Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win10 - Datenträgerauslastung 100% / Plötzliches ausgehen oder Schwarzer Bildschirm (https://www.trojaner-board.de/183942-win10-datentraegerauslastung-100-ploetzliches-ausgehen-schwarzer-bildschirm.html)

Lani2388 14.01.2017 14:55
Win10 - Datenträgerauslastung 100% / Plötzliches ausgehen oder Schwarzer Bildschirm
 
Liste der Anhänge anzeigen (Anzahl: 2)
Guten Tag,
ich habe seit gestern das Problem das ständig der Rechner ohne ersichtlichen Grund ausgeht oder aber ich bekomme nen Schwarzen Monitor und im Hintergrund läuft es weiter.

Was ich bisher getan habe ist simpel ich dachte erstmal daran es könnte sein das die Treiber nicht aktuell sind da gestern nen Win update kam. Also alles über das Programm "Driver Booster 4" aktualisiert.
Nebenbei den Online Virenscanner von ESET online durchlaufen lassen der allerdings nichts gefunden hat.

Die Datenträgerauslastung liegt auch bei 100% und das meiste braucht "Antimaleware Service Executable -> Dateipfad: Windows Defender -> Datei: MSMpEng

Ich hoffe ich habe alles wichtige drin.

Liebe Grüße Sabrina aka Lani

cosinus 14.01.2017 15:14
hi,

Zitat:
Online Virenscanner von ESET online durchlaufen lassen der allerdings nichts gefunden hat.
Und wieso soll das dann ein Schädlingsproblem sein? :confused:
Oder gab es doch Funde, wenn ja, Logs dazu?

Und FRST bitte auch in CODE-Tags posten.


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Lani2388 14.01.2017 15:33
Sorry dachte weil bei der 100% Auslastung der Windows Defender aufgelistet ist. Aber dann muss ich mich evtl doch an ein anderes Forum wenden. Ich habe von Rechnern absolut keine Ahnung weder in der Hard- noch Software.

LG


Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-01-2017
durchgeführt von Sabrina (14-01-2017 14:45:01)
Gestartet von C:\Users\Sabrina\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-26 06:50:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1969797547-1759999268-3186569588-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1969797547-1759999268-3186569588-503 - Limited - Disabled)
Gast (S-1-5-21-1969797547-1759999268-3186569588-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1969797547-1759999268-3186569588-1003 - Limited - Enabled)
Sabrina (S-1-5-21-1969797547-1759999268-3186569588-1001 - Administrator - Enabled) => C:\Users\Sabrina

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Backgammon Blitz (HKLM-x32\...\Steam App 395900) (Version:  - VooFoo Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bus Driver (HKLM-x32\...\Steam App 302080) (Version:  - SCS Software)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: 1.6 - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crazy Chicken (HKLM-x32\...\Steam App 340120) (Version:  - Doyodo)
Crush Crush (HKLM\...\Steam App 459820) (Version:  - Sad Panda Studios)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Discord (HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version:  - Ubisoft)
FileZilla Client 3.13.1 (HKLM-x32\...\FileZilla Client) (Version: 3.13.1 - Tim Kosse)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
FINAL FANTASY XIII (HKLM-x32\...\Steam App 292120) (Version:  - SQUARE ENIX)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.20 - IObit)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version:  - Bitbox Ltd.)
Memoria (HKLM-x32\...\Steam App 243200) (Version:  - Daedalic Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version:  - Ndemic Creations)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version:  - Roccat GmbH)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version:  - ) <==== ACHTUNG
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
Splinter Cell Chaos Theory (HKLM-x32\...\Uplay Install 95) (Version:  - Ubisoft)
Spotify (HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 12.0.0.5 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales from the Borderlands (HKLM-x32\...\Steam App 330830) (Version:  - Telltale Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.12 - TOSHIBA Corporation)
Trucks & Trailers (HKLM-x32\...\Steam App 302060) (Version:  - SCS Software)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1969797547-1759999268-3186569588-1001_Classes\CLSID\{053afb63-3ea7-441a-a03d-609a099a7e2a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0668B42B-1C78-42E8-82D0-9AEA4F8EDC29} - System32\Tasks\snp => C:\ProgramData\Got\dhlnyvkb.exe
Task: {0BCE0FD9-D3AA-4D5B-8431-5ED52832A78B} - System32\Tasks\Uninstaller_SkipUac_Sabrina => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-01] (IObit)
Task: {0E093ED5-A4F4-49F1-9E6E-791ECD17AC1E} - System32\Tasks\umi58xui => C:\Users\Sabrina\AppData\Roaming\umi58xui.exe <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BC2D8D4-C8EA-4CB8-B124-34600082D3F3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {3C14D675-601A-4872-BFCC-4E003E55437D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4AC3BC76-D001-479A-AEC0-296156B59378} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4E7FCF80-C511-4392-9E52-4DDF09EF7357} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {509D907A-9DE2-4C9D-AD76-BB482BACA1D8} - System32\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-10_user => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-10.exe <==== ACHTUNG
Task: {524F0F8D-C251-4D08-B789-6563187A95FE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {551006BD-BB93-44C4-9C4D-1A416B4017F9} - System32\Tasks\snf => C:\ProgramData\Got\dhlnyvkb.exe
Task: {5E4C8FE4-4159-45E8-904C-D883A95E9D20} - System32\Tasks\VNFZWYG1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: {6A3F2793-6CC4-45FC-9671-CCA351FC2647} - System32\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-7 => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-7.exe <==== ACHTUNG
Task: {70F94780-7682-418A-823A-DAECC9CB9889} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-25] (Google Inc.)
Task: {8246D124-9F5E-4C21-9460-589743193186} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {83E79AFC-611E-4BA3-987C-F8186AE13C99} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {849F51CB-2626-4EA3-9CC2-8D98527775ED} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {8A95A91F-AC30-41C3-9616-C744CC993D65} - System32\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-6 => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-6.exe <==== ACHTUNG
Task: {8AA31746-F8B2-4AA9-9BCE-DFEF9BF6B769} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Sabrina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {8C30AA21-4D74-4FCA-82BD-7B134E816F14} - System32\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5_user => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5.exe <==== ACHTUNG
Task: {8C93EAE5-372B-4BFD-9CBF-89E3D49410A3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8D1612B2-1FE3-4934-ABC3-E85249A81D4E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A720D2F2-1706-4925-A0E3-CF790294B368} - System32\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5 => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5.exe <==== ACHTUNG
Task: {AF25C3DE-5C57-4B04-B62A-3F504855D7D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-25] (Google Inc.)
Task: {BE09C1AE-A07B-48B0-8E17-966A1444AC1E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BE96DED7-F12B-4636-9BC4-355D0D8CBEE5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C2837B9A-5182-44CD-B7EE-5E505D199B27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D043CEF9-193A-46E6-8CA6-FA005E66E81E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {D09B5796-0146-40EE-A9CE-105CBF0650DB} - System32\Tasks\sab3009 => C:\PROGRA~2\FASTSE~1\sab3009.exe <==== ACHTUNG
Task: {D92E01A8-5FFA-4802-9ADC-9B2FE4F2F90E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E25979F2-3D94-47C3-BFFB-48583B6E6385} - System32\Tasks\Driver Booster SkipUAC (Sabrina) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {F0D14984-9227-4844-A658-00F9C835506C} - \WPD\SqmUpload_S-1-5-21-1969797547-1759999268-3186569588-1001 -> Keine Datei <==== ACHTUNG
Task: {F2A3C50F-A663-4CE7-9C44-226807FB2C57} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F797AABC-2B8D-47F9-B81C-F4B72D1DD489} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {FB7D753E-4A24-48A0-9708-506C2BF4E156} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-6.job => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-7.job => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-10_user.job => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5.job => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5_user.job => C:\Program Files (x86)\MediaPlayerVid2.4\786188de-2c1f-4013-bc7d-ed3d9b5d8227-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\umi58xui.job => C:\Users\Sabrina\AppData\Roaming\umi58xui.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\VNFZWYG1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Sabrina\Desktop\arklanserverstart.bat - Verknüpfung.lnk -> C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\arklanserverstart.bat ()

ShortcutWithArgument: C:\Users\Sabrina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\La - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-16 08:53 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-12 16:04 - 2016-02-12 16:41 - 00076888 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-05-23 19:56 - 2016-05-02 06:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-12 09:10 - 2016-05-02 06:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-23 19:56 - 2016-05-02 06:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-23 19:56 - 2016-05-02 06:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-23 19:56 - 2016-05-02 06:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-23 19:56 - 2016-05-02 06:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-23 19:56 - 2016-05-02 06:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-12 09:10 - 2016-05-02 06:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-23 19:55 - 2016-05-02 06:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-23 19:55 - 2016-05-02 06:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-12-16 08:53 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-08-24 14:56 - 2015-08-24 14:56 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-12-13 07:46 - 2016-12-13 07:46 - 01678560 _____ () C:\Users\Sabrina\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-26 08:08 - 2016-09-26 08:08 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 14:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 14:06 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 14:06 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 14:06 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 14:06 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 14:06 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 14:06 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 08:03 - 2016-12-14 08:05 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 08:03 - 2016-12-14 08:05 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 08:03 - 2016-12-14 08:05 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 08:03 - 2016-12-14 08:05 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-30 12:12 - 2016-09-15 18:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-09-26 08:08 - 2016-09-26 08:08 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-01-11 14:06 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-01-11 14:06 - 2016-12-21 07:47 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2017-01-11 14:06 - 2016-12-21 07:47 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-12-14 08:06 - 2016-12-14 08:06 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2012-02-24 14:35 - 2012-02-24 14:35 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2017-01-13 15:21 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-13 15:21 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-13 15:21 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-02-12 09:10 - 2016-05-02 07:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-25 12:55 - 2016-12-23 19:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-07-25 12:55 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-07-25 12:55 - 2017-01-14 00:59 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-07-25 12:55 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-07-25 12:55 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-07-25 12:55 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-07-25 12:55 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-07-25 12:55 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-07-25 12:55 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-07-25 12:55 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-07-25 12:55 - 2017-01-14 00:59 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-02-21 20:16 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 07:46 - 2016-12-13 07:46 - 01244376 _____ () C:\Users\Sabrina\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2015-07-31 22:58 - 2016-01-15 23:52 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2016-12-15 07:40 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 07:40 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-11-02 05:32 - 2017-01-05 04:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-07-25 12:55 - 2017-01-14 00:59 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sabrina\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\1395963-1920x1080.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "RoccatIskuFX"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "RoccatIsku"
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\StartupApproved\Run: => "TSMApplication"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{830B99BA-26EB-4DEF-8C36-BC0F9A5C5EF3}] => C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{542B4954-7A26-4068-9F1F-2CA9E0291F8A}] => C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{CDD249B7-620E-4509-B4F3-AFACE6B779B7}] => C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{F6EE1971-E16C-4C70-A468-8C9853F423B6}] => C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FB911C21-A167-47B9-9576-7D46C1DF7973}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{9636FA53-5FBF-4553-A61C-9A560E8CEA47}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{C32CA90A-8ED0-442C-99A7-760BA2A59692}] => C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{B66E7389-CC54-4F08-B251-AB0B4A4BFF14}] => C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{EF95060F-FCF3-4D0B-AEF2-1C115B76C8DF}] => C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{4E49C708-81CD-4C77-A966-B339629314DD}] => C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{58EFD430-ABBB-47FF-95F5-C1912F2FEF34}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BE92309-3DFE-49A3-8E49-63F29CB06F86}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{868372FB-2BD7-4EF1-AF29-BA0CA9B3E78E}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF83039C-5A0C-4A74-9177-4F2BC453D15C}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{500873A3-D3A7-4BB3-B7F1-4B9AE7CFC5C5}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{732B42F5-57C1-4AD0-AF68-7E760CCCE8FC}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D606D8AB-2C6D-4A83-995C-5990E6AF60FA}] => C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{3B5F0CA5-32C0-4809-A258-56D04CB2FCA6}] => C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{9B92146C-1D1A-4142-BD3F-32C2B08EECEA}] => C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{11ACABB8-0C6E-4F61-A644-C2A5647C684A}] => C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{3D2B2A20-5812-4EBA-8414-24DCD2CC285F}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F51CB554-4F3D-47E6-B80E-479D071B3A45}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{56C93549-E83A-4843-9927-C0D14EB4788F}C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{E77D4FE2-D1B5-4D25-A04D-F58B1C02750F}C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{68C4ECE5-6842-43C0-B381-2D390B954624}] => C:\Program Files (x86)\Steam\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{0C444127-D0D2-4976-ABAC-03FFEB1A4DEF}] => C:\Program Files (x86)\Steam\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{2F3EEEDC-AAAF-4234-99BE-F7FEC8A360C4}] => C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{03ED01D3-9BAB-4EB0-91D9-DF91896BE25E}] => C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{2D849BE3-1D1A-47A6-8BDA-693802C856F1}] => C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A660D576-3B98-4EE1-A130-A814B95F2FBB}] => C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BEA23366-FFC4-40DD-98E7-F074AE7492E8}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{D7766C86-7026-47AD-8328-CCCFA77E525D}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{97B8E87B-B48E-45AD-B6EE-D92A2F562164}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{70EF9772-FF75-4CF6-A973-B1D93D686D05}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{23F533DF-3B49-45B5-9DE9-8AA37D4142C5}] => C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{BBC9FB52-98FC-48DA-B33F-5D4673011187}] => C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [TCP Query User{B5A19F15-8D2A-4085-A90B-AEEAD7E57054}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{C4316831-B429-41A6-95A1-D0337C39EAFD}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6A3A8D05-D887-40DF-A888-CA74FEAC2DD9}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{6413A438-D5FF-47BA-B6B6-AA2D525E963E}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{334D2969-9378-4760-8BF9-12CBA4FE96E9}] => C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D45BE13C-9358-4ECF-9042-343896FA00F1}] => C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3901B13D-9B90-4752-848B-56FAA1647878}] => C:\Program Files (x86)\Steam\steamapps\common\CrazyChicken\MoorhuhnDeluxe.exe
FirewallRules: [{34CFF638-C5D0-41FA-ABB8-B55C44934FFD}] => C:\Program Files (x86)\Steam\steamapps\common\CrazyChicken\MoorhuhnDeluxe.exe
FirewallRules: [{1E07475A-CC38-4CA9-9AAC-544CD0B5E027}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{8BA405A8-9A51-457D-9DB5-4DA6A2BD2C0C}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{E57D8182-7885-44C2-8142-DCAA6C66BFD9}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{2C0CD3A6-0E05-4DF1-B6FF-0F083F5143CA}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [TCP Query User{642D59DC-CC00-4ADE-AA7D-71F4944E968A}C:\program files (x86)\valve\counter-strike\hl.exe] => C:\program files (x86)\valve\counter-strike\hl.exe
FirewallRules: [UDP Query User{243EA614-DAB7-4B83-97B8-3F37F5AA2E26}C:\program files (x86)\valve\counter-strike\hl.exe] => C:\program files (x86)\valve\counter-strike\hl.exe
FirewallRules: [TCP Query User{6C4809B7-8AAA-4512-98F9-67259D3A0D0F}C:\users\sabrina\desktop\gamezone\w3\war3.exe] => C:\users\sabrina\desktop\gamezone\w3\war3.exe
FirewallRules: [UDP Query User{70C0FD52-6998-4EE5-9AED-2BD0FEEB3290}C:\users\sabrina\desktop\gamezone\w3\war3.exe] => C:\users\sabrina\desktop\gamezone\w3\war3.exe
FirewallRules: [TCP Query User{CE956AE3-7124-4B6B-A5CB-995229CFE20E}C:\users\sabrina\desktop\gamezone\call of duty\call of duty 1\codmp.exe] => C:\users\sabrina\desktop\gamezone\call of duty\call of duty 1\codmp.exe
FirewallRules: [UDP Query User{7BE839F1-3A46-443C-B19A-479126919040}C:\users\sabrina\desktop\gamezone\call of duty\call of duty 1\codmp.exe] => C:\users\sabrina\desktop\gamezone\call of duty\call of duty 1\codmp.exe
FirewallRules: [TCP Query User{FC736FAE-DAFC-481D-B340-81BB45A8CED7}C:\users\sabrina\desktop\gamezone\call of duty\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\sabrina\desktop\gamezone\call of duty\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{81BE8AE6-DDD9-451C-B59D-97283D976DED}C:\users\sabrina\desktop\gamezone\call of duty\call of duty 4 - modern warfare\iw3mp.exe] => C:\users\sabrina\desktop\gamezone\call of duty\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{64629BCB-C443-4CAB-87A6-3C034B74499B}C:\users\sabrina\desktop\gamezone\battlefield\bf1942.exe] => C:\users\sabrina\desktop\gamezone\battlefield\bf1942.exe
FirewallRules: [UDP Query User{B4D7EB40-C9F0-4630-866F-94FFAF61C66A}C:\users\sabrina\desktop\gamezone\battlefield\bf1942.exe] => C:\users\sabrina\desktop\gamezone\battlefield\bf1942.exe
FirewallRules: [TCP Query User{4855540E-3833-498D-B538-428AAC212FF7}C:\users\sabrina\desktop\gamezone\w3\war3.exe] => C:\users\sabrina\desktop\gamezone\w3\war3.exe
FirewallRules: [UDP Query User{4BDCBC49-95E5-41E6-8A3D-A0F9197BBC32}C:\users\sabrina\desktop\gamezone\w3\war3.exe] => C:\users\sabrina\desktop\gamezone\w3\war3.exe
FirewallRules: [TCP Query User{C92A48F4-B80E-4900-B566-67454ED0A69B}C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{C823D30C-44C1-40FB-A62F-1AE492B68A11}C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\sabrina\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{4D01683F-C92C-4971-B4D3-0762F768B9BE}] => C:\Program Files (x86)\Steam\steamapps\common\Backgammon\MantisConfig.exe
FirewallRules: [{25629418-EC44-4628-A366-0621619BE436}] => C:\Program Files (x86)\Steam\steamapps\common\Backgammon\MantisConfig.exe
FirewallRules: [TCP Query User{0BB45C44-8181-4F16-8105-6BCC33B59228}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{4336D14E-2AF5-4A33-BB9C-141757B7180D}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{C26EB6AB-34AF-46F8-A785-018EECC35277}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{045F4782-7E59-4ACA-B86E-D0013F48DD69}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{454B49FC-D085-4EE2-9142-201EDA76C0C4}] => C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{29FF59E1-7906-4BBE-A5A2-1030AB02EF59}] => C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{53D36BEE-D6E1-4466-9A4A-F608BAC7FD67}] => C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{B9E294CC-2858-4EA0-9166-9251C2F37E2E}] => C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{AD089A1B-40CA-47CE-A1BE-2FB8975B1536}] => C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{143AB563-65D4-4387-98CC-AF2BD39F55A1}] => C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E4974BB6-4C53-44A2-9A58-A148ECE0A2A4}] => C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{A51FA46F-C318-445A-996D-B1B60A9E90CB}] => C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{CBA8FAC4-C766-4F10-90FA-BC9BDE4F48E6}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{82620B23-260E-430F-BF4F-A922AA2DCCC0}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0FC104D8-3031-443D-A4D3-F8A37DC8BB66}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{51033A78-2D76-4347-9C72-6EA0212B41D7}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D0BF8C78-A07B-4CFC-B5E7-28A80D1A3725}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{8095A811-22FC-4919-980A-A20150201076}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F1B25763-C5C7-4BE4-B636-19536CC918AB}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{634F2A15-D50C-4EE2-92FD-CA837603DEAF}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9E233BEE-F3F1-4F07-9C80-0DCE83DCF424}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{E52384C8-37EC-446A-8FA3-660F101EC0BB}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{BE3837DB-3824-4B7D-803D-5B9CE426AEA1}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{4D77A7CA-60DC-4456-996F-F608D9881E7F}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{F298E007-8453-4F71-B45B-3C670E898A1B}C:\program files (x86)\a3launcher\a3launcher.exe] => C:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [UDP Query User{D9A6EA0F-90AB-43D4-9657-58CAFE79B470}C:\program files (x86)\a3launcher\a3launcher.exe] => C:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [{3655C167-61F9-44E6-88B1-D7D329DFE315}] => C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{78A0CA91-889E-4369-82CF-90C3E91071A5}] => C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [TCP Query User{789343D5-A757-4FD7-9B90-FCDDF7B95299}C:\program files (x86)\a3launcher\a3launcher.exe] => C:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [UDP Query User{5DB4B2AD-1FD9-4DFB-BD35-606FFA4F5162}C:\program files (x86)\a3launcher\a3launcher.exe] => C:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [TCP Query User{886B5C48-E060-47C0-A949-CF3243D07DF8}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{84EDB29D-1EF6-4A55-AC07-2126DD53DBF8}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{DD91FEE7-A0C6-4795-A93A-07F32E2FDBC7}] => C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{0E119C56-66AF-48E8-A14B-3D87855C2A6B}] => C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{0472A01F-9107-4785-8C60-6BAB9F5D33A2}] => C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{39764935-B7F8-44FA-A47F-5F75C27B3E8A}] => C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{56D79119-F0DC-4D64-827E-97157B838410}] => C:\Users\Sabrina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B44AEFC5-346C-45D4-AA96-7608CFA4D821}] => C:\Users\Sabrina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F44F0DE-123E-4C05-8BB8-5553938E05D5}] => C:\Users\Sabrina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49FD1FFD-F9F1-4D4C-B9EB-CF4B6DE841ED}] => C:\Users\Sabrina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{08D68A35-5E3C-4147-98C3-A5447FA7123F}] => C:\Users\Sabrina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{77C4A359-4192-41A6-A069-29F6AD98092A}] => C:\Users\Sabrina\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{AA580077-86BB-404E-BAF9-3808E874248E}C:\users\sabrina\appdata\roaming\spotify\spotify.exe] => C:\users\sabrina\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{429892C6-D3B3-4F68-ADE9-EFC58CD00DDD}C:\users\sabrina\appdata\roaming\spotify\spotify.exe] => C:\users\sabrina\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B4C822D1-82DD-419A-B537-D2189857D503}] => C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{C94A7ABF-FFB4-497C-8CFE-293477CD4663}] => C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [TCP Query User{7D955DBE-0FF1-4323-8364-F6DD058F41F6}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{51D1E818-BE79-46E1-BB0E-F7A4110F8D62}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{E907379C-0D7D-4D1B-B87C-CBFE74BE23E9}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A1874951-B2AE-44CC-8715-0D2C8285667E}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{611DBDC5-5EB8-44F3-AEA1-06F7408AB3B7}C:\users\sabrina\appdata\local\skypeplugin\7.13.0.71\pluginhost.exe] => C:\users\sabrina\appdata\local\skypeplugin\7.13.0.71\pluginhost.exe
FirewallRules: [UDP Query User{8E59FF9A-FD03-4E41-90FA-272E2068E11A}C:\users\sabrina\appdata\local\skypeplugin\7.13.0.71\pluginhost.exe] => C:\users\sabrina\appdata\local\skypeplugin\7.13.0.71\pluginhost.exe
FirewallRules: [{4F450788-8277-4A76-8B43-EB2424824E7B}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{B76A7304-996C-42F9-AADC-E2DEECFE9CB2}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{7447853E-A494-4F05-AB22-11FFD1EDF070}] => C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{CDE52E8E-A282-44E9-A531-F221A83EC085}] => C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{3211CBAC-0C14-4375-B64B-06677C69258A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B1EF1B5D-7AE4-41DD-9833-2EAD4D22C4F3}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1446EA11-5D11-4182-AF62-36E2B7C816AB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B9684CB3-55EC-4150-A712-09F1B84B9E60}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D9BE15ED-4440-42C2-9955-25F04C1A23F6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4AFCCAC-6757-4BA8-9B3A-05F6C8CE2857}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34E509A8-50D3-4B2E-8C05-E332BF9151C6}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F77B75DC-A0A9-4046-8D05-17867457EFB6}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8CAB894B-2D24-4255-B5E2-E89DAE819F7D}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{120A6A45-38E6-48DC-BAB9-1A127C8CEAB4}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{5DDFAF83-59CE-4340-A93D-5755E63D77D4}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe
FirewallRules: [{C14E1C47-7864-4ADA-B2E5-66B22F0FA312}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{5D634A38-D7C1-42B6-8836-52E2E07CD3B0}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{DE4C0E46-44A4-453B-880F-69A6EA97AF2F}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{AB626EBD-AFE1-46F2-A647-2D2E7D5F3C9E}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{119E9AC3-959C-4DA2-B80A-C2A2F26C6E02}] => C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{E9796F8E-D995-4F7C-9272-AEF82F056CA0}] => C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{D4BB4FF3-16D3-48AC-B206-C9DE66EC4A55}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{B6BDF2FB-F91F-47A4-AD51-4BF075F2E55B}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{A4C52D6A-7B44-4AC2-A29F-17C03992188F}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{670E643A-35FE-47E5-BDC6-F529D88A7D28}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{70AFCBF0-E993-47DB-BBA5-2702E14556E1}] => C:\Program Files (x86)\Steam\steamapps\common\Memoria\memoria.exe
FirewallRules: [{9B518A42-B1ED-4D77-8BBE-4618D0556354}] => C:\Program Files (x86)\Steam\steamapps\common\Memoria\memoria.exe
FirewallRules: [{E188DB0A-EF10-486E-AA58-4178D367D8EC}] => C:\Program Files (x86)\Steam\steamapps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{345B74CD-8A43-4C6E-B9FC-01703F80C9C5}] => C:\Program Files (x86)\Steam\steamapps\common\Memoria\VisionaireConfigurationTool.exe
FirewallRules: [{CE547D87-E3B9-443C-8960-D15E2DA2F2F3}] => C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{A9521314-B13A-4177-BC9A-8F06DB2ADFAD}] => C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{B30081E8-1FD6-4CB9-B096-6F71E1599AF6}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{9CDB0625-7DA9-4C00-B8CE-2F5B4F4DF5D6}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{573684DC-7F6D-4C2F-830A-1FC0C0E83BCA}] => C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{43D1F9A2-5E01-4D19-B04C-F8AD48527128}] => C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{E7471AA1-BDF3-4EDD-9D01-644C0C963420}] => C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{F36B95E6-7AF4-4701-A7FD-59E0DE0DD6A5}] => C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [TCP Query User{80869733-BF5E-4073-A42B-03B42E522123}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FE267C0B-FF6B-4E32-9392-8B9B4435E938}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9EB01D13-CEFC-4FFE-9EFD-E4F59DB04708}] => C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{2FBDAC86-D05E-4F92-9CEA-042C7FCAE9AD}] => C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [TCP Query User{8B43A63E-3AE5-476A-ABE6-AB1CC1C366FA}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{5215F406-485A-4C8F-A56E-E8BDD3D65818}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{FD2210F6-4E6A-4C5C-BA9A-21973D8EDFBF}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [TCP Query User{83DA937D-6DB4-4E6C-8405-097EA1BD751E}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{F3C46481-B9CA-40A6-B9A7-510267ADB6D8}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{B7E1D8EF-282A-4F0D-9C1B-4EE5AD824C16}] => C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{5DFD9581-E2DA-41C6-8112-7260D7C99F64}] => C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{57021E97-9EDC-445B-A998-9E3CC8E74F75}] => C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{74725C69-F2C7-48A9-8F4C-1E1C52818BED}] => C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [TCP Query User{78B90D14-36C6-4ABD-B848-45E3BF01684E}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [UDP Query User{C197787C-26B8-4397-A5F5-40BE7C44B9AE}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [{C3DC72E8-2C4D-470F-96F0-C70B5FF53C25}] => C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{B743D5AF-2505-4D40-A891-38683EED9FB4}] => C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{F2EE6533-9661-4755-9B3C-E2456556D800}] => C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D45F8A08-0B28-4A38-A2F1-2308BDD57BD6}] => C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{98D9AD8B-31BD-49E0-97C7-D5ADD8F0F50F}] => C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{6ADC65A2-29F5-49D4-8D03-4691A3B952CC}] => C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{C67F1650-44BF-4F4C-9EBA-D1223ECC774A}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{402D1C89-BABE-4066-9612-92AF4AE91288}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{280F92EC-D66B-479E-97B7-5E4B2318222A}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{628F3934-61B7-4595-BA1A-727013793975}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{A78F60D4-3502-485E-A736-B7A1080B21F1}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{92F9EFF0-59A7-4397-9E04-02832FCEE4EF}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [{CBCD0A71-B3A8-4599-B5C2-209B7F1018CA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{46FBFEEB-2133-4A83-8D56-64A3B74BF199}] => C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{768C09E8-F5E0-415A-B8AB-D480E98BE97A}] => C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{44F04089-07EF-4E40-8B40-5A817C00FEF0}] => C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{C449CE10-E4BB-4AC4-84A1-E5F4D80CCAAF}] => C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{7292CF07-E15A-4B1F-BE92-E1726ABC4421}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{29ED3232-1B7B-42FC-87CE-6DD47A1BFC34}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5D21983C-C037-4D0F-9E48-2A76C7A9F7D8}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{26D1F249-27B9-4DCD-915A-0852F5C85C46}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6AFC1A9B-A955-412E-ABAA-71BD395223EF}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{9E26D9D7-077B-4C62-81DC-06D75AE9FCBE}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{A14A82DD-713B-4437-B803-319A7CC2D626}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{E55E6442-CDC9-4A27-BD7F-1E43810C1A1D}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{E56CA621-558F-4307-A22C-10EAA4ECCA68}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{D3E5F474-F4A5-472C-9D1C-394FB7B0CE71}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

10-01-2017 08:29:45 Geplanter Prüfpunkt
13-01-2017 14:26:37 Driver Booster : Controller der Familie Realtek PCIe GBE
13-01-2017 15:44:06 Installed TOSHIBA HDD/SSD Alert.

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/14/2017 02:06:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SABRINA)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023728. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/13/2017 03:44:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/13/2017 03:26:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SABRINA)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/13/2017 02:37:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SABRINA)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/13/2017 02:27:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/13/2017 11:29:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (01/13/2017 11:28:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/13/2017 11:18:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CurseUI.exe, Version 1.4.12.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 176c

Startzeit: 01d26d85c6c7c313

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\Sabrina\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe

Berichts-ID: 8e60a766-d979-11e6-828c-d8cb8a504abf

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (01/13/2017 06:47:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/13/2017 06:47:40 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.


Systemfehler:
=============
Error: (01/14/2017 02:45:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/14/2017 02:39:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/14/2017 02:39:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎01.‎2017 um 14:10:53 unerwartet heruntergefahren.

Error: (01/14/2017 02:36:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/14/2017 02:11:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/14/2017 02:10:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎01.‎2017 um 13:42:36 unerwartet heruntergefahren.

Error: (01/14/2017 02:07:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/14/2017 02:07:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (01/14/2017 02:06:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/14/2017 02:05:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16328 MB
Verfügbarer physikalischer RAM: 13983.35 MB
Summe virtueller Speicher: 18760 MB
Verfügbarer virtueller Speicher: 16254.19 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.73 GB) (Free:245.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EBA1C5FB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Lani2388 14.01.2017 15:34
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
durchgeführt von Sabrina (Administrator) auf SABRINA (14-01-2017 14:42:20)
Gestartet von C:\Users\Sabrina\Desktop
Geladene Profile: Sabrina (Verfügbare Profile: Sabrina)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.7608.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe\HxTsr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-26] (Microsoft Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-02-24] (TOSHIBA Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [RoccatIsku] => "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
HKLM-x32\...\Run: [RoccatIskuFX] => C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [50899640 2016-09-14] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-14] (Valve Corporation)
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Run: [GoogleChromeAutoLaunch_80ECDFDFF1FFCF1D06BB588B1CF0C0D7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Run: [Spotify Web Helper] => C:\Users\Sabrina\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-01-03] (Spotify Ltd)
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Run: [Spotify] => C:\Users\Sabrina\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-01-03] (Spotify Ltd)
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] ()
Startup: C:\Users\Sabrina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-12-17] ()
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ACHTUNG (Beschränkung - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f149c46e-b66e-4bf3-a541-4f1ab79a990c}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-1969797547-1759999268-3186569588-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1969797547-1759999268-3186569588-1001 -> DefaultScope {ielnksrch} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1969797547-1759999268-3186569588-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=TOSHIBAXDT01ACA100_45MJR0BNSXX45MJR0BNSX&ts=1437824782&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1969797547-1759999268-3186569588-1001 -> {ielnksrch} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{53B7519A-C138-4D5E-8153-B9691D0D0B47}] - C:\Windows\Installer\{87E6EC52-61F1-4964-AD71-13DF01C43FFF}\{53B7519A-C138-4D5E-8153-B9691D0D0B47}.xpi
FF Extension: (Download Protect) - C:\Windows\Installer\{87E6EC52-61F1-4964-AD71-13DF01C43FFF}\{53B7519A-C138-4D5E-8153-B9691D0D0B47}.xpi [2016-01-16]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Default [2015-09-11]
CHR Profile: C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-14]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-25]
CHR Extension: (BetterTTV) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-07-27]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-25]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Skype Calling) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-01-27]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-25]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Little Alchemy) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-08-03]
CHR Extension: (Download Protect) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nacdabinloodojiipclgccibecfakifk [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Kein Name) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-25]
CHR Extension: (Chrome Media Router) - C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\Sabrina\AppData\Local\Google\Chrome\User Data\System Profile [2015-08-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-14] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-12-29] (BitRaider, LLC)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-12-12] (EasyAntiCheat Ltd)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-12] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-12-29] (BitRaider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-10-07] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-01-13] (REALiX(tm))
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2017-01-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-13] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2017-01-13] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-14 14:42 - 2017-01-14 14:42 - 00017033 _____ C:\Users\Sabrina\Desktop\FRST.txt
2017-01-14 14:27 - 2017-01-13 15:20 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-14 14:25 - 2017-01-14 14:32 - 00069346 _____ C:\Users\Sabrina\Downloads\Addition.txt
2017-01-14 14:20 - 2017-01-14 14:42 - 00000000 ____D C:\FRST
2017-01-14 14:20 - 2017-01-14 14:28 - 00066511 _____ C:\Users\Sabrina\Downloads\FRST.txt
2017-01-14 14:20 - 2017-01-14 14:20 - 02419200 _____ (Farbar) C:\Users\Sabrina\Desktop\FRST64.exe
2017-01-13 15:46 - 2017-01-13 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-01-13 15:46 - 2017-01-13 15:46 - 00000000 ____D C:\Program Files\TOSHIBA
2017-01-13 15:43 - 2017-01-13 15:43 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\WinBatch
2017-01-13 15:40 - 2017-01-13 15:43 - 34588384 _____ C:\Users\Sabrina\Downloads\tc00143401a.exe
2017-01-13 15:21 - 2017-01-13 15:21 - 00003472 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Sabrina
2017-01-13 15:21 - 2017-01-13 15:21 - 00001431 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-01-13 15:21 - 2017-01-13 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-01-13 14:44 - 2017-01-13 14:45 - 06776960 _____ (ESET spol. s r.o.) C:\Users\Sabrina\Downloads\ESETOnlineScanner_DEU (1).exe
2017-01-13 14:31 - 2017-01-13 14:31 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-01-13 14:31 - 2017-01-13 14:31 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-01-13 14:31 - 2017-01-13 14:31 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-01-13 14:30 - 2017-01-13 14:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-13 14:30 - 2017-01-13 14:31 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 00946696 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-01-13 14:30 - 2017-01-13 14:30 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2017-01-13 14:30 - 2017-01-13 14:30 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-01-13 14:29 - 2017-01-13 14:29 - 01469952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2017-01-13 14:29 - 2017-01-13 14:29 - 01077248 _____ C:\WINDOWS\system32\AmRdrIco.icl
2017-01-13 14:29 - 2017-01-13 14:29 - 00090264 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2017-01-13 14:29 - 2017-01-13 14:29 - 00041952 _____ C:\WINDOWS\system32\AmUStor.ini
2017-01-13 14:29 - 2017-01-13 14:29 - 00020632 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor2.dll
2017-01-13 14:29 - 2017-01-13 14:29 - 00000640 _____ C:\WINDOWS\system32\VendorCmd6435.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000124 _____ C:\WINDOWS\system32\VendorCmd6485_SetSSC.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000032 _____ C:\WINDOWS\system32\VendorCommand_MS1bit.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000032 _____ C:\WINDOWS\system32\VendorCmd6485.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000032 _____ C:\WINDOWS\system32\VendorCmd6465.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000008 _____ C:\WINDOWS\system32\CardDetect6485.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000008 _____ C:\WINDOWS\system32\CardDetect6420.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000008 _____ C:\WINDOWS\system32\CardDetect6366.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000008 _____ C:\WINDOWS\system32\CardDetect6362.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000008 _____ C:\WINDOWS\system32\CardDetect6361.bin
2017-01-13 14:29 - 2017-01-13 14:29 - 00000008 _____ C:\WINDOWS\system32\CardDetect6339.bin
2017-01-13 14:15 - 2017-01-14 14:16 - 00003030 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Sabrina)
2017-01-13 14:15 - 2017-01-13 15:21 - 00000000 ____D C:\Users\Sabrina\AppData\LocalLow\IObit
2017-01-13 14:15 - 2017-01-13 15:21 - 00000000 ____D C:\ProgramData\ProductData
2017-01-13 14:15 - 2017-01-13 15:21 - 00000000 ____D C:\ProgramData\IObit
2017-01-13 14:15 - 2017-01-13 15:21 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-13 14:15 - 2017-01-13 14:33 - 00002369 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-01-13 14:15 - 2017-01-13 14:15 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-01-13 14:15 - 2017-01-13 14:15 - 00003382 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-01-13 14:15 - 2017-01-13 14:15 - 00000000 ____D C:\WINDOWS\IObit
2017-01-13 14:15 - 2017-01-13 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-01-13 14:14 - 2017-01-13 15:28 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\IObit
2017-01-13 14:14 - 2017-01-13 14:14 - 17628560 _____ (IObit ) C:\Users\Sabrina\Downloads\driver_booster_setup.exe
2017-01-13 14:05 - 2017-01-13 14:05 - 06776960 _____ (ESET spol. s r.o.) C:\Users\Sabrina\Downloads\ESETOnlineScanner_DEU.exe
2017-01-13 14:05 - 2017-01-13 14:05 - 00000000 ____D C:\Users\Sabrina\AppData\Local\ESET
2017-01-13 07:46 - 2017-01-13 07:51 - 00000000 ____D C:\Users\Sabrina\Desktop\Neuer Ordner (2)
2017-01-11 14:07 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 14:07 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 14:07 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 14:07 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 14:07 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 14:07 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 14:07 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 14:07 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 14:07 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 14:07 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 14:07 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 14:07 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 14:07 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 14:07 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 14:07 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 14:07 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 14:07 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 14:07 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 14:07 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 14:07 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 14:07 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 14:07 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 14:07 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 14:07 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 14:07 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 14:07 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 14:07 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 14:07 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 14:07 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 14:07 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 14:07 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 14:07 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 14:07 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 14:07 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 14:07 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 14:07 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 14:07 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 14:07 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 14:07 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 14:07 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 14:07 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 14:07 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 14:07 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 14:07 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 14:07 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 14:07 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 14:07 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 14:07 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 14:07 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 14:07 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 14:07 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 14:07 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 14:07 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 14:07 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:07 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 14:07 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 14:07 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 14:07 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 14:07 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 14:07 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 14:07 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 14:07 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 14:07 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 14:07 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 14:07 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 14:07 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 14:07 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 14:07 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 14:07 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 14:07 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 14:07 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 14:07 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 14:07 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 14:07 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 14:07 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 14:07 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 14:07 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 14:07 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 14:07 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 14:07 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 14:07 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 14:07 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 14:07 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 14:07 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 14:07 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 14:07 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 14:07 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 14:07 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 14:07 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 14:07 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 14:07 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 14:07 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:07 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 14:07 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 14:07 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 14:07 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 14:07 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 14:07 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 14:07 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 14:07 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 14:07 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 14:07 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 14:07 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 14:07 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 14:07 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 14:07 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 14:07 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 14:07 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 14:07 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 14:07 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 14:07 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 14:07 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 14:07 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 14:07 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 14:07 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 14:07 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 14:07 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 14:07 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 14:07 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 14:07 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 14:07 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 14:07 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 14:07 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 14:07 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 14:07 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:07 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 14:07 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 14:07 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 14:06 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 14:06 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 14:06 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 14:06 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 14:06 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 14:06 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 14:06 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 14:06 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 14:06 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 14:06 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 14:06 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 14:06 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 14:06 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 14:06 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 14:06 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 14:06 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 14:06 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 14:06 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 14:06 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 14:06 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 14:06 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 14:06 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 14:06 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 14:06 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 14:06 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 14:06 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 14:06 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 14:06 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 14:06 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 14:06 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 14:06 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 14:06 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:06 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 14:06 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 14:06 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 14:06 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 14:06 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 14:06 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 09:04 - 2017-01-10 09:04 - 00000000 ____D C:\Users\Sabrina\AppData\Local\TeamSpeak 3
2017-01-10 09:04 - 2017-01-10 09:04 - 00000000 ____D C:\Users\Sabrina\.TeamSpeak 3
2017-01-09 16:06 - 2017-01-09 16:06 - 00000000 ____D C:\Users\Sabrina\Downloads\Dino-Baby-Pictures (1)
2017-01-09 16:04 - 2017-01-09 16:04 - 00002065 _____ C:\Users\Sabrina\Desktop\MyPaintings - Verknüpfung.lnk
2017-01-09 15:59 - 2017-01-09 15:59 - 00001098 _____ C:\Users\Sabrina\Desktop\Converter With Templates - Verknüpfung.lnk
2017-01-09 14:53 - 2017-01-09 14:53 - 00000000 ____D C:\Users\Sabrina\Downloads\Converter With Templates
2017-01-08 14:41 - 2017-01-08 14:41 - 00000222 _____ C:\Users\Sabrina\Desktop\ARK Survival Evolved.url
2017-01-05 14:16 - 2017-01-05 14:47 - 00000000 ____D C:\Users\Sabrina\Desktop\7Days
2016-12-29 22:55 - 2016-12-29 22:55 - 00001560 _____ C:\Users\Sabrina\Desktop\Star Wars - The Old Republic.lnk
2016-12-29 20:30 - 2016-12-29 20:30 - 00000000 ____D C:\Users\Sabrina\Documents\HeroBlade Logs
2016-12-29 20:30 - 2016-12-29 20:30 - 00000000 ____D C:\Users\Sabrina\AppData\Local\SWTOR
2016-12-29 11:41 - 2016-12-29 11:41 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2016-12-29 11:41 - 2016-12-29 11:41 - 00000000 ____D C:\ProgramData\BitRaider
2016-12-29 11:40 - 2016-12-29 11:40 - 00000000 ____D C:\Users\Sabrina\AppData\Local\SWTORPerf
2016-12-29 11:37 - 2016-12-29 11:38 - 00014194 _____ C:\Users\Sabrina\Documents\Install STAR WARS The Old Republic.log
2016-12-29 11:37 - 2016-12-29 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2016-12-29 11:37 - 2016-12-29 11:37 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-12-27 13:33 - 2016-12-27 13:56 - 00000000 ____D C:\Users\Sabrina\Desktop\Neuer Ordner
2016-12-27 13:02 - 2016-05-15 12:44 - 05273314 _____ C:\Users\Sabrina\Desktop\20160515_124400.jpg
2016-12-26 20:36 - 2016-12-26 20:38 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\RavensburgerTipToi3
2016-12-26 20:36 - 2016-12-26 20:36 - 00002113 _____ C:\Users\Public\Desktop\tiptoi® Manager.lnk
2016-12-26 20:36 - 2016-12-26 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2016-12-26 20:35 - 2016-12-26 20:36 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager Deinstallationsprogramm.lnk
2016-12-26 20:35 - 2016-12-26 20:35 - 00002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi.lnk
2016-12-26 20:35 - 2016-12-26 20:35 - 00000000 ____D C:\ProgramData\RavensburgerTipToi3
2016-12-26 20:35 - 2016-12-26 20:35 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2016-12-16 08:53 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-16 08:53 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-16 08:53 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-16 08:53 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-16 08:53 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-16 08:53 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-16 08:53 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-16 08:53 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-16 08:53 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-16 08:53 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-16 08:53 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-16 08:53 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-16 08:53 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-16 08:53 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-16 08:53 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-16 08:53 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-16 08:53 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-16 08:53 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-16 08:53 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-16 08:53 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-16 08:53 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-16 08:53 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-16 08:53 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-16 08:53 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-16 08:53 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-16 08:53 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-16 08:53 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-16 08:53 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-16 08:53 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-16 08:53 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-16 08:53 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-16 08:53 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-16 08:53 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-16 08:53 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-16 08:53 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-16 08:53 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-16 08:53 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-16 08:53 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-16 08:53 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-16 08:53 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-16 08:53 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-16 08:53 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-16 08:53 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-16 08:53 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-16 08:53 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-16 08:53 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-16 08:53 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-16 08:53 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-16 08:53 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-16 08:53 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-16 08:53 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-16 08:53 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-16 08:53 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-16 08:53 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-16 08:53 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-16 08:53 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-16 08:53 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-16 08:53 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-16 08:53 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-16 08:53 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-16 08:53 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-16 08:53 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-16 08:53 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-16 08:53 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-16 08:53 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-16 08:53 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-16 08:53 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-16 08:53 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-16 08:53 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-16 08:53 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-16 08:53 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-16 08:53 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-16 08:53 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-16 08:53 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-16 08:53 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-16 08:53 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-16 08:53 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-16 08:53 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-16 08:53 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-16 08:53 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-16 08:53 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-16 08:53 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-14 14:41 - 2015-07-25 12:54 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-14 14:39 - 2016-09-26 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-14 14:39 - 2016-09-26 07:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-14 14:36 - 2016-09-26 07:21 - 00000000 ____D C:\Users\Sabrina
2017-01-14 14:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-14 14:36 - 2015-07-25 12:40 - 00000000 __RDO C:\Users\Sabrina\OneDrive
2017-01-14 14:10 - 2015-07-25 14:28 - 00000000 ____D C:\Program Files (x86)\Avira
2017-01-14 14:05 - 2015-07-25 13:30 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\TS3Client
2017-01-14 11:52 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-14 11:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-13 20:19 - 2016-06-07 11:26 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\StardewValley
2017-01-13 15:30 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-13 15:19 - 2015-07-25 13:44 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-13 15:17 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-13 14:35 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-13 14:33 - 2016-09-26 07:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-13 14:33 - 2016-09-26 07:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-13 14:33 - 2016-09-26 07:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-13 14:33 - 2015-12-10 08:15 - 00000000 ____D C:\Program Files\{76B45727-5B36-4F1B-B0FC-1AF4B8A2BF1B}
2017-01-13 14:32 - 2016-09-26 07:16 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-13 14:31 - 2016-08-02 22:52 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2017-01-13 14:31 - 2016-07-16 23:51 - 00559220 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-13 14:31 - 2016-07-16 23:51 - 00106502 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-13 14:31 - 2016-05-04 19:04 - 01585112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-13 14:30 - 2016-08-26 23:30 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-01-13 14:30 - 2016-08-26 23:30 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-01-13 14:30 - 2016-08-26 23:26 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-01-13 14:30 - 2016-05-23 19:55 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-01-13 14:28 - 2016-01-19 21:50 - 00204896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-01-13 11:36 - 2015-07-25 12:38 - 00000000 ____D C:\Users\Sabrina\AppData\Local\Packages
2017-01-13 11:35 - 2016-10-02 17:25 - 00000000 ____D C:\Users\Sabrina\AppData\Local\Deployment
2017-01-13 11:31 - 2016-02-28 07:22 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-01-13 11:29 - 2015-11-28 18:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-13 11:27 - 2015-11-28 08:21 - 00000000 ____D C:\Program Files (x86)\A3Launcher
2017-01-13 08:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 07:28 - 2015-08-17 22:12 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-01-13 07:27 - 2015-07-25 16:02 - 00000000 ____D C:\Users\Sabrina\AppData\Local\Battle.net
2017-01-13 07:16 - 2015-07-25 16:04 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2017-01-13 07:15 - 2016-11-25 19:31 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-01-13 07:05 - 2015-07-25 16:02 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-12 07:57 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 07:55 - 2016-09-26 07:13 - 00226608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 22:54 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 21:32 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 21:26 - 2015-07-29 16:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 21:24 - 2015-07-29 16:50 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 09:14 - 2015-07-28 18:55 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\OBS
2017-01-10 09:03 - 2015-07-25 13:30 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-01-09 16:06 - 2016-03-25 17:31 - 00065556 _____ C:\Users\Sabrina\Downloads\tri_sign_paintingcanvas_c.pnt
2017-01-09 16:06 - 2016-03-25 17:31 - 00065556 _____ C:\Users\Sabrina\Downloads\steguinho_sign_paintingcanvas_c.pnt
2017-01-09 16:06 - 2016-03-25 17:31 - 00065556 _____ C:\Users\Sabrina\Downloads\ptero_babydark_sign_paintingcanvas_c.pnt
2017-01-09 16:06 - 2016-03-25 17:31 - 00065556 _____ C:\Users\Sabrina\Downloads\ptero_baby_sign_paintingcanvas_c.pnt
2017-01-09 16:06 - 2016-03-25 17:31 - 00065556 _____ C:\Users\Sabrina\Downloads\horacio_baby_sign_paintingcanvas_c.pnt
2017-01-09 16:06 - 2016-03-25 17:31 - 00065556 _____ C:\Users\Sabrina\Downloads\dino_human_baby_sign_paintingcanvas_c.pnt
2017-01-08 14:43 - 2015-10-26 09:26 - 00000000 ____D C:\Users\Sabrina\AppData\Local\CrashDumps
2017-01-05 15:13 - 2015-09-05 18:10 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\FileZilla
2017-01-04 20:33 - 2016-12-12 19:57 - 00549112 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-01-03 20:15 - 2015-12-09 12:15 - 00000000 ____D C:\Users\Sabrina\AppData\Roaming\Spotify
2017-01-03 20:10 - 2015-12-09 12:16 - 00000000 ____D C:\Users\Sabrina\AppData\Local\Spotify
2016-12-29 11:41 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Public\Documents
2016-12-29 11:37 - 2015-07-25 12:46 - 00000000 _____ C:\END
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-17 22:46 - 2016-09-26 07:45 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 22:46 - 2016-09-26 07:45 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 11:17 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-17 07:36 - 2016-06-15 10:22 - 00000000 ____D C:\Program Files (x86)\World of Warcraft Beta
2016-12-17 07:36 - 2015-12-17 08:38 - 00000000 ____D C:\World of Warcraft Classic
2016-12-16 12:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE
2016-12-16 12:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\de-DE
2016-12-16 12:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-16 12:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-15 07:40 - 2015-07-25 13:14 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-11-27 12:03 - 2016-11-27 12:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Program Files (x86)\Google\Chrome\Application\wtsapi32.dll


Einige Dateien in TEMP:
====================
C:\Users\Sabrina\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-09 08:09

==================== Ende von FRST.txt ============================

cosinus 14.01.2017 15:45
Datenträgerauslastung ist was anderes als 100 % Auslastung Windows Defender :wtf:

Datenträger ist zB eine Festplatte, SSD oder USB-Stick
Der Windows Defender ist der von Microsoft fest in Windows eingebaute Virenscanner


Du hast da einiges an Junkware drauf...


1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Lani2388 14.01.2017 17:58
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.14.02
  rootkit: v2016.11.20.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
Sabrina :: SABRINA [administrator]

14.01.2017 15:55:56
mbar-log-2017-01-14 (15-55-56).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 347900
Time elapsed: 1 hour(s), 16 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Sabrina\Desktop\GameZone\Battlefield\fff-ea117.exe (RiskWare.Tool.CK) -> Delete on reboot. [02c890eb644460d610977c73679c09f7]
C:\Users\Sabrina\Desktop\GameZone\Call of Duty\Call Of Duty 4 - Modern Warfare\keygen.exe (CrackTool.Agent) -> Delete on reboot. [a6245b20693f270f3d661cb8fc047f81]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.14.02
  rootkit: v2016.11.20.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
Sabrina :: SABRINA [administrator]

14.01.2017 17:19:21
mbar-log-2017-01-14 (17-19-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 346999
Time elapsed: 33 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
das sind die beiden Mbar sachen

Und hier der Tdsskiller

Code:
17:54:09.0246 0x1318  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
17:54:19.0437 0x1318  ============================================================
17:54:19.0437 0x1318  Current date / time: 2017/01/14 17:54:19.0437
17:54:19.0437 0x1318  SystemInfo:
17:54:19.0437 0x1318 
17:54:19.0437 0x1318  OS Version: 10.0.14393 ServicePack: 0.0
17:54:19.0437 0x1318  Product type: Workstation
17:54:19.0437 0x1318  ComputerName: SABRINA
17:54:19.0438 0x1318  UserName: Sabrina
17:54:19.0438 0x1318  Windows directory: C:\WINDOWS
17:54:19.0438 0x1318  System windows directory: C:\WINDOWS
17:54:19.0438 0x1318  Running under WOW64
17:54:19.0438 0x1318  Processor architecture: Intel x64
17:54:19.0438 0x1318  Number of processors: 8
17:54:19.0438 0x1318  Page size: 0x1000
17:54:19.0438 0x1318  Boot type: Normal boot
17:54:19.0438 0x1318  CodeIntegrityOptions = 0x00000001
17:54:19.0438 0x1318  ============================================================
17:54:19.0989 0x1318  KLMD registered as C:\WINDOWS\system32\drivers\09562194.sys
17:54:19.0989 0x1318  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
17:54:20.0501 0x1318  System UUID: {DE5ECD0E-3269-E80D-5BD0-312B86A8684D}
17:54:21.0032 0x1318  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:54:21.0045 0x1318  ============================================================
17:54:21.0045 0x1318  \Device\Harddisk0\DR0:
17:54:21.0059 0x1318  MBR partitions:
17:54:21.0059 0x1318  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
17:54:21.0059 0x1318  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74575800
17:54:21.0059 0x1318  ============================================================
17:54:21.0115 0x1318  C: <-> \Device\Harddisk0\DR0\Partition2
17:54:21.0115 0x1318  ============================================================
17:54:21.0115 0x1318  Initialize success
17:54:21.0115 0x1318  ============================================================
17:54:53.0478 0x1648  ============================================================
17:54:53.0478 0x1648  Scan started
17:54:53.0478 0x1648  Mode: Manual; SigCheck; TDLFS;
17:54:53.0478 0x1648  ============================================================
17:54:53.0478 0x1648  KSN ping started
17:54:53.0589 0x1648  KSN ping finished: true
17:55:02.0133 0x1648  ================ Scan system memory ========================
17:55:02.0133 0x1648  System memory - ok
17:55:02.0133 0x1648  ================ Scan services =============================
17:55:02.0304 0x1648  1394ohci - ok
17:55:02.0306 0x1648  3ware - ok
17:55:02.0335 0x1648  ACPI - ok
17:55:02.0337 0x1648  AcpiDev - ok
17:55:02.0339 0x1648  acpiex - ok
17:55:02.0341 0x1648  acpipagr - ok
17:55:02.0370 0x1648  AcpiPmi - ok
17:55:02.0372 0x1648  acpitime - ok
17:55:02.0375 0x1648  ADP80XX - ok
17:55:02.0383 0x1648  AFD - ok
17:55:02.0390 0x1648  ahcache - ok
17:55:02.0396 0x1648  AJRouter - ok
17:55:02.0409 0x1648  ALG - ok
17:55:02.0411 0x1648  AmdK8 - ok
17:55:02.0413 0x1648  AmdPPM - ok
17:55:02.0414 0x1648  amdsata - ok
17:55:02.0416 0x1648  amdsbs - ok
17:55:02.0418 0x1648  amdxata - ok
17:55:02.0492 0x1648  [ 809D92855656EFC1D71C980582F7FF8B, 01B551CEC0CFD50CA88EB49AA3F68EEEAE34DFE31E6CA37DA106B3C49CF7FA81 ] AmUStor        C:\WINDOWS\system32\drivers\AmUStor.SYS
17:55:02.0515 0x1648  AmUStor - ok
17:55:02.0519 0x1648  AppID - ok
17:55:02.0521 0x1648  AppIDSvc - ok
17:55:02.0542 0x1648  Appinfo - ok
17:55:02.0544 0x1648  applockerfltr - ok
17:55:02.0559 0x1648  AppReadiness - ok
17:55:02.0579 0x1648  AppXSvc - ok
17:55:02.0581 0x1648  arcsas - ok
17:55:02.0583 0x1648  AsyncMac - ok
17:55:02.0637 0x1648  atapi - ok
17:55:02.0639 0x1648  AudioEndpointBuilder - ok
17:55:02.0666 0x1648  Audiosrv - ok
17:55:02.0668 0x1648  AxInstSV - ok
17:55:02.0696 0x1648  b06bdrv - ok
17:55:02.0698 0x1648  BasicDisplay - ok
17:55:02.0700 0x1648  BasicRender - ok
17:55:02.0702 0x1648  bcmfn - ok
17:55:02.0704 0x1648  bcmfn2 - ok
17:55:02.0706 0x1648  BDESVC - ok
17:55:02.0722 0x1648  Beep - ok
17:55:02.0843 0x1648  [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService      C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:55:02.0865 0x1648  BEService - ok
17:55:02.0891 0x1648  BFE - ok
17:55:02.0896 0x1648  BITS - ok
17:55:02.0905 0x1648  bowser - ok
17:55:02.0977 0x1648  [ 7487B46E104303E247F68D485C12326F, BAC6A4FFD5B4009B4B673479630FAA2784618438925DFB6489F07BF163188114 ] BRDriver64_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys
17:55:02.0981 0x1648  BRDriver64_1_3_3_E02B25FC - ok
17:55:03.0006 0x1648  BrokerInfrastructure - ok
17:55:03.0015 0x1648  Browser - ok
17:55:03.0047 0x1648  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub      C:\ProgramData\BitRaider\BRSptStub.exe
17:55:03.0055 0x1648  BRSptStub - ok
17:55:03.0087 0x1648  BthAvrcpTg - ok
17:55:03.0089 0x1648  BthHFEnum - ok
17:55:03.0090 0x1648  bthhfhid - ok
17:55:03.0100 0x1648  BthHFSrv - ok
17:55:03.0102 0x1648  BTHMODEM - ok
17:55:03.0114 0x1648  bthserv - ok
17:55:03.0121 0x1648  buttonconverter - ok
17:55:03.0122 0x1648  CapImg - ok
17:55:03.0124 0x1648  cdfs - ok
17:55:03.0137 0x1648  CDPSvc - ok
17:55:03.0166 0x1648  CDPUserSvc - ok
17:55:03.0221 0x1648  cdrom - ok
17:55:03.0259 0x1648  CertPropSvc - ok
17:55:03.0261 0x1648  cht4iscsi - ok
17:55:03.0263 0x1648  cht4vbd - ok
17:55:03.0264 0x1648  circlass - ok
17:55:03.0290 0x1648  CLFS - ok
17:55:03.0292 0x1648  ClipSVC - ok
17:55:03.0293 0x1648  clreg - ok
17:55:03.0297 0x1648  CmBatt - ok
17:55:03.0299 0x1648  CNG - ok
17:55:03.0300 0x1648  cnghwassist - ok
17:55:03.0355 0x1648  CompositeBus - ok
17:55:03.0357 0x1648  COMSysApp - ok
17:55:03.0359 0x1648  condrv - ok
17:55:03.0381 0x1648  CoreMessagingRegistrar - ok
17:55:03.0392 0x1648  CryptSvc - ok
17:55:03.0397 0x1648  dam - ok
17:55:03.0408 0x1648  DcomLaunch - ok
17:55:03.0420 0x1648  DcpSvc - ok
17:55:03.0425 0x1648  defragsvc - ok
17:55:03.0434 0x1648  DeviceAssociationService - ok
17:55:03.0436 0x1648  DeviceInstall - ok
17:55:03.0449 0x1648  DevQueryBroker - ok
17:55:03.0475 0x1648  Dfsc - ok
17:55:03.0531 0x1648  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:55:03.0538 0x1648  dg_ssudbus - ok
17:55:03.0564 0x1648  Dhcp - ok
17:55:03.0674 0x1648  diagnosticshub.standardcollector.service - ok
17:55:03.0709 0x1648  DiagTrack - ok
17:55:03.0746 0x1648  disk - ok
17:55:03.0766 0x1648  DmEnrollmentSvc - ok
17:55:03.0767 0x1648  dmvsc - ok
17:55:03.0769 0x1648  dmwappushservice - ok
17:55:03.0814 0x1648  Dnscache - ok
17:55:03.0817 0x1648  dot3svc - ok
17:55:03.0818 0x1648  DPS - ok
17:55:03.0863 0x1648  drmkaud - ok
17:55:03.0874 0x1648  DsmSvc - ok
17:55:03.0876 0x1648  DsSvc - ok
17:55:03.0888 0x1648  DXGKrnl - ok
17:55:03.0892 0x1648  EapHost - ok
17:55:03.0894 0x1648  EasyAntiCheat - ok
17:55:03.0895 0x1648  ebdrv - ok
17:55:03.0936 0x1648  EFS - ok
17:55:03.0938 0x1648  EhStorClass - ok
17:55:03.0953 0x1648  EhStorTcgDrv - ok
17:55:03.0965 0x1648  embeddedmode - ok
17:55:03.0973 0x1648  EntAppSvc - ok
17:55:03.0975 0x1648  ErrDev - ok
17:55:03.0978 0x1648  EventSystem - ok
17:55:03.0979 0x1648  exfat - ok
17:55:03.0981 0x1648  fastfat - ok
17:55:03.0988 0x1648  Fax - ok
17:55:03.0989 0x1648  fdc - ok
17:55:03.0991 0x1648  fdPHost - ok
17:55:04.0002 0x1648  FDResPub - ok
17:55:04.0050 0x1648  fhsvc - ok
17:55:04.0063 0x1648  FileCrypt - ok
17:55:04.0065 0x1648  FileInfo - ok
17:55:04.0066 0x1648  Filetrace - ok
17:55:04.0068 0x1648  flpydisk - ok
17:55:04.0069 0x1648  FltMgr - ok
17:55:04.0104 0x1648  FontCache - ok
17:55:04.0283 0x1648  FontCache3.0.0.0 - ok
17:55:04.0309 0x1648  FrameServer - ok
17:55:04.0311 0x1648  FsDepends - ok
17:55:04.0314 0x1648  Fs_Rec - ok
17:55:04.0335 0x1648  fvevol - ok
17:55:04.0337 0x1648  gencounter - ok
17:55:04.0355 0x1648  genericusbfn - ok
17:55:04.0356 0x1648  GPIOClx0101 - ok
17:55:04.0358 0x1648  gpsvc - ok
17:55:04.0359 0x1648  GpuEnergyDrv - ok
17:55:04.0432 0x1648  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:55:04.0437 0x1648  gupdate - ok
17:55:04.0441 0x1648  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:55:04.0446 0x1648  gupdatem - ok
17:55:04.0466 0x1648  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi        C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
17:55:04.0475 0x1648  Hamachi - ok
17:55:04.0497 0x1648  HdAudAddService - ok
17:55:04.0499 0x1648  HDAudBus - ok
17:55:04.0501 0x1648  HidBatt - ok
17:55:04.0502 0x1648  HidBth - ok
17:55:04.0504 0x1648  hidi2c - ok
17:55:04.0534 0x1648  hidinterrupt - ok
17:55:04.0572 0x1648  HidIr - ok
17:55:04.0626 0x1648  hidserv - ok
17:55:04.0656 0x1648  HidUsb - ok
17:55:04.0683 0x1648  HomeGroupListener - ok
17:55:04.0687 0x1648  HomeGroupProvider - ok
17:55:04.0689 0x1648  HpSAMD - ok
17:55:04.0700 0x1648  HTTP - ok
17:55:04.0715 0x1648  HvHost - ok
17:55:04.0733 0x1648  hvservice - ok
17:55:04.0865 0x1648  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS
17:55:04.0869 0x1648  HWiNFO32 - ok
17:55:04.0872 0x1648  hwpolicy - ok
17:55:04.0896 0x1648  hyperkbd - ok
17:55:04.0939 0x1648  i8042prt - ok
17:55:04.0941 0x1648  iagpio - ok
17:55:04.0942 0x1648  iai2c - ok
17:55:04.0944 0x1648  iaLPSS2i_GPIO2 - ok
17:55:04.0945 0x1648  iaLPSS2i_I2C - ok
17:55:04.0947 0x1648  iaLPSSi_GPIO - ok
17:55:04.0948 0x1648  iaLPSSi_I2C - ok
17:55:05.0039 0x1648  [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
17:55:05.0063 0x1648  iaStorA - ok
17:55:05.0066 0x1648  iaStorAV - ok
17:55:05.0067 0x1648  iaStorV - ok
17:55:05.0069 0x1648  ibbus - ok
17:55:05.0095 0x1648  icssvc - ok
17:55:05.0101 0x1648  IKEEXT - ok
17:55:05.0121 0x1648  IndirectKmd - ok
17:55:05.0232 0x1648  [ A8FD69E79BF0468DA0C09983AF960C04, 7F87EB5BDA29D7EE3B20887EFE511CEBD5F11490E2C098DF359F7766BC23D769 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:55:05.0304 0x1648  IntcAzAudAddService - ok
17:55:05.0338 0x1648  intelide - ok
17:55:05.0340 0x1648  intelpep - ok
17:55:05.0346 0x1648  intelppm - ok
17:55:05.0438 0x1648  [ CD6FE4D2E29D70D9E2AA587DE5978A15, 03BA3338E0178FCB6FC7792FE4BB2B836CEA8B791D53DD4E273AB48621397DC5 ] IObitUnSvr      C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
17:55:05.0446 0x1648  IObitUnSvr - ok
17:55:05.0472 0x1648  iorate - ok
17:55:05.0474 0x1648  IpFilterDriver - ok
17:55:05.0503 0x1648  iphlpsvc - ok
17:55:05.0505 0x1648  IPMIDRV - ok
17:55:05.0530 0x1648  IPNAT - ok
17:55:05.0533 0x1648  irda - ok
17:55:05.0535 0x1648  IRENUM - ok
17:55:05.0540 0x1648  irmon - ok
17:55:05.0542 0x1648  isapnp - ok
17:55:05.0543 0x1648  iScsiPrt - ok
17:55:05.0597 0x1648  kbdclass - ok
17:55:05.0607 0x1648  kbdhid - ok
17:55:05.0617 0x1648  kdnic - ok
17:55:05.0628 0x1648  KeyIso - ok
17:55:05.0629 0x1648  KSecDD - ok
17:55:05.0641 0x1648  KSecPkg - ok
17:55:05.0643 0x1648  ksthunk - ok
17:55:05.0654 0x1648  KtmRm - ok
17:55:05.0659 0x1648  LanmanServer - ok
17:55:05.0669 0x1648  LanmanWorkstation - ok
17:55:05.0671 0x1648  lfsvc - ok
17:55:05.0679 0x1648  LicenseManager - ok
17:55:05.0681 0x1648  lltdio - ok
17:55:05.0682 0x1648  lltdsvc - ok
17:55:05.0686 0x1648  lmhosts - ok
17:55:05.0689 0x1648  LSI_SAS - ok
17:55:05.0690 0x1648  LSI_SAS2i - ok
17:55:05.0701 0x1648  LSI_SAS3i - ok
17:55:05.0703 0x1648  LSI_SSS - ok
17:55:05.0704 0x1648  LSM - ok
17:55:05.0713 0x1648  luafv - ok
17:55:05.0725 0x1648  MapsBroker - ok
17:55:05.0726 0x1648  megasas - ok
17:55:05.0759 0x1648  megasas2i - ok
17:55:05.0761 0x1648  megasr - ok
17:55:05.0812 0x1648  [ C4A4BE9C6EDA9640F272B48FC0AB4F06, 8A9BE9FACDDBEBDF47ACB86D5DDC0DD3E5F90EDE1E93B59F9E92375E5CB2ACD6 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
17:55:05.0821 0x1648  MEIx64 - ok
17:55:05.0848 0x1648  MessagingService - ok
17:55:05.0878 0x1648  mlx4_bus - ok
17:55:05.0905 0x1648  MMCSS - ok
17:55:05.0906 0x1648  Modem - ok
17:55:05.0913 0x1648  monitor - ok
17:55:05.0915 0x1648  mouclass - ok
17:55:05.0916 0x1648  mouhid - ok
17:55:05.0918 0x1648  mountmgr - ok
17:55:05.0920 0x1648  mpsdrv - ok
17:55:05.0921 0x1648  MpsSvc - ok
17:55:05.0923 0x1648  MRxDAV - ok
17:55:05.0935 0x1648  mrxsmb - ok
17:55:05.0936 0x1648  mrxsmb10 - ok
17:55:05.0944 0x1648  mrxsmb20 - ok
17:55:05.0946 0x1648  MsBridge - ok
17:55:05.0956 0x1648  MSDTC - ok
17:55:05.0966 0x1648  Msfs - ok
17:55:05.0968 0x1648  msgpiowin32 - ok
17:55:05.0970 0x1648  mshidkmdf - ok
17:55:05.0972 0x1648  mshidumdf - ok
17:55:05.0973 0x1648  msisadrv - ok
17:55:05.0985 0x1648  MSiSCSI - ok
17:55:05.0988 0x1648  msiserver - ok
17:55:05.0990 0x1648  MSKSSRV - ok
17:55:05.0995 0x1648  MsLldp - ok
17:55:05.0997 0x1648  MSPCLOCK - ok
17:55:05.0999 0x1648  MSPQM - ok
17:55:06.0000 0x1648  MsRPC - ok
17:55:06.0014 0x1648  mssmbios - ok
17:55:06.0015 0x1648  MSTEE - ok
17:55:06.0017 0x1648  MTConfig - ok
17:55:06.0019 0x1648  Mup - ok
17:55:06.0021 0x1648  mvumis - ok
17:55:06.0037 0x1648  NativeWifiP - ok
17:55:06.0038 0x1648  NcaSvc - ok
17:55:06.0050 0x1648  NcbService - ok
17:55:06.0052 0x1648  NcdAutoSetup - ok
17:55:06.0054 0x1648  ndfltr - ok
17:55:06.0075 0x1648  NDIS - ok
17:55:06.0077 0x1648  NdisCap - ok
17:55:06.0095 0x1648  NdisImPlatform - ok
17:55:06.0121 0x1648  NdisTapi - ok
17:55:06.0123 0x1648  Ndisuio - ok
17:55:06.0126 0x1648  NdisVirtualBus - ok
17:55:06.0128 0x1648  NdisWan - ok
17:55:06.0129 0x1648  ndiswanlegacy - ok
17:55:06.0131 0x1648  ndproxy - ok
17:55:06.0132 0x1648  Ndu - ok
17:55:06.0134 0x1648  NetAdapterCx - ok
17:55:06.0136 0x1648  NetBIOS - ok
17:55:06.0141 0x1648  NetBT - ok
17:55:06.0143 0x1648  Netlogon - ok
17:55:06.0145 0x1648  Netman - ok
17:55:06.0146 0x1648  netprofm - ok
17:55:06.0202 0x1648  NetSetupSvc - ok
17:55:06.0342 0x1648  NetTcpPortSharing - ok
17:55:06.0344 0x1648  NgcCtnrSvc - ok
17:55:06.0354 0x1648  NgcSvc - ok
17:55:06.0355 0x1648  NlaSvc - ok
17:55:06.0357 0x1648  Npfs - ok
17:55:06.0358 0x1648  npsvctrig - ok
17:55:06.0364 0x1648  nsi - ok
17:55:06.0365 0x1648  nsiproxy - ok
17:55:06.0375 0x1648  NTFS - ok
17:55:06.0377 0x1648  Null - ok
17:55:06.0416 0x1648  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA          C:\WINDOWS\system32\drivers\nvhda64v.sys
17:55:06.0423 0x1648  NVHDA - ok
17:55:06.0805 0x1648  [ 557A0393BDFED327968A9E695FB4CEBA, 76D39F74439205B5B614B0D99E9E10629738E00250A5E7FFEE50815F69EE70D0 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys
17:55:06.0978 0x1648  nvlddmkm - ok
17:55:07.0014 0x1648  nvraid - ok
17:55:07.0030 0x1648  nvstor - ok
17:55:07.0155 0x1648  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:55:07.0159 0x1648  NvStreamKms - ok
17:55:07.0227 0x1648  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
17:55:07.0276 0x1648  NvStreamNetworkSvc - ok
17:55:07.0314 0x1648  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:55:07.0348 0x1648  NvStreamSvc - ok
17:55:07.0402 0x1648  [ 86BB05638CF921AB95E346AD0AB0E300, 84C5E12F69A106E8C8A59A3C032796FB80344E32F6CC283045A9E9D9CB0E470F ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:55:07.0406 0x1648  nvvad_WaveExtensible - ok
17:55:07.0431 0x1648  OneSyncSvc - ok
17:55:07.0477 0x1648  p2pimsvc - ok
17:55:07.0484 0x1648  p2psvc - ok
17:55:07.0489 0x1648  Parport - ok
17:55:07.0497 0x1648  partmgr - ok
17:55:07.0525 0x1648  PcaSvc - ok
17:55:07.0554 0x1648  pci - ok
17:55:07.0587 0x1648  pciide - ok
17:55:07.0589 0x1648  pcmcia - ok
17:55:07.0592 0x1648  pcw - ok
17:55:07.0617 0x1648  pdc - ok
17:55:07.0622 0x1648  PEAUTH - ok
17:55:07.0623 0x1648  percsas2i - ok
17:55:07.0624 0x1648  percsas3i - ok
17:55:07.0698 0x1648  PerfHost - ok
17:55:07.0705 0x1648  PhoneSvc - ok
17:55:07.0718 0x1648  PimIndexMaintenanceSvc - ok
17:55:07.0777 0x1648  pla - ok
17:55:07.0785 0x1648  PlugPlay - ok
17:55:07.0788 0x1648  PnkBstrA - ok
17:55:07.0790 0x1648  PNRPAutoReg - ok
17:55:07.0792 0x1648  PNRPsvc - ok
17:55:07.0801 0x1648  PolicyAgent - ok
17:55:07.0810 0x1648  Power - ok
17:55:07.0813 0x1648  PptpMiniport - ok
17:55:07.0949 0x1648  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:55:08.0089 0x1648  PrintNotify - ok
17:55:08.0122 0x1648  Processor - ok
17:55:08.0132 0x1648  ProfSvc - ok
17:55:08.0133 0x1648  Psched - ok
17:55:08.0137 0x1648  QWAVE - ok
17:55:08.0147 0x1648  QWAVEdrv - ok
17:55:08.0148 0x1648  RasAcd - ok
17:55:08.0164 0x1648  RasAgileVpn - ok
17:55:08.0173 0x1648  RasAuto - ok
17:55:08.0175 0x1648  Rasl2tp - ok
17:55:08.0183 0x1648  RasMan - ok
17:55:08.0185 0x1648  RasPppoe - ok
17:55:08.0187 0x1648  RasSstp - ok
17:55:08.0189 0x1648  rdbss - ok
17:55:08.0200 0x1648  rdpbus - ok
17:55:08.0201 0x1648  RDPDR - ok
17:55:08.0255 0x1648  RdpVideoMiniport - ok
17:55:08.0256 0x1648  rdyboost - ok
17:55:08.0258 0x1648  ReFSv1 - ok
17:55:08.0281 0x1648  RemoteAccess - ok
17:55:08.0283 0x1648  RemoteRegistry - ok
17:55:08.0291 0x1648  RetailDemo - ok
17:55:08.0318 0x1648  RmSvc - ok
17:55:08.0320 0x1648  RpcEptMapper - ok
17:55:08.0330 0x1648  RpcLocator - ok
17:55:08.0332 0x1648  RpcSs - ok
17:55:08.0334 0x1648  rspndr - ok
17:55:08.0376 0x1648  [ 39FC08BE0FBCBF40A67C22FFB671A96F, B9B942A0AEF03E4E9D4A61C9F042CDC97BAD98912369CD0E0D8B0FFC08D124A3 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
17:55:08.0393 0x1648  rt640x64 - ok
17:55:08.0422 0x1648  s3cap - ok
17:55:08.0436 0x1648  SamSs - ok
17:55:08.0455 0x1648  sbp2port - ok
17:55:08.0472 0x1648  SCardSvr - ok
17:55:08.0489 0x1648  ScDeviceEnum - ok
17:55:08.0497 0x1648  scfilter - ok
17:55:08.0499 0x1648  Schedule - ok
17:55:08.0500 0x1648  scmbus - ok
17:55:08.0502 0x1648  scmdisk0101 - ok
17:55:08.0526 0x1648  SCPolicySvc - ok
17:55:08.0533 0x1648  sdbus - ok
17:55:08.0535 0x1648  SDRSVC - ok
17:55:08.0537 0x1648  sdstor - ok
17:55:08.0540 0x1648  seclogon - ok
17:55:08.0541 0x1648  SENS - ok
17:55:08.0543 0x1648  SensorDataService - ok
17:55:08.0569 0x1648  SensorService - ok
17:55:08.0574 0x1648  SensrSvc - ok
17:55:08.0576 0x1648  SerCx - ok
17:55:08.0578 0x1648  SerCx2 - ok
17:55:08.0580 0x1648  Serenum - ok
17:55:08.0582 0x1648  Serial - ok
17:55:08.0584 0x1648  sermouse - ok
17:55:08.0591 0x1648  SessionEnv - ok
17:55:08.0593 0x1648  sfloppy - ok
17:55:08.0630 0x1648  SharedAccess - ok
17:55:08.0637 0x1648  ShellHWDetection - ok
17:55:08.0669 0x1648  shpamsvc - ok
17:55:08.0671 0x1648  SiSRaid2 - ok
17:55:08.0673 0x1648  SiSRaid4 - ok
17:55:08.0688 0x1648  smphost - ok
17:55:08.0695 0x1648  SmsRouter - ok
17:55:08.0699 0x1648  SNMPTRAP - ok
17:55:08.0731 0x1648  spaceport - ok
17:55:08.0755 0x1648  SpbCx - ok
17:55:08.0762 0x1648  Spooler - ok
17:55:08.0789 0x1648  sppsvc - ok
17:55:08.0818 0x1648  srv - ok
17:55:08.0826 0x1648  srv2 - ok
17:55:08.0832 0x1648  srvnet - ok
17:55:08.0834 0x1648  SSDPSRV - ok
17:55:08.0842 0x1648  SstpSvc - ok
17:55:08.0886 0x1648  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:55:08.0892 0x1648  ssudmdm - ok
17:55:08.0944 0x1648  StateRepository - ok
17:55:09.0127 0x1648  [ AE4590027FEA1EAC935EF802C09E87E4, 9FD054D95106DE3A604A316B183CA140F2261654405485324CAA1AEA9E7EEA12 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:55:09.0148 0x1648  Steam Client Service - ok
17:55:09.0189 0x1648  stexstor - ok
17:55:09.0245 0x1648  stisvc - ok
17:55:09.0251 0x1648  storahci - ok
17:55:09.0253 0x1648  storflt - ok
17:55:09.0255 0x1648  stornvme - ok
17:55:09.0270 0x1648  storqosflt - ok
17:55:09.0272 0x1648  StorSvc - ok
17:55:09.0273 0x1648  storufs - ok
17:55:09.0275 0x1648  storvsc - ok
17:55:09.0292 0x1648  svsvc - ok
17:55:09.0294 0x1648  swenum - ok
17:55:09.0296 0x1648  swprv - ok
17:55:09.0313 0x1648  Synth3dVsc - ok
17:55:09.0318 0x1648  SysMain - ok
17:55:09.0329 0x1648  SystemEventsBroker - ok
17:55:09.0333 0x1648  TabletInputService - ok
17:55:09.0334 0x1648  TapiSrv - ok
17:55:09.0342 0x1648  Tcpip - ok
17:55:09.0343 0x1648  Tcpip6 - ok
17:55:09.0346 0x1648  tcpipreg - ok
17:55:09.0349 0x1648  tdx - ok
17:55:09.0350 0x1648  terminpt - ok
17:55:09.0352 0x1648  TermService - ok
17:55:09.0378 0x1648  Themes - ok
17:55:09.0384 0x1648  TieringEngineService - ok
17:55:09.0385 0x1648  tiledatamodelsvc - ok
17:55:09.0388 0x1648  TimeBrokerSvc - ok
17:55:09.0481 0x1648  [ 17DB352FA977DAAABB6E61A4DED245D9, D428BB4F42F9BCA73A1E74FD7DFBB5322A7A1804FA150B4A783B0EF3BB6CB53E ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:55:09.0487 0x1648  TOSHIBA HDD SSD Alert Service - ok
17:55:09.0519 0x1648  TPM - ok
17:55:09.0522 0x1648  TrkWks - ok
17:55:09.0580 0x1648  TrustedInstaller - ok
17:55:09.0583 0x1648  tsusbflt - ok
17:55:09.0585 0x1648  TsUsbGD - ok
17:55:09.0587 0x1648  tunnel - ok
17:55:09.0632 0x1648  tzautoupdate - ok
17:55:09.0639 0x1648  UASPStor - ok
17:55:09.0641 0x1648  UcmCx0101 - ok
17:55:09.0643 0x1648  UcmTcpciCx0101 - ok
17:55:09.0645 0x1648  UcmUcsi - ok
17:55:09.0655 0x1648  Ucx01000 - ok
17:55:09.0657 0x1648  UdeCx - ok
17:55:09.0658 0x1648  udfs - ok
17:55:09.0660 0x1648  UEFI - ok
17:55:09.0672 0x1648  Ufx01000 - ok
17:55:09.0673 0x1648  UfxChipidea - ok
17:55:09.0675 0x1648  ufxsynopsys - ok
17:55:09.0678 0x1648  UI0Detect - ok
17:55:09.0680 0x1648  umbus - ok
17:55:09.0681 0x1648  UmPass - ok
17:55:09.0685 0x1648  UmRdpService - ok
17:55:09.0687 0x1648  UnistoreSvc - ok
17:55:09.0690 0x1648  upnphost - ok
17:55:09.0697 0x1648  UrsChipidea - ok
17:55:09.0698 0x1648  UrsCx01000 - ok
17:55:09.0700 0x1648  UrsSynopsys - ok
17:55:09.0702 0x1648  usbccgp - ok
17:55:09.0704 0x1648  usbcir - ok
17:55:09.0707 0x1648  usbehci - ok
17:55:09.0709 0x1648  usbhub - ok
17:55:09.0711 0x1648  USBHUB3 - ok
17:55:09.0713 0x1648  usbohci - ok
17:55:09.0715 0x1648  usbprint - ok
17:55:09.0717 0x1648  usbser - ok
17:55:09.0718 0x1648  USBSTOR - ok
17:55:09.0720 0x1648  usbuhci - ok
17:55:09.0724 0x1648  USBXHCI - ok
17:55:09.0735 0x1648  UserDataSvc - ok
17:55:09.0784 0x1648  UserManager - ok
17:55:09.0788 0x1648  UsoSvc - ok
17:55:09.0790 0x1648  VaultSvc - ok
17:55:09.0793 0x1648  vdrvroot - ok
17:55:09.0798 0x1648  vds - ok
17:55:09.0801 0x1648  VerifierExt - ok
17:55:09.0812 0x1648  vhdmp - ok
17:55:09.0814 0x1648  vhf - ok
17:55:09.0816 0x1648  vmbus - ok
17:55:09.0818 0x1648  VMBusHID - ok
17:55:09.0820 0x1648  vmgid - ok
17:55:09.0830 0x1648  vmicguestinterface - ok
17:55:09.0831 0x1648  vmicheartbeat - ok
17:55:09.0833 0x1648  vmickvpexchange - ok
17:55:09.0848 0x1648  vmicrdv - ok
17:55:09.0849 0x1648  vmicshutdown - ok
17:55:09.0851 0x1648  vmictimesync - ok
17:55:09.0853 0x1648  vmicvmsession - ok
17:55:09.0855 0x1648  vmicvss - ok
17:55:09.0856 0x1648  volmgr - ok
17:55:09.0858 0x1648  volmgrx - ok
17:55:09.0860 0x1648  volsnap - ok
17:55:09.0862 0x1648  volume - ok
17:55:09.0863 0x1648  vpci - ok
17:55:09.0865 0x1648  vsmraid - ok
17:55:09.0867 0x1648  VSS - ok
17:55:09.0869 0x1648  VSTXRAID - ok
17:55:09.0871 0x1648  vwifibus - ok
17:55:09.0873 0x1648  vwififlt - ok
17:55:09.0880 0x1648  W32Time - ok
17:55:09.0881 0x1648  WacomPen - ok
17:55:09.0883 0x1648  WalletService - ok
17:55:09.0885 0x1648  wanarp - ok
17:55:09.0887 0x1648  wanarpv6 - ok
17:55:09.0891 0x1648  wbengine - ok
17:55:09.0918 0x1648  WbioSrvc - ok
17:55:09.0920 0x1648  wcifs - ok
17:55:09.0922 0x1648  Wcmsvc - ok
17:55:09.0925 0x1648  wcncsvc - ok
17:55:09.0930 0x1648  wcnfs - ok
17:55:09.0931 0x1648  WdBoot - ok
17:55:09.0934 0x1648  Wdf01000 - ok
17:55:09.0935 0x1648  WdFilter - ok
17:55:09.0937 0x1648  WdiServiceHost - ok
17:55:09.0941 0x1648  WdiSystemHost - ok
17:55:09.0943 0x1648  wdiwifi - ok
17:55:09.0944 0x1648  WdNisDrv - ok
17:55:09.0988 0x1648  WdNisSvc - ok
17:55:09.0990 0x1648  WebClient - ok
17:55:09.0992 0x1648  Wecsvc - ok
17:55:09.0994 0x1648  WEPHOSTSVC - ok
17:55:09.0995 0x1648  wercplsupport - ok
17:55:09.0998 0x1648  WerSvc - ok
17:55:10.0000 0x1648  WFPLWFS - ok
17:55:10.0003 0x1648  WiaRpc - ok
17:55:10.0004 0x1648  WIMMount - ok
17:55:10.0007 0x1648  WinDefend - ok
17:55:10.0011 0x1648  WindowsTrustedRT - ok
17:55:10.0013 0x1648  WindowsTrustedRTProxy - ok
17:55:10.0034 0x1648  WinHttpAutoProxySvc - ok
17:55:10.0037 0x1648  WinMad - ok
17:55:10.0102 0x1648  Winmgmt - ok
17:55:10.0134 0x1648  WinRM - ok
17:55:10.0180 0x1648  WINUSB - ok
17:55:10.0182 0x1648  WinVerbs - ok
17:55:10.0216 0x1648  wisvc - ok
17:55:10.0242 0x1648  WlanSvc - ok
17:55:10.0265 0x1648  wlidsvc - ok
17:55:10.0290 0x1648  WmiAcpi - ok
17:55:10.0298 0x1648  wmiApSrv - ok
17:55:10.0326 0x1648  WMPNetworkSvc - ok
17:55:10.0356 0x1648  Wof - ok
17:55:10.0363 0x1648  workfolderssvc - ok
17:55:10.0365 0x1648  WPDBusEnum - ok
17:55:10.0367 0x1648  WpdUpFltr - ok
17:55:10.0369 0x1648  WpnService - ok
17:55:10.0374 0x1648  WpnUserService - ok
17:55:10.0380 0x1648  ws2ifsl - ok
17:55:10.0382 0x1648  wscsvc - ok
17:55:10.0384 0x1648  WSearch - ok
17:55:10.0418 0x1648  wuauserv - ok
17:55:10.0420 0x1648  WudfPf - ok
17:55:10.0423 0x1648  WUDFRd - ok
17:55:10.0445 0x1648  wudfsvc - ok
17:55:10.0447 0x1648  WUDFWpdFs - ok
17:55:10.0450 0x1648  WUDFWpdMtp - ok
17:55:10.0457 0x1648  WwanSvc - ok
17:55:10.0469 0x1648  XblAuthManager - ok
17:55:10.0501 0x1648  XblGameSave - ok
17:55:10.0503 0x1648  xboxgip - ok
17:55:10.0506 0x1648  XboxNetApiSvc - ok
17:55:10.0536 0x1648  xinputhid - ok
17:55:10.0537 0x1648  ================ Scan global ===============================
17:55:10.0634 0x1648  [ Global ] - ok
17:55:10.0634 0x1648  ================ Scan MBR ==================================
17:55:10.0645 0x1648  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:55:10.0902 0x1648  \Device\Harddisk0\DR0 - ok
17:55:10.0902 0x1648  ================ Scan VBR ==================================
17:55:10.0903 0x1648  [ 0AC15D53CCB7A8CA470C09BAD343236F ] \Device\Harddisk0\DR0\Partition1
17:55:10.0904 0x1648  \Device\Harddisk0\DR0\Partition1 - ok
17:55:10.0905 0x1648  [ D3D441D5556714F1515FF3DC1530463E ] \Device\Harddisk0\DR0\Partition2
17:55:10.0905 0x1648  \Device\Harddisk0\DR0\Partition2 - ok
17:55:10.0905 0x1648  ================ Scan generic autorun ======================
17:55:11.0003 0x1648  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:55:11.0034 0x1648  NvBackend - ok
17:55:11.0036 0x1648  WindowsDefender - ok
17:55:11.0066 0x1648  [ B936172D47C3319B4D25AF109CE539E7, B409C2827CF0282D485F1E3F7B2AF81872182028D2E2A39E0F5530EF9860D5BD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
17:55:11.0077 0x1648  TosSENotify - ok
17:55:11.0078 0x1648  BlueStacks Agent - ok
17:55:11.0222 0x1648  [ 8D8D9C8486CB29D01000BFFFE132780A, E1DD85E8CF029FA2F294A2E162838C0D5F11795338C4DE585FD3A0E58894F7C6 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
17:55:11.0249 0x1648  Wondershare Helper Compact.exe - ok
17:55:11.0296 0x1648  RoccatIsku - ok
17:55:11.0399 0x1648  [ 14E9A77F1D135704FF87A43EAFF5675E, 4EA434DFC2D5907B3D73C5AC8D1C5E1F192896870C1FB1616557A94217402539 ] C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
17:55:11.0430 0x1648  RoccatIskuFX - detected UnsignedFile.Multi.Generic ( 1 )
17:55:11.0794 0x1648  RoccatIskuFX ( UnsignedFile.Multi.Generic ) - warning
17:55:11.0794 0x1648  Force sending object to P2P due to detect: C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
17:55:12.0010 0x1648  Object send P2P result: true
17:55:12.0361 0x1648  Discord - ok
17:55:12.0390 0x1648  OneDriveSetup - ok
17:55:12.0391 0x1648  OneDriveSetup - ok
17:55:12.0510 0x1648  [ D961BA20D31E2660AA8FDF81DCFD032B, A899082B1B6CC0F1F75D0D57B6C8AFFD1D1EE981C63652F9DF26BD71C624251F ] C:\Program Files (x86)\Steam\steam.exe
17:55:12.0549 0x1648  Steam - ok
17:55:12.0628 0x1648  [ 92B29E6BE97F5B2C5894904D1447BBFE, C8BF1ABDC9EDE0264ED7A818F61BB84BA2D42F160FDEA45DE6ED6EF816A6425E ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
17:55:12.0645 0x1648  GoogleChromeAutoLaunch_80ECDFDFF1FFCF1D06BB588B1CF0C0D7 - ok
17:55:12.0863 0x1648  [ 0C2D8CBA28E12D170FC5343F03E6D20C, 73A66AEF5D89E69E6B19172328AC043542FD7628DD44A569B23625261A0B56FB ] C:\Users\Sabrina\AppData\Roaming\Spotify\SpotifyWebHelper.exe
17:55:12.0883 0x1648  Spotify Web Helper - ok
17:55:13.0011 0x1648  [ C654101E928F9C1EC19A3C3AA78D4482, 925C51A2B1DD082EA5F7035CDAD481F6017DD943B005042703CCE1D5F9572AF2 ] C:\Users\Sabrina\AppData\Roaming\Spotify\Spotify.exe
17:55:13.0097 0x1648  Spotify - ok
17:55:13.0187 0x1648  [ 72C4380EE0D19B7B76196B488E2DFD39, 066E21A906F954D8054CA8601BA2663998AA9018AE47A8A8DB398111E973F7EF ] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
17:55:13.0247 0x1648  TSMApplication - detected UnsignedFile.Multi.Generic ( 1 )
17:55:13.0513 0x1648  TSMApplication ( UnsignedFile.Multi.Generic ) - warning
17:55:13.0513 0x1648  Force sending object to P2P due to detect: C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
17:55:13.0874 0x1648  Object send P2P result: true
17:55:14.0375 0x1648  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Sabrina\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:55:14.0399 0x1648  OneDrive - ok
17:55:14.0400 0x1648  Waiting for KSN requests completion. In queue: 32
17:55:15.0407 0x1648  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
17:55:15.0409 0x1648  Win FW state via NFP2: enabled ( trusted )
17:55:15.0554 0x1648  ============================================================
17:55:15.0554 0x1648  Scan finished
17:55:15.0554 0x1648  ============================================================
17:55:15.0558 0x0340  Detected object count: 2
17:55:15.0558 0x0340  Actual detected object count: 2
17:55:28.0556 0x0340  RoccatIskuFX ( UnsignedFile.Multi.Generic ) - skipped by user
17:55:28.0556 0x0340  RoccatIskuFX ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:55:28.0556 0x0340  TSMApplication ( UnsignedFile.Multi.Generic ) - skipped by user
17:55:28.0556 0x0340  TSMApplication ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 14.01.2017 18:49
Zitat:
C:\Users\Sabrina\Desktop\GameZone\Battlefield\fff-ea117.exe (RiskWare.Tool.CK) -> Delete on reboot. [02c890eb644460d610977c73679c09f7]
C:\Users\Sabrina\Desktop\GameZone\Call of Duty\Call Of Duty 4 - Modern Warfare\keygen.exe (CrackTool.Agent) -> Delete on reboot. [a6245b20693f270f3d661cb8fc047f81]
Doppel-:pfui: :pfui:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:14 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131