcutWithArgument: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ad;Block Plus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gppglejjadnhbalmblladacjggieapge
ShortcutWithArgument: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Fair AdBlocker App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-08-06 14:09 - 2012-08-06 14:09 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 18:03 - 2012-03-05 18:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 16:53 - 2012-02-16 16:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-08-06 14:09 - 2012-08-06 14:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-01-15 21:41 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-14 23:23 - 2017-07-09 20:25 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2012-11-09 16:36 - 2010-08-19 19:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-07-10 17:22 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-06-26 22:40 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 22:40 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-05-31 17:48 - 2017-06-29 22:33 - 00022928 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-01-15 21:41 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-15 21:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-15 21:27 - 2017-01-15 21:27 - 01082880 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-15 21:27 - 2017-01-15 21:27 - 03750400 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-15 21:27 - 2017-01-15 21:27 - 00914432 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-15 21:27 - 2017-01-15 21:27 - 01127424 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-15 21:27 - 2017-05-22 20:22 - 01385976 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_overlay\discord_overlay.node
2017-01-15 21:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-15 21:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-31 17:48 - 2017-06-29 22:33 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-05-31 17:48 - 2017-06-29 22:33 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-01-03 15:33 - 2017-01-03 15:33 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-02-28 10:51 - 2017-02-28 10:51 - 01937376 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2012-11-09 16:34 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-31 21:24 - 2017-06-26 12:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-27 20:50 - 2017-06-26 12:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-27 20:50 - 2017-06-26 12:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-31 21:24 - 2017-06-26 12:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-27 20:50 - 2017-06-26 12:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-27 20:50 - 2017-06-26 12:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-31 21:24 - 2017-06-26 12:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-31 21:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-07-10 18:21 - 2017-07-10 18:21 - 00148992 _____ () \\?\C:\Users\luca\AppData\Local\Temp\D1F3.tmp.node
2017-01-15 21:27 - 2017-04-26 21:23 - 02658296 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-15 21:27 - 2017-03-22 20:17 - 02665976 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-06-15 19:50 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-05 23:44 - 2017-03-29 20:12 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-05 23:44 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-05 23:44 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 18:29 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 15:57 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-08 17:50 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-02-05 23:44 - 2017-03-29 20:12 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\NvContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\NvTelemetryContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcmihvsrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcmihvui64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvd3dumx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437633.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437849.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437866.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437878.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437892.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438189.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438205.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438233.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437633.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437849.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437866.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437878.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437892.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438189.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438205.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438233.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdagenco6420103.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdap64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvinitx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvmcumd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglshim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvwgf2umx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-42-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EasyAntiCheat.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lastpass_1337.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lastpass_downloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvd3dum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvinit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglshim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvStreaming.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvumdshim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvwgf2um.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avnetflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BCMWL63a.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Hamdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvhda64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvhci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tap0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca:Heroes & Generals [38]
AlternateDataStreams: C:\Users\luca\Downloads\0.9.12 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\0.9.12.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\15578691_1646917675612878_964531673916360488_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\4.2.4.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\4kyoutubetomp3_3.0.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\4kyoutubetomp3_3.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\@Exile-1.0.2.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-Classic-2017-0122 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-Classic-2017-0122.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-for-Steam-2017-0122.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ArmoredWarfareMycomLoader_ee507c12538b76672777980993d5b5cd_A_de.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\ArmoredWarfareMycomLoader_ee507c12538b76672777980993d5b5cd_A_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\autodetectutility (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\autodetectutility (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Bin64 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CEB2N8.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Credits.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CSScontentinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\CSScontentinstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CSS_Content_Addon_(Dec2013).rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Diablo-III-Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Diablo-III-Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\DiscordSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\DiscordSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Download.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\DropboxInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ets2mp_20400.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GTAV_Setup_Tool (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GTAV_Setup_Tool (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GTA_V_Launcher_1_0_877_1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GTA_V_Launcher_1_0_877_1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\hamachi.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\install_flash_player.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\install_flash_player.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\LibreOffice_5.1.6_Win_x86.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Luca Foto.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\MarkC_Windows_10+8.x+7_MouseFix.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\mikuskin50.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Nicht bestätigt 854861.crdownload:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Penumbra_Steam_German_Patch.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup (1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\sr2_uncut.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\VID-20170428-WA0001.mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\WhatsAppSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\WhatsAppSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ysd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\ysd.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\luca\Desktop\ordner\bilder\547265.jpg
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\Control Panel\Desktop\\Wallpaper -> C:\Users\luca\Desktop\ordner\bilder\547265.jpg
DNS Servers: 8.8.8.8 - 8.8.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\StartupApproved\Run: => "World of Warships"
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\...\StartupApproved\Run: => "World of Warships"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{40C578B0-A507-4B5A-985D-D44B8431E5D2}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [UDP Query User{9AB93019-A142-4933-81DD-54C46FB0D6A6}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [TCP Query User{0D540F08-BF92-468C-8D33-3DC81F676EF8}C:\users\luca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luca\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B3CE7B42-C9FF-4E69-997B-A99F28B01627}C:\users\luca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luca\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{56CF41EF-7492-499E-A5E7-691BFB5E7933}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4FA3FCEB-205A-4CFE-823F-558DC04CFDAD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{97828071-9B93-4A8E-8733-475B4E5E4E5C}F:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) F:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{912E9F4B-5A3C-467D-B8C9-3754BB505C42}F:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) F:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [{9CCD2360-35D9-4AED-A89E-85923BE0E2D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9411469-6F75-4EE5-AE61-2BDB69D9CB37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9DB3E12D-D43A-44EB-A737-7B5F093DD68B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{05045B79-7C70-4DA3-A05C-C383B6F72C30}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{F73920F0-9D2C-47A9-B494-F2B019EF5952}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [UDP Query User{C8F1E715-E92C-497F-B640-5CDA18C7230F}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [TCP Query User{7DFA01BB-AE22-46EF-9FFE-5DDA5F80BEC0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D4A21EA8-2E61-40D9-87E5-D9B97432257B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1C82DEBA-CD03-4E29-9E40-A3C78E87F297}] => (Allow) F:\steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{59761F41-7B31-4A9C-B79C-11A91FC4C027}] => (Allow) F:\steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 19:48:15 Geplanter Prüfpunkt
09-07-2017 20:05:38 DirectX wurde installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/10/2017 06:00:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x501fec0e
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6b0
Startzeit der fehlerhaften Anwendung: 0x01d2f99139db7012
Pfad der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung: eddf8bfe-6588-11e7-befe-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/10/2017 05:32:07 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (07/09/2017 09:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avgnt.exe, Version: 15.0.27.30, Zeitstempel: 0x592fe300
Name des fehlerhaften Moduls: ccmsg.dll, Version: 15.0.27.30, Zeitstempel: 0x592fe284
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000144a3
ID des fehlerhaften Prozesses: 0x1fa4
Startzeit der fehlerhaften Anwendung: 0x01d2f8d0f42838dd
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
Pfad des fehlerhaften Moduls: c:\program files (x86)\avira\antivirus\ccmsg.dll
Berichtskennung: 08fb8f20-64e1-11e7-befd-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/08/2017 09:55:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avgnt.exe, Version: 15.0.27.30, Zeitstempel: 0x592fe300
Name des fehlerhaften Moduls: ccmsg.dll, Version: 15.0.27.30, Zeitstempel: 0x592fe284
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000144a3
ID des fehlerhaften Prozesses: 0x1418
Startzeit der fehlerhaften Anwendung: 0x01d2f80c36673c25
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
Pfad des fehlerhaften Moduls: c:\program files (x86)\avira\antivirus\ccmsg.dll
Berichtskennung: 739c167a-6417-11e7-befd-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (07/10/2017 06:14:12 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Boot" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.

Error: (07/10/2017 06:13:23 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Boot" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.

Error: (07/10/2017 06:04:43 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/10/2017 06:04:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/10/2017 06:04:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (120000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (07/10/2017 06:00:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2017 05:43:22 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a118\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307209835-1344803613-922493989-1002-07102017174322424-ntuser.dat

Error: (07/10/2017 05:33:50 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a118\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307209835-1344803613-922493989-1002-07102017173349613-ntuser.dat

Error: (07/10/2017 05:31:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/10/2017 05:31:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (120000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.


CodeIntegrity:
===================================
  Date: 2017-06-03 13:27:30.954
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-03 08:45:27.365
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 08:38:27.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 07:47:46.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 06:12:46.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:29:53.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:14:08.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:07:50.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 22:24:41.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 21:25:33.166
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8164.38 MB
Verfügbarer physikalischer RAM: 4864.31 MB
Summe virtueller Speicher: 11620.38 MB
Verfügbarer virtueller Speicher: 7530.21 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:89.75 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:42.73 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.39 GB) (Free:132.51 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 10.07.2017, 19:53

Servus,

tritt das Problem aktuell immer noch auf? Wenn ja, in welchem Browser?

schoko. · 10.07.2017, 20:09

Hallo,
momentan nicht, den ganzen tag ist das jetzt nicht passiert
wie ich oben auch geschrieben habe ist das meistens zufällig ich warte 1 Woche ab und wenn es wieder kommt schreib ich nochmal ok ?
Bis hier hin bedanke ich mich schon mal bei dir !

M-K-D-B · 10.07.2017, 20:11

Servus,

wir entfernen noch ein bisschen was und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

schoko. · 11.07.2017, 09:25

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von luca (10-07-2017 21:27:13) Run:1
Gestartet von C:\Users\luca\Desktop
Geladene Profile: luca &  (Verfügbare Profile: luca)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07102017180505479\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31476449 B
Java, Flash, Steam htmlcache => 779926923 B
Windows/system/drivers => 36752634 B
Edge => 0 B
Chrome => 776272811 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 20974120 B
NetworkService => 0 B
luca => 1867831532 B

RecycleBin => 0 B
EmptyTemp: => 3.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:31:06 ====

Code:

ATTFilter

HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : LOCA
   Windows . . . . . . . : 6.3.0.9600.X64/8
   User name . . . . . . : loca\luca
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-07-10 21:42:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 12m 50s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 12

   Objects scanned . . . : 2.216.989
   Files scanned . . . . : 78.379
   Remnants scanned  . . : 963.395 files / 1.175.215 keys

Suspicious files ____________________________________________________________

   C:\Users\luca\AppData\Local\PunkBuster\BF4\pb\PnkBstrK.sys
      Size . . . . . . . : 138.648 bytes
      Age  . . . . . . . : 390.9 days (2016-06-14 23:07:23)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : DE86A451D282866613EE18CF668C2E962ABCB09FA51F7FF0C98405418A19EA81
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\luca\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 492.2 days (2016-03-05 17:04:29)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\luca\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 492.2 days (2016-03-05 17:04:29)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\luca\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.032 bytes
      Age  . . . . . . . : 492.2 days (2016-03-05 17:04:41)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\luca\AppData\Local\PunkBuster\GRFS\pb\PnkBstrK.sys
      Size . . . . . . . : 139.752 bytes
      Age  . . . . . . . : 141.0 days (2017-02-19 20:58:13)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 190F16E9E5087FB75ADFDE73CF658FE493193DCFE2191172F1639C9FE658CA20
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\luca\AppData\Local\PunkBuster\HOS\pb\pbcl.dll
      Size . . . . . . . : 951.877 bytes
      Age  . . . . . . . : 281.2 days (2016-10-02 15:41:39)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\luca\AppData\Local\PunkBuster\HOS\pb\pbclold.dll
      Size . . . . . . . : 951.877 bytes
      Age  . . . . . . . : 383.2 days (2016-06-22 16:02:12)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\luca\AppData\Local\PunkBuster\HOS\pb\PnkBstrK.sys
      Size . . . . . . . : 140.064 bytes
      Age  . . . . . . . : 383.2 days (2016-06-22 16:02:23)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 2AEFE7B3E097739C6102DB1F7228BC5A5573590CE0479B655295B1B3CA567D7B
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\luca\AppData\Roaming\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\pb\pbcl.dll
      Size . . . . . . . : 972.501 bytes
      Age  . . . . . . . : 141.0 days (2017-02-19 20:58:00)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CCD4FD05B76D1C64855930E0B24365B4C9ABA3F3319DACEE5D06A565D5CC78F9
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\luca\AppData\Roaming\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\pb\pbcls.dll
      Size . . . . . . . : 972.501 bytes
      Age  . . . . . . . : 141.0 days (2017-02-19 20:58:01)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CCD4FD05B76D1C64855930E0B24365B4C9ABA3F3319DACEE5D06A565D5CC78F9
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\luca\Desktop\FRST64.exe
      Size . . . . . . . : 2.437.120 bytes
      Age  . . . . . . . : 1.0 days (2017-07-09 21:42:21)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4022E7113E227ECC9481219D008BDFBC4DB5C0A72E5D174743B2E019761269FC
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ff13dd48a390c34cab55264d33bfcce1
# end=init
# utc_time=2017-07-10 07:58:26
# local_time=2017-07-10 09:58:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 34011
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ff13dd48a390c34cab55264d33bfcce1
# end=updated
# utc_time=2017-07-10 08:01:32
# local_time=2017-07-10 10:01:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ff13dd48a390c34cab55264d33bfcce1
# engine=34011
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-07-11 01:32:43
# local_time=2017-07-11 03:32:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 23794 39954321 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 42191636 124618056 0 0
# scanned=910040
# found=1
# cleaned=0
# scan_time=19870
sh=BBEDEA01D9071D8CA07AB2DA6DBED90B72833F92 ft=0 fh=0000000000000000 vn="Win32/IStartSurf.BF eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso"

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
durchgeführt von luca (Administrator) auf LOCA (11-07-2017 03:37:05)
Gestartet von C:\Users\luca\Desktop
Geladene Profile: luca &  (Verfügbare Profile: luca)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\luca\AppData\Local\Akamai\netsession_win.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Gaijin Entertainment) C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hammer & Chisel, Inc.) C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [66656 2017-06-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Akamai NetSession Interface] => C:\Users\luca\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Discord] => C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048312 2017-06-29] (Electronic Arts)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Gaijin.Net Agent] => C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-29] (Gaijin Entertainment)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2017-04-17] (Wargaming.net)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Run: [OpenOffice Updater] => C:\Users\luca\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-10] ()
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [Akamai NetSession Interface] => C:\Users\luca\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [Discord] => C:\Users\luca\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3048312 2017-06-29] (Electronic Arts)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [Gaijin.Net Agent] => C:\Users\luca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-29] (Gaijin Entertainment)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3134216 2017-04-17] (Wargaming.net)
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Run: [OpenOffice Updater] => C:\Users\luca\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-10] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{35ECA3E1-6589-4B86-B447-B8F42B038F1E}: [NameServer] 8.8.8.8,8.8.8.1
Tcpip\..\Interfaces\{35ECA3E1-6589-4B86-B447-B8F42B038F1E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google/
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-06-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-06-14] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default [2016-05-06]
FF Extension: (Avira Browser Safety) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\abs@avira.com [2016-05-01]
FF Extension: (Avira Password Manager) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\passwordmanager@avira.com [2017-06-22]
FF Extension: (Avira SafeSearch Plus) - C:\Users\luca\AppData\Roaming\Mozilla\Firefox\Profiles\lxmLTrtV.default\Extensions\safesearchplus2@avira.com [2017-06-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2017-05-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2017-05-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-06-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-06-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-22] (NVIDIA Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-22] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-06-22] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default [2017-07-11]
CHR Extension: (Google Docs) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-08]
CHR Extension: (Google Drive) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-08]
CHR Extension: (YouTube) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-08]
CHR Extension: (Avira Password Manager) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2017-07-08]
CHR Extension: (Avira Browserschutz) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-08]
CHR Extension: (Google Docs Offline) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-08]
CHR Extension: (Google Mail) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-08]
CHR Profile: C:\Users\luca\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-10]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [335088 2017-06-23] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [100816 2017-04-21] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-19] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-03-18] (BitRaider, LLC)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-05-01] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-03-19] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [778024 2017-06-27] (Reto-Moto ApS)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-22] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2168208 2017-06-29] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3148184 2017-06-29] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-07-09] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-07-09] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-06-22] (Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-06-22] (Avira Operations GmbH & Co. KG)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-06-28] (Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-05-27] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-03-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-03-09] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2016-03-28] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [167504 2017-06-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [164824 2017-06-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-27] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7546544 2017-01-16] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-03-19] (BitRaider)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-12-04] (LogMeIn Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2016-03-28] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-11] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-22] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-10] (NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2016-03-09] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2016-03-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-03-09] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-11 03:37 - 2017-07-11 03:38 - 00025527 _____ C:\Users\luca\Desktop\FRST.txt
2017-07-10 21:40 - 2017-07-10 21:56 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-10 21:38 - 2017-07-10 21:57 - 00000000 ____D C:\Users\luca\Desktop\scan3
2017-07-10 21:32 - 2017-07-10 21:32 - 11584088 _____ (SurfRight B.V.) C:\Users\luca\Downloads\HitmanPro_x64 (3).exe
2017-07-10 21:32 - 2017-07-10 21:32 - 11584088 _____ (SurfRight B.V.) C:\Users\luca\Downloads\HitmanPro_x64 (2).exe
2017-07-10 21:32 - 2017-07-10 21:32 - 11584088 _____ (SurfRight B.V.) C:\Users\luca\Downloads\HitmanPro_x64 (1).exe
2017-07-10 18:30 - 2017-07-11 03:37 - 00000000 ____D C:\Users\luca\Desktop\trojaner board
2017-07-10 17:39 - 2017-07-10 21:38 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-07-10 17:23 - 2017-07-11 02:50 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-10 17:23 - 2017-07-10 21:37 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-10 17:23 - 2017-07-10 21:37 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-10 17:23 - 2017-07-10 21:37 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-10 17:23 - 2017-07-10 17:23 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-10 17:22 - 2017-07-10 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-10 17:22 - 2017-07-10 17:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-10 17:22 - 2017-07-10 17:22 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-10 17:22 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-10 17:20 - 2017-07-10 17:21 - 65033984 _____ (Malwarebytes ) C:\Users\luca\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-09 22:25 - 2017-07-09 22:58 - 00235916 _____ C:\TDSSKiller.3.1.0.15_09.07.2017_22.25.28_log.txt
2017-07-09 21:50 - 2017-07-11 03:37 - 00000000 ____D C:\FRST
2017-07-09 21:42 - 2017-07-09 21:42 - 02437120 _____ (Farbar) C:\Users\luca\Desktop\FRST64.exe
2017-07-09 20:08 - 2017-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-07-07 21:45 - 2017-07-07 21:45 - 00025839 _____ C:\Users\luca\Downloads\Lebenslauf Luca Müller (1).pdf
2017-07-07 21:44 - 2017-07-07 21:44 - 00025799 _____ C:\Users\luca\Downloads\Lebenslauf Luca Müller.pdf
2017-07-04 20:02 - 2017-07-04 20:02 - 00145203 _____ C:\Users\luca\Downloads\RB_Müller.pdf
2017-07-02 19:13 - 2017-07-02 19:34 - 00000000 ____D C:\Users\luca\AppData\Local\MXM
2017-07-02 19:08 - 2017-07-02 19:08 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayNC
2017-07-02 19:03 - 2017-07-02 19:03 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-07-01 11:48 - 2017-07-01 11:48 - 00000000 ____D C:\Users\luca\Screenshot
2017-06-27 20:50 - 2017-06-27 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-27 20:26 - 2017-06-27 20:27 - 00141850 _____ C:\Users\luca\Downloads\DeutschMod_2017-06-05.zip
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-25 03:41 - 2017-06-25 03:51 - 747242006 _____ C:\Users\luca\Downloads\CSS Game Content.zip
2017-06-25 03:41 - 2017-06-25 03:46 - 104042939 _____ C:\Users\luca\Downloads\CSS Maps.zip
2017-06-24 18:56 - 2017-06-24 18:56 - 00000000 ____D C:\Users\luca\AppData\LocalLow\PinoklGames
2017-06-24 01:12 - 2017-07-02 18:29 - 00000000 ____D C:\Program Files (x86)\NC Launcher
2017-06-24 01:12 - 2017-06-24 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NC Launcher
2017-06-24 01:08 - 2017-06-24 01:08 - 98562208 _____ (NCSOFT Corporation) C:\Users\luca\Downloads\MXMInstaller.exe
2017-06-22 17:19 - 2017-06-22 17:42 - 00000000 ____D C:\Users\luca\AppData\Local\FreeReign
2017-06-22 17:19 - 2017-06-22 17:19 - 00000000 ____D C:\Users\luca\Documents\FreeReign
2017-06-22 12:17 - 2017-06-22 12:18 - 00000000 ____D C:\ProgramData\TruckersMP
2017-06-22 11:41 - 2017-06-22 11:41 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-22 11:31 - 2017-07-10 17:26 - 00000000 ____D C:\AdwCleaner
2017-06-22 11:27 - 2017-06-22 11:27 - 04110280 _____ C:\Users\luca\Downloads\adwcleaner_6.047 (1).exe
2017-06-22 09:25 - 2017-06-22 09:25 - 00003718 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineUA
2017-06-22 09:25 - 2017-06-22 09:25 - 00003590 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineCore
2017-06-22 09:24 - 2017-07-10 17:39 - 00003658 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate
2017-06-22 09:24 - 2017-06-22 09:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avira
2017-06-22 09:22 - 2017-06-22 09:22 - 04799712 _____ (Avira Operations GmbH & Co. KG) C:\Users\luca\Downloads\avira_de_fass0_594b6fc9de33a__adw (1).exe
2017-06-22 09:20 - 2017-06-22 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2017-06-22 09:20 - 2017-06-22 09:20 - 00000000 ____D C:\Program Files\TruckersMP Launcher
2017-06-22 09:19 - 2017-06-22 09:19 - 00667351 _____ C:\Users\luca\Downloads\launcher_1004.zip
2017-06-22 09:11 - 2017-06-22 09:11 - 00000000 ____D C:\Users\luca\AppData\Roaming\Google
2017-06-16 15:44 - 2017-06-16 15:44 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Hyper Hippo Games
2017-06-15 18:42 - 2017-06-15 18:42 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-06-15 13:29 - 2017-06-15 13:29 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Dire Wolf Digital
2017-06-11 13:50 - 2017-06-11 14:04 - 2193842540 _____ C:\Users\luca\Downloads\Tsuyoshi2_31052017.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-11 03:04 - 2016-02-05 23:27 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1307209835-1344803613-922493989-1002
2017-07-11 02:58 - 2016-05-01 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-11 02:54 - 2017-04-26 21:49 - 00001220 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-11 02:06 - 2016-03-28 02:27 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4D5675F6-0A5E-481D-8BE1-CC4E9DD7FA38}
2017-07-11 01:15 - 2016-06-13 17:07 - 00000000 ____D C:\Users\luca\AppData\Roaming\Origin
2017-07-10 22:23 - 2016-04-30 22:16 - 00000000 ____D C:\Users\luca\AppData\Roaming\Skype
2017-07-10 21:54 - 2017-04-26 21:49 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-10 21:44 - 2017-01-15 21:39 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-10 21:39 - 2016-06-13 16:59 - 00000000 ____D C:\ProgramData\Origin
2017-07-10 21:39 - 2016-02-05 23:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-10 21:35 - 2016-03-18 21:54 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-10 21:34 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-10 18:35 - 2016-05-04 19:39 - 00000000 ____D C:\Users\luca\Desktop\ordner
2017-07-10 17:38 - 2016-05-01 09:47 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-10 16:01 - 2017-01-20 16:47 - 00000000 ____D C:\Users\luca\AppData\Roaming\obs-studio
2017-07-10 15:25 - 2016-10-02 15:38 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-07-10 09:36 - 2016-03-05 17:04 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-07-09 21:58 - 2017-01-17 20:30 - 00000000 ____D C:\Users\luca\AppData\Local\CrashDumps
2017-07-09 20:25 - 2016-06-14 23:23 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2017-07-09 20:08 - 2016-10-02 15:38 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-09 20:08 - 2016-02-07 23:01 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-09 19:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-09 18:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-09 10:30 - 2016-10-13 13:08 - 00000000 ____D C:\Users\luca\AppData\Roaming\discord
2017-07-08 18:25 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-07-08 14:50 - 2016-02-12 23:52 - 00000000 ____D C:\Users\luca\AppData\Local\Ubisoft Game Launcher
2017-07-06 10:47 - 2016-10-02 14:30 - 00000000 ____D C:\Users\luca\AppData\LocalLow\Heroes and Generals
2017-07-06 10:45 - 2016-03-09 20:18 - 00000000 ____D C:\Users\luca
2017-07-05 16:02 - 2016-02-16 22:18 - 00000000 ____D C:\Users\luca\AppData\Roaming\TS3Client
2017-07-02 19:09 - 2016-02-16 22:18 - 00000000 ____D C:\Users\luca\AppData\Local\TeamSpeak 3 Client
2017-06-29 22:34 - 2017-01-03 15:30 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-27 22:49 - 2016-05-02 20:20 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2017-06-27 20:50 - 2017-04-26 21:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 16:39 - 2016-05-01 09:59 - 00000000 ____D C:\Users\luca\AppData\Local\Avira
2017-06-26 22:40 - 2016-02-05 23:41 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-26 00:07 - 2016-06-01 08:40 - 00000000 ____D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-06-25 09:05 - 2016-02-06 01:57 - 00000000 ____D C:\Users\luca\Documents\My Games
2017-06-25 01:54 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-06-24 02:51 - 2016-06-15 19:30 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-23 22:01 - 2016-05-16 14:28 - 00000000 ____D C:\Users\luca\AppData\Local\Arma 3 Launcher
2017-06-22 12:24 - 2016-08-13 11:27 - 00000000 ____D C:\Users\luca\Documents\Euro Truck Simulator 2
2017-06-22 09:24 - 2016-05-01 09:47 - 00000000 ____D C:\ProgramData\Avira
2017-06-20 15:06 - 2013-08-22 16:44 - 00380880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-19 16:05 - 2016-03-05 11:40 - 00000000 ____D C:\Users\luca\AppData\Local\ElevatedDiagnostics
2017-06-18 17:56 - 2017-01-03 15:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-06-18 01:26 - 2016-12-25 21:41 - 00000000 ____D C:\Users\luca\Documents\EA Games
2017-06-18 00:07 - 2017-05-06 12:53 - 00000000 ____D C:\Users\luca\Documents\Command and Conquer Generals Zero Hour Data
2017-06-16 15:51 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 18:42 - 2016-10-08 22:07 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-06-15 18:42 - 2016-05-01 09:51 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-06-15 18:42 - 2016-05-01 09:51 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-06-15 10:50 - 2017-04-26 21:49 - 00000000 ____D C:\Users\luca\AppData\Local\Dropbox
2017-06-13 14:10 - 2017-06-03 14:03 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-13 14:09 - 2017-06-03 14:02 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-12 00:03 - 2016-05-16 14:30 - 00000000 ____D C:\Users\luca\AppData\Local\Arma 3
2017-06-11 19:52 - 2016-05-16 15:19 - 00000000 ____D C:\Users\luca\Documents\Arma 3 - Other Profiles
2017-06-11 12:23 - 2016-06-23 18:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-11 12:23 - 2016-06-22 16:32 - 00000000 ____D C:\Users\luca\AppData\Local\Battle.net
2017-06-11 12:23 - 2016-06-22 16:14 - 00000000 ____D C:\Program Files (x86)\Battle.net

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-05-06 19:32 - 2017-04-17 19:18 - 0007598 _____ () C:\Users\luca\AppData\Local\Resmon.ResmonCfg
2016-12-17 19:01 - 2016-12-17 19:01 - 0000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-11 01:35

==================== Ende von FRST.txt ============================

schoko. · 11.07.2017, 09:28

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von luca (11-07-2017 03:38:56)
Gestartet von C:\Users\luca\Desktop
Windows 8.1 (Update) (X64) (2016-03-09 18:49:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1307209835-1344803613-922493989-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1307209835-1344803613-922493989-1007 - Limited - Enabled)
Gast (S-1-5-21-1307209835-1344803613-922493989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1307209835-1344803613-922493989-1006 - Limited - Enabled)
luca (S-1-5-21-1307209835-1344803613-922493989-1002 - Administrator - Enabled) => C:\Users\luca

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM\...\Steam App 255280) (Version:  - Daedalic Entertainment)
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
A New Beginning - Final Cut (HKLM\...\Steam App 105000) (Version:  - Daedalic Entertainment)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Akamai NetSession Interface (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{1AB4D394-B72C-86E8-4D58-27147BC4071E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.33 - NVIDIA Corporation) Hidden
APB Reloaded (HKLM\...\Steam App 113400) (Version:  - Reloaded Productions)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atlas Reactor (HKLM\...\Steam App 402570) (Version:  - Trion Worlds)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{14d00649-a178-473f-bf48-eec016dc4bfa}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{271D5399-34AF-4611-BCD9-B09185B2BBE0}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.8.4.30090 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.5.3029.2783 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{A4DF9D2A-AB95-4F30-9CA4-2F49662BA39D}) (Version: 2.0.2.27024 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.7.1.5481 - Avira Operations GmbH & Co. KG)
Batman: Arkham City GOTY (HKLM\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Breath of Death VII  (HKLM\...\Steam App 107300) (Version:  - Zeboyd Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
Chaos on Deponia (HKLM\...\Steam App 220740) (Version:  - Daedalic Entertainment)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes (New Steam Version) (HKLM\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version:  - Relic Entertainment)
Controller Companion (HKLM\...\Steam App 367670) (Version:  - Koga Tech Limited)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crysis (HKLM\...\Steam App 17300) (Version:  - Crytek)
Cthulhu Saves the World  (HKLM\...\Steam App 107310) (Version:  - Zeboyd Games)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Messiah of Might & Magic Single Player (HKLM\...\Steam App 2100) (Version:  - Arkane Studios)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Darksiders Warmastered Edition (HKLM\...\Steam App 462780) (Version:  - KAIKO)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
Deponia (HKLM\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Discord (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Divine Divinity (HKLM\...\Steam App 214170) (Version:  - Larian Studios)
Divinity: Original Sin (Classic) (HKLM\...\Steam App 230230) (Version:  - Larian Studios)
Divinity: Original Sin Enhanced Edition (HKLM\...\Steam App 373420) (Version:  - Larian Studios)
Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
E.Y.E: Divine Cybermancy (HKLM\...\Steam App 91700) (Version:  - Streum On Studio)
Edna & Harvey: Harvey's New Eyes (HKLM\...\Steam App 219910) (Version:  - Daedalic Entertainment)
Edna & Harvey: The Breakout (HKLM\...\Steam App 255320) (Version:  - Daedalic Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout Shelter (HKLM\...\Steam App 588430) (Version:  - Bethesda Game Studios)
Fotogalerie (HKLM-x32\...\{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{1F0C818D-4A41-4E40-BAFB-BB940C82A518}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{E354D495-5DA4-4CCF-AB39-080F6A4141BE}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{9F470E17-4FC3-4091-A508-D5347A16A2B9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{DB7B6508-2AAB-4F26-99D4-74559A2F5E42}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameMaker: Studio (HKLM\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameRanger (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\GameRanger) (Version:  - GameRanger Technologies)
GameRanger (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
Geometry Dash (HKLM\...\Steam App 322170) (Version:  - RobTop Games)
Goodbye Deponia (HKLM\...\Steam App 241910) (Version:  - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Quest (HKLM\...\Steam App 547680) (Version:  - Hyper Hippo Games)
Gunpoint (HKLM\...\Steam App 206190) (Version:  - Suspicious Developments)
Guns'N'Zombies (HKLM\...\Steam App 264300) (Version:  - Krealit)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version:  - Elias Viglione)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.5.5 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
How to Survive (HKLM\...\Steam App 250400) (Version:  - EKO Software)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Killer is Dead (HKLM\...\Steam App 261110) (Version:  - KADOKAWA GAMES / GRASSHOPPER MANUFACTURE)
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Labyronia RPG (HKLM\...\Steam App 391260) (Version:  - Labyrinthine)
Labyronia RPG 2 (HKLM\...\Steam App 397500) (Version:  - Labyrinthine)
Last Man Standing (HKLM\...\Steam App 506540) (Version:  - Free Reign Entertainment)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend of Mysteria (HKLM\...\Steam App 407230) (Version:  - Labyrinthine)
Legends of Aethereus (HKLM\...\Steam App 248410) (Version:  - Three Gates)
LEGO Batman 2 (HKLM\...\Steam App 213330) (Version:  - TT Games)
LEGO® MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
LEGO® The Hobbit™ (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
LEGO® The Lord of the Rings™ (HKLM\...\Steam App 214510) (Version:  - Traveller's Tales)
Lost Moon (HKLM\...\Steam App 406090) (Version:  - Eplixe)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mark of the Ninja (HKLM\...\Steam App 214560) (Version:  - Klei Entertainment)
Mass Effect (HKLM\...\Steam App 17460) (Version:  - BioWare)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.281 - Electronic Arts)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.1924 - CyberLink Corp.) Hidden
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Memoria (HKLM\...\Steam App 243200) (Version:  - Daedalic Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM\...\Steam App 17410) (Version:  - DICE)
Mortal Kombat X (HKLM\...\Steam App 307780) (Version:  - NetherRealm Studios)
Movie Maker (HKLM-x32\...\{03CC9D58-B132-4CC0-A521-4F3660AA43C7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{058EDEC8-1873-4B49-9A08-54ADE9CC129B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{306C7AEF-16C7-428D-93AA-99D4A4090243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{36BEC461-B58A-414D-993E-E2BDD1F1A14B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{62BBCDDC-4979-4E59-9D97-5B8E874C3191}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{701FE1BC-834A-4857-AF62-6EBA50CFBC78}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{751EB657-3F22-4150-8CE4-D79A262F1D92}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7E63F102-A9E9-4F4C-8004-BC62974736BF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MXMCLIENT (HKLM-x32\...\MXM) (Version:  - NCSOFT)
NC Launcher (HKLM-x32\...\NCLauncherS_plaync) (Version:  - NCSOFT)
NOT A HERO (HKLM\...\Steam App 274270) (Version:  - Roll7)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project)
OMG Zombies! (HKLM\...\Steam App 259870) (Version:  - Laughing Jackal LTD)
One More Line (HKLM\...\Steam App 356890) (Version:  - SMG Studio)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
OpenOffice Updater (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.)
Outlast (HKLM\...\Steam App 238320) (Version:  - Red Barrels)
Overlord (HKLM\...\Steam App 11450) (Version:  - Triumph Studios)
Overture (HKLM\...\Steam App 343100) (Version:  - Black Shell Games)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PAC-MAN Championship Edition DX+ (HKLM\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Party Hard (HKLM\...\Steam App 356570) (Version:  - Pinokl Games)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
Penumbra: Black Plague (HKLM\...\Steam App 22120) (Version:  - Frictional Games)
Penumbra: Overture (HKLM\...\Steam App 22180) (Version:  - Frictional Games)
Penumbra: Requiem (HKLM\...\Steam App 22140) (Version:  - Frictional Games)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (HKLM-x32\...\{D04EBB49-C985-4A38-8695-62000861293A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realm of the Mad God (HKLM\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - Hopoo Games, LLC)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version:  - Crytek)
Saints Row 2 (HKLM\...\Steam App 9480) (Version:  - Volition)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
Shakes and Fidget (HKLM\...\Steam App 438040) (Version:  - Playa Games GmbH)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Sins Of The Demon RPG (HKLM\...\Steam App 461640) (Version:  - Chandler Rounsley)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spikit (HKLM\...\Steam App 509110) (Version:  - Blastoid Entertainment)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version:  - Pandemic Studios)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version:  - Petroglyph)
Starbound - Unstable (HKLM\...\Steam App 367540) (Version:  - )
Starbound (HKLM\...\Steam App 211820) (Version:  - Chucklefish)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storm of Spears (HKLM\...\Steam App 463350) (Version:  - Warfare Studios)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
TeamSpeak 3 Client (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Terrorhedron (HKLM\...\Steam App 299720) (Version:  - Dan Walters)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Chosen RPG (HKLM\...\Steam App 434420) (Version:  - Little Big Lee)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Dark Eye: Chains of Satinav (HKLM\...\Steam App 203830) (Version:  - Daedalic Entertainment)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls: Legends (HKLM\...\Steam App 364470) (Version:  - Dire Wolf Digital)
The Evil Within (HKLM\...\Steam App 268050) (Version:  - Tango Gameworks)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Night of the Rabbit (HKLM\...\Steam App 230820) (Version:  - Daedalic Entertainment)
The Secret World (HKLM\...\Steam App 215280) (Version:  - Funcom)
The Whispered World Special Edition (HKLM\...\Steam App 268540) (Version:  - Daedalic Entertainment)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Timberman (HKLM\...\Steam App 398710) (Version:  - Digital Melody)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Trine 2 (HKLM\...\Steam App 35720) (Version:  - Frozenbyte)
Trine 3: The Artifacts of Power (HKLM\...\Steam App 319910) (Version:  - Frozenbyte)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
UE4 Prerequisites (x64) (HKLM\...\{457BE011-43FF-44A7-9FA7-B3BE181E2076}) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
Vokabelcheck Spanisch (HKLM-x32\...\Vokabelcheck Spanisch) (Version: 1.0.0.0 - Genehmigte Lizenzausgabe)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wargame: European Escalation (HKLM\...\Steam App 58610) (Version:  - Eugen Systems)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wolfenstein: The Old Blood German Edition (HKLM\...\Steam App 354830) (Version:  - MachineGames)
World of Tanks (HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Tanks (HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Συλλογή φωτογραφιών (HKLM-x32\...\{A19A8C25-272A-4CD6-8BA8-3772321A021B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-03] (Cyberlink)
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers02: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-08-03] (Cyberlink)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> Keine Datei
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers05: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-11] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0CA31420-43BB-45C7-A619-C7D20C155D08} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {0ED72862-60EF-4C89-819C-5CA6414E0811} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-22] (Avira Operations GmbH & Co. KG)
Task: {11857D59-6944-4E30-97F2-2E592C024F87} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-22] (NVIDIA Corporation)
Task: {35EDCFE6-7074-439D-B7BD-D7AC74DEF009} - System32\Tasks\{93A54DF0-C15E-488A-B80A-D768FA03D9B3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=404
Task: {3F480002-AC7C-48A1-B092-7B74EC625C2D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-26] (Dropbox, Inc.)
Task: {42A599EE-DBCD-4B74-90C3-99B00CE586EC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {480B1722-4A71-4AD7-84CE-82AB033497ED} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-22] (NVIDIA Corporation)
Task: {5DF31B83-0A8C-4D46-883C-5A49C9B8F0BF} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-06-22] (Avira Operations GmbH & Co. KG)
Task: {69B1F47F-04ED-4825-BC59-55D14CA34A60} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-22] (NVIDIA Corporation)
Task: {8A6AFFA4-5E62-4776-BB40-951A12833674} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-22] (NVIDIA Corporation)
Task: {95C13E9A-BFBC-47D9-A325-8EC82C1838AD} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {9B8A95FA-7E5D-46D3-9094-096313CA5143} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {9DB81685-34FD-4BD0-BE44-E9A99EE6F079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-05] (Google Inc.)
Task: {A01A38BD-FA2C-420A-85FE-6FD3EE8217B5} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A2ADDC75-3199-4889-9BB7-5BC33F894BB3} - System32\Tasks\{93808D44-1BEE-4250-8A72-439F6F69E3D5} => pcalua.exe -a E:\AutoRun.exe -d E:\
Task: {A61B660E-E773-4D28-A834-E2414AD7D620} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-22] (NVIDIA Corporation)
Task: {ACE4036C-B804-4512-94E8-31E44740AE8E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-22] (NVIDIA Corporation)
Task: {B9E57456-8BB7-412D-A4F5-4BCAD7EA4E09} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-26] (Dropbox, Inc.)
Task: {C7DB9097-40DB-45FD-9A68-CA62D5F93951} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-22] (NVIDIA Corporation)
Task: {CA282174-F92E-45F6-86B2-E17AA929B8D0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-22] (NVIDIA Corporation)
Task: {CC023602-3A3E-4DE9-B0A7-C3E5B2D1C2B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-05] (Google Inc.)
Task: {EF0BA3B6-1013-44D9-BBD1-8D31C26BEFFC} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {F1ADC9D1-5B59-423D-BAF8-18DED41CC322} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-07-10] (Avira Operations GmbH & Co. KG                              )
Task: {F2EE2B96-6E3C-4FE3-9F49-66DBE6FB7B4D} - System32\Tasks\{3506EA9B-12B7-4192-A68B-45432F385DAD} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=404
Task: {F5E5E2FD-2128-4006-96C7-F3A3AFB73673} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www1.aldi-blumenservice.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Reisen.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nord.aldi-reisen.de/html_nord
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Nord Startseite.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de
ShortcutWithArgument: C:\Users\luca\Neuer Ordner\eBay.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/707-154514-44482-13/4
ShortcutWithArgument: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Ad;Block Plus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gppglejjadnhbalmblladacjggieapge
ShortcutWithArgument: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Fair AdBlocker App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-08-06 14:09 - 2012-08-06 14:09 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 18:03 - 2012-03-05 18:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 16:53 - 2012-02-16 16:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-08-06 14:09 - 2012-08-06 14:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-01-15 21:41 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-14 23:23 - 2017-07-09 20:25 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2012-11-09 16:36 - 2010-08-19 19:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-07-10 17:22 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-06-26 22:40 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 22:40 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-05-31 17:48 - 2017-06-29 22:33 - 00022928 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-01-15 21:41 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-15 19:50 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-05 23:44 - 2017-03-29 20:12 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-05 23:44 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-05 23:44 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-05 23:44 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 18:29 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-15 21:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-15 21:27 - 2017-01-15 21:27 - 01082880 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-15 21:27 - 2017-01-15 21:27 - 03750400 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-15 21:27 - 2017-01-15 21:27 - 00914432 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-15 21:27 - 2017-01-15 21:27 - 01127424 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-15 21:27 - 2017-05-22 20:22 - 01385976 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_overlay\discord_overlay.node
2017-05-31 17:48 - 2017-06-29 22:33 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-05-31 17:48 - 2017-06-29 22:33 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2017-01-03 15:33 - 2017-01-03 15:33 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2012-11-09 16:34 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-31 21:24 - 2017-06-26 12:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-27 20:50 - 2017-06-26 12:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-27 20:50 - 2017-06-26 12:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-31 21:24 - 2017-06-26 12:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-27 20:50 - 2017-06-26 12:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-27 20:50 - 2017-06-26 12:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-05-31 21:24 - 2017-06-26 12:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-31 21:24 - 2017-06-26 12:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-27 20:50 - 2017-06-26 12:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-31 21:24 - 2017-06-26 12:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-27 20:50 - 2017-06-26 12:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-27 20:50 - 2017-06-26 12:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-31 21:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-31 21:24 - 2017-06-26 12:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-27 20:50 - 2017-06-26 12:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-01-15 21:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-15 21:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\luca\AppData\Local\Discord\app-0.0.297\libegl.dll
2016-12-13 15:57 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-08 17:50 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-02-05 23:44 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-07-10 21:39 - 2017-07-10 21:39 - 00148992 _____ () \\?\C:\Users\luca\AppData\Local\Temp\9EAD.tmp.node
2017-01-15 21:27 - 2017-04-26 21:23 - 02658296 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-15 21:27 - 2017-03-22 20:17 - 02665976 _____ () \\?\C:\Users\luca\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-02-05 23:44 - 2017-03-29 20:12 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\NvContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\NvTelemetryContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcmihvsrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcmihvui64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvd3dumx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437633.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437849.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437866.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437878.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437892.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438189.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438205.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6438233.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437633.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437849.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437866.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437878.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437892.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438165.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438189.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438205.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6438233.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdagenco6420103.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvhdap64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvinitx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvmcumd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglshim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvwgf2umx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-42-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EasyAntiCheat.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lastpass_1337.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lastpass_downloader.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvd3dum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvinit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglshim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvStreaming.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvumdshim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvwgf2um.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\avnetflt.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BCMWL63a.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Hamdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvhda64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvhci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tap0901.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca:Heroes & Generals [38]
AlternateDataStreams: C:\Users\luca\Downloads\0.9.12 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\0.9.12.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\15578691_1646917675612878_964531673916360488_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\4.2.4.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\4kyoutubetomp3_3.0.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\4kyoutubetomp3_3.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\@Exile-1.0.2.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-Classic-2017-0122 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-Classic-2017-0122.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Air-for-Steam-2017-0122.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ArmoredWarfareMycomLoader_ee507c12538b76672777980993d5b5cd_A_de.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\ArmoredWarfareMycomLoader_ee507c12538b76672777980993d5b5cd_A_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\autodetectutility (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\autodetectutility (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Bin64 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CEB2N8.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Credits.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CSScontentinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\CSScontentinstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\CSS_Content_Addon_(Dec2013).rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Diablo-III-Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Diablo-III-Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\DiscordSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\DiscordSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Download.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\DropboxInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\DropboxInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ets2mp_20400.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GameRangerSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GTAV_Setup_Tool (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GTAV_Setup_Tool (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\GTA_V_Launcher_1_0_877_1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\GTA_V_Launcher_1_0_877_1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\hamachi.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\install_flash_player.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\install_flash_player.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\LibreOffice_5.1.6_Win_x86.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Luca Foto.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\MarkC_Windows_10+8.x+7_MouseFix.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\mikuskin50.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Nicht bestätigt 854861.crdownload:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\OBS-Studio-17.0.2-Full-Installer.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Penumbra_Steam_German_Patch.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup (1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Social Club Latest Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\luca\Downloads\Social-Club-v1.1.9.6-Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\sr2_uncut.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\TeamViewer_Setup (2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\VID-20170428-WA0001.mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\WhatsAppSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\WhatsAppSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\luca\Downloads\ysd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\luca\Downloads\ysd.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\luca\Desktop\ordner\bilder\547265.jpg
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\Control Panel\Desktop\\Wallpaper -> C:\Users\luca\Desktop\ordner\bilder\547265.jpg
DNS Servers: 8.8.8.8 - 8.8.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-1307209835-1344803613-922493989-1002\...\StartupApproved\Run: => "World of Warships"
HKU\S-1-5-21-1307209835-1344803613-922493989-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07112017023136505\...\StartupApproved\Run: => "World of Warships"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{40C578B0-A507-4B5A-985D-D44B8431E5D2}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [UDP Query User{9AB93019-A142-4933-81DD-54C46FB0D6A6}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [TCP Query User{0D540F08-BF92-468C-8D33-3DC81F676EF8}C:\users\luca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luca\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B3CE7B42-C9FF-4E69-997B-A99F28B01627}C:\users\luca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luca\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{56CF41EF-7492-499E-A5E7-691BFB5E7933}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4FA3FCEB-205A-4CFE-823F-558DC04CFDAD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{97828071-9B93-4A8E-8733-475B4E5E4E5C}F:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) F:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{912E9F4B-5A3C-467D-B8C9-3754BB505C42}F:\steam\steamapps\common\war thunder\launcher.exe] => (Allow) F:\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [{9CCD2360-35D9-4AED-A89E-85923BE0E2D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9411469-6F75-4EE5-AE61-2BDB69D9CB37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9DB3E12D-D43A-44EB-A737-7B5F093DD68B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{05045B79-7C70-4DA3-A05C-C383B6F72C30}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{F73920F0-9D2C-47A9-B494-F2B019EF5952}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [UDP Query User{C8F1E715-E92C-497F-B640-5CDA18C7230F}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Allow) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
FirewallRules: [TCP Query User{7DFA01BB-AE22-46EF-9FFE-5DDA5F80BEC0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D4A21EA8-2E61-40D9-87E5-D9B97432257B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1C82DEBA-CD03-4E29-9E40-A3C78E87F297}] => (Allow) F:\steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{59761F41-7B31-4A9C-B79C-11A91FC4C027}] => (Allow) F:\steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{1BF144F7-4927-454F-A0D0-3FC94F1890CC}] => (Allow) F:\steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{229DFF31-D971-4873-ADB7-75125CF18569}] => (Allow) F:\steam\steamapps\common\GarrysMod\hl2.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 19:48:15 Geplanter Prüfpunkt
09-07-2017 20:05:38 DirectX wurde installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/11/2017 03:33:51 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/11/2017 03:33:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/11/2017 01:38:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\luca\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:59:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:58:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\luca\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:58:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\luca\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:57:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\luca\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:33:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\luca\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:33:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\luca\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (07/10/2017 09:28:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avguard.exe, Version: 15.0.27.30, Zeitstempel: 0x592fe302
Name des fehlerhaften Moduls: avlode.dll, Version: 15.0.27.33, Zeitstempel: 0x593144d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00068613
ID des fehlerhaften Prozesses: 0x6fc
Startzeit der fehlerhaften Anwendung: 0x01d2f995ecddfb8d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Antivirus\avguard.exe
Pfad des fehlerhaften Moduls: c:\program files (x86)\avira\antivirus\avlode.dll
Berichtskennung: e3ea4ee7-65a5-11e7-beff-7085c20e4056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (07/11/2017 02:31:36 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a118\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1307209835-1344803613-922493989-1002-07112017023136505-ntuser.dat

Error: (07/11/2017 01:14:36 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (07/10/2017 09:59:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/10/2017 09:59:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\luca\AppData\Local\Temp\ehdrv.sys

Error: (07/10/2017 09:59:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/10/2017 09:59:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\luca\AppData\Local\Temp\ehdrv.sys

Error: (07/10/2017 09:59:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/10/2017 09:59:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\luca\AppData\Local\Temp\ehdrv.sys

Error: (07/10/2017 09:37:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/10/2017 09:37:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (120000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.


CodeIntegrity:
===================================
  Date: 2017-06-03 13:27:30.954
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-03 08:45:27.365
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 08:38:27.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 07:47:46.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-03 06:12:46.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:29:53.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:14:08.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 23:07:50.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 22:24:41.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-06-02 21:25:33.166
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8164.38 MB
Verfügbarer physikalischer RAM: 4306.72 MB
Summe virtueller Speicher: 11620.38 MB
Verfügbarer virtueller Speicher: 6340.36 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:92.12 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:42.73 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.39 GB) (Free:132.48 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

nein es gibt keine Probleme mehr mit mein pc oder Internet Browsern.
ich bedanke mich bei dir !

M-K-D-B · 11.07.2017, 13:49

Servus,

Reste entfernen

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso
DeleteKey: HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen.

Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern.

Option 1 - Drivesnapshot
Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Screenshots:
http://www.drivesnapshot.de/images/startup.png
http://www.drivesnapshot.de/images/save3.png

Option 2 - Seagate DiscWizard
Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3 - Acronis TrueImage WD Edition
Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg

schoko. · 11.07.2017, 14:46

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2017
durchgeführt von luca (11-07-2017 15:12:11) Run:2
Gestartet von C:\Users\luca\Desktop\trojaner board
Geladene Profile: luca &  (Verfügbare Profile: luca)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso
DeleteKey: HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
C:\Users\luca\Downloads\Saints row 2 pc patch download free windows 7.iso => erfolgreich verschoben
HKU\S-1-5-21-1307209835-1344803613-922493989-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7567398 B
Java, Flash, Steam htmlcache => 6099312 B
Windows/system/drivers => 2137673 B
Edge => 0 B
Chrome => 715842778 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 66260 B
NetworkService => 0 B
luca => 126819244 B

RecycleBin => 0 B
EmptyTemp: => 826.8 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:12:46 ====

Danke vielmals ich werde deine Radschläge hier berücksichtigen und Backup machen etc..
du kanst also dieses Thema aus deinen Abos löschen

10.07.2017, 19:53	#9
M-K-D-B /// TB-Ausbilder	Browser öffnen sich von selbst und laden immer wieder die Startseite (neue Tab) Servus, tritt das Problem aktuell immer noch auf? Wenn ja, in welchem Browser?

Browser öffnen sich von selbst und laden immer wieder die Startseite (neue Tab)

Log-Analyse und Auswertung: Browser öffnen sich von selbst und laden immer wieder die Startseite (neue Tab)