| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AdChoices im FirefoxWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.03.2017, 23:45
| #1 |
 |  AdChoices im Firefox Hallo, mal wieder ich. Diesmal sind es doppelt grün unterstrichene AdChoices Links, die bei stern.de auftauchen. Nicht aber bei Spiegel.de, zB.  Ein erster Malwarebytes Durchlauf ergab null Treffer. Danke für die Hilfe! edit: Anders als im Titel angegeben, tritt das Problem auch in Chrome auf. System ist ein 64Bit Windows 10. Geändert von rka0 (08.03.2017 um 23:56 Uhr) |
|
09.03.2017, 21:03
| #2 |
| /// TB-Ausbilder   | AdChoices im Firefox Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
09.03.2017, 22:29
| #3 |
| | AdChoices im Firefox Danke für Deine Zeit.
__________________Hier der tdds-report: Code:
ATTFilter 22:24:21.0414 0x2f98 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
22:24:30.0131 0x2f98 ============================================================
22:24:30.0131 0x2f98 Current date / time: 2017/03/09 22:24:30.0131
22:24:30.0131 0x2f98 SystemInfo:
22:24:30.0131 0x2f98
22:24:30.0131 0x2f98 OS Version: 10.0.14393 ServicePack: 0.0
22:24:30.0131 0x2f98 Product type: Workstation
22:24:30.0131 0x2f98 ComputerName: SCHWOBB
22:24:30.0131 0x2f98 UserName: xxx
22:24:30.0131 0x2f98 Windows directory: C:\WINDOWS
22:24:30.0131 0x2f98 System windows directory: C:\WINDOWS
22:24:30.0131 0x2f98 Running under WOW64
22:24:30.0131 0x2f98 Processor architecture: Intel x64
22:24:30.0131 0x2f98 Number of processors: 4
22:24:30.0131 0x2f98 Page size: 0x1000
22:24:30.0131 0x2f98 Boot type: Normal boot
22:24:30.0131 0x2f98 CodeIntegrityOptions = 0x00000001
22:24:30.0131 0x2f98 ============================================================
22:24:30.0212 0x2f98 KLMD registered as C:\WINDOWS\system32\drivers\09508804.sys
22:24:30.0212 0x2f98 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
22:24:30.0271 0x2f98 System UUID: {AAF3A55F-71B7-0C35-F451-C3191FC13C08}
22:24:30.0491 0x2f98 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:24:30.0491 0x2f98 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:24:30.0502 0x2f98 ============================================================
22:24:30.0502 0x2f98 \Device\Harddisk0\DR0:
22:24:30.0502 0x2f98 MBR partitions:
22:24:30.0502 0x2f98 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
22:24:30.0502 0x2f98 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1D0CA800
22:24:30.0502 0x2f98 \Device\Harddisk1\DR1:
22:24:30.0502 0x2f98 MBR partitions:
22:24:30.0502 0x2f98 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9FA27800
22:24:30.0502 0x2f98 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9FA28000, BlocksNum 0x7530000
22:24:30.0502 0x2f98 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xA6F58000, BlocksNum 0xC350000
22:24:30.0503 0x2f98 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0xB32A8800, BlocksNum 0x3A98000
22:24:30.0503 0x2f98 \Device\Harddisk1\DR1\Partition5: MBR, Type 0x7, StartLBA 0xB6D41000, BlocksNum 0x320C7000
22:24:30.0503 0x2f98 ============================================================
22:24:30.0505 0x2f98 C: <-> \Device\Harddisk0\DR0\Partition2
22:24:30.0528 0x2f98 E: <-> \Device\Harddisk1\DR1\Partition1
22:24:30.0543 0x2f98 F: <-> \Device\Harddisk1\DR1\Partition2
22:24:30.0545 0x2f98 G: <-> \Device\Harddisk1\DR1\Partition3
22:24:30.0547 0x2f98 D: <-> \Device\Harddisk1\DR1\Partition4
22:24:30.0557 0x2f98 H: <-> \Device\Harddisk1\DR1\Partition5
22:24:30.0557 0x2f98 ============================================================
22:24:30.0557 0x2f98 Initialize success
22:24:30.0557 0x2f98 ============================================================
22:24:35.0962 0x2910 ============================================================
22:24:35.0962 0x2910 Scan started
22:24:35.0962 0x2910 Mode: Manual;
22:24:35.0962 0x2910 ============================================================
22:24:35.0962 0x2910 KSN ping started
22:24:36.0016 0x2910 KSN ping finished: true
22:24:36.0812 0x2910 ================ Scan system memory ========================
22:24:36.0812 0x2910 System memory - ok
22:24:36.0813 0x2910 ================ Scan services =============================
22:24:36.0844 0x2910 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:24:36.0848 0x2910 1394ohci - ok
22:24:36.0857 0x2910 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:24:36.0859 0x2910 3ware - ok
22:24:36.0872 0x2910 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:24:36.0882 0x2910 ACPI - ok
22:24:36.0885 0x2910 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
22:24:36.0886 0x2910 AcpiDev - ok
22:24:36.0890 0x2910 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:24:36.0893 0x2910 acpiex - ok
22:24:36.0898 0x2910 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:24:36.0898 0x2910 acpipagr - ok
22:24:36.0904 0x2910 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:24:36.0905 0x2910 AcpiPmi - ok
22:24:36.0909 0x2910 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:24:36.0909 0x2910 acpitime - ok
22:24:36.0926 0x2910 [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:24:36.0929 0x2910 AdobeFlashPlayerUpdateSvc - ok
22:24:36.0953 0x2910 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:24:36.0969 0x2910 ADP80XX - ok
22:24:36.0983 0x2910 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:24:36.0992 0x2910 AFD - ok
22:24:36.0999 0x2910 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:24:37.0003 0x2910 ahcache - ok
22:24:37.0006 0x2910 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
22:24:37.0007 0x2910 AJRouter - ok
22:24:37.0011 0x2910 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
22:24:37.0013 0x2910 ALG - ok
22:24:37.0022 0x2910 [ 23CB92EE5654BA92619D796E3AC7DB86, DD4536B55F021990DDAD8864F9BAECCDE40B2B532F6FB0D6CF9EB1A6B112A983 ] ALSysIO C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys
22:24:37.0023 0x2910 ALSysIO - ok
22:24:37.0027 0x2910 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:24:37.0029 0x2910 AmdK8 - ok
22:24:37.0035 0x2910 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:24:37.0036 0x2910 AmdPPM - ok
22:24:37.0040 0x2910 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:24:37.0043 0x2910 amdsata - ok
22:24:37.0048 0x2910 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:24:37.0053 0x2910 amdsbs - ok
22:24:37.0057 0x2910 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:24:37.0058 0x2910 amdxata - ok
22:24:37.0079 0x2910 [ 42A60840C182E9CFCD4E5EF950303512, E7C3D9888529156D9FB03BC51B170AC027ABA6E7B1ED69FA29944546A202907A ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
22:24:37.0112 0x2910 AntiVirMailService - ok
22:24:37.0122 0x2910 [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
22:24:37.0128 0x2910 AntiVirSchedulerService - ok
22:24:37.0138 0x2910 [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
22:24:37.0152 0x2910 AntiVirService - ok
22:24:37.0177 0x2910 [ 4C1B4579EF9D12C88132367333F8F794, 2193359E04F5313BFB7E5FE9AF6D7FBCFFF2CEBCC217F29817F9D450C91160DD ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
22:24:37.0198 0x2910 AntiVirWebService - ok
22:24:37.0204 0x2910 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:24:37.0207 0x2910 AppID - ok
22:24:37.0211 0x2910 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:24:37.0213 0x2910 AppIDSvc - ok
22:24:37.0218 0x2910 [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:24:37.0220 0x2910 Appinfo - ok
22:24:37.0223 0x2910 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
22:24:37.0224 0x2910 applockerfltr - ok
22:24:37.0229 0x2910 [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:24:37.0232 0x2910 AppMgmt - ok
22:24:37.0245 0x2910 [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:24:37.0253 0x2910 AppReadiness - ok
22:24:37.0268 0x2910 [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
22:24:37.0279 0x2910 AppVClient - ok
22:24:37.0284 0x2910 [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
22:24:37.0286 0x2910 AppvStrm - ok
22:24:37.0291 0x2910 [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
22:24:37.0294 0x2910 AppvVemgr - ok
22:24:37.0299 0x2910 [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
22:24:37.0301 0x2910 AppvVfs - ok
22:24:37.0337 0x2910 [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:24:37.0366 0x2910 AppXSvc - ok
22:24:37.0373 0x2910 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:24:37.0375 0x2910 arcsas - ok
22:24:37.0379 0x2910 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
22:24:37.0380 0x2910 AsyncMac - ok
22:24:37.0383 0x2910 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:24:37.0384 0x2910 atapi - ok
22:24:37.0392 0x2910 [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:24:37.0397 0x2910 AudioEndpointBuilder - ok
22:24:37.0413 0x2910 [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:24:37.0425 0x2910 Audiosrv - ok
22:24:37.0431 0x2910 [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:24:37.0433 0x2910 avgntflt - ok
22:24:37.0438 0x2910 [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:24:37.0441 0x2910 avipbb - ok
22:24:37.0450 0x2910 [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:24:37.0464 0x2910 Avira.ServiceHost - ok
22:24:37.0468 0x2910 [ 8D2830B4A88B957890AC292686140E2D, 5B645D67EC327E074C0A01B2CDF2FDBF376B6F869E2724F2699A7DEF4AA366D2 ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
22:24:37.0469 0x2910 AviraUpdaterService - ok
22:24:37.0472 0x2910 [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:24:37.0473 0x2910 avkmgr - ok
22:24:37.0477 0x2910 [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
22:24:37.0479 0x2910 avnetflt - ok
22:24:37.0483 0x2910 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:24:37.0485 0x2910 AxInstSV - ok
22:24:37.0495 0x2910 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
22:24:37.0503 0x2910 b06bdrv - ok
22:24:37.0507 0x2910 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:24:37.0508 0x2910 BasicDisplay - ok
22:24:37.0512 0x2910 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:24:37.0513 0x2910 BasicRender - ok
22:24:37.0516 0x2910 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
22:24:37.0517 0x2910 bcmfn - ok
22:24:37.0520 0x2910 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:24:37.0520 0x2910 bcmfn2 - ok
22:24:37.0528 0x2910 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:24:37.0532 0x2910 BDESVC - ok
22:24:37.0535 0x2910 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:24:37.0536 0x2910 Beep - ok
22:24:37.0550 0x2910 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
22:24:37.0560 0x2910 BFE - ok
22:24:37.0580 0x2910 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
22:24:37.0615 0x2910 BITS - ok
22:24:37.0620 0x2910 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:24:37.0622 0x2910 bowser - ok
22:24:37.0636 0x2910 [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:24:37.0647 0x2910 BrokerInfrastructure - ok
22:24:37.0653 0x2910 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
22:24:37.0655 0x2910 Browser - ok
22:24:37.0662 0x2910 [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
22:24:37.0666 0x2910 BrYNSvc - ok
22:24:37.0669 0x2910 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:24:37.0670 0x2910 BthAvrcpTg - ok
22:24:37.0674 0x2910 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:24:37.0675 0x2910 BthHFEnum - ok
22:24:37.0678 0x2910 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:24:37.0679 0x2910 bthhfhid - ok
22:24:37.0686 0x2910 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
22:24:37.0691 0x2910 BthHFSrv - ok
22:24:37.0695 0x2910 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:24:37.0696 0x2910 BTHMODEM - ok
22:24:37.0702 0x2910 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
22:24:37.0705 0x2910 bthserv - ok
22:24:37.0708 0x2910 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
22:24:37.0709 0x2910 buttonconverter - ok
22:24:37.0713 0x2910 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
22:24:37.0715 0x2910 CapImg - ok
22:24:37.0719 0x2910 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:24:37.0721 0x2910 cdfs - ok
22:24:37.0729 0x2910 [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
22:24:37.0735 0x2910 CDPSvc - ok
22:24:37.0743 0x2910 [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
22:24:37.0748 0x2910 CDPUserSvc - ok
22:24:37.0755 0x2910 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:24:37.0757 0x2910 cdrom - ok
22:24:37.0763 0x2910 [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:24:37.0766 0x2910 CertPropSvc - ok
22:24:37.0773 0x2910 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
22:24:37.0778 0x2910 cht4iscsi - ok
22:24:37.0811 0x2910 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
22:24:37.0839 0x2910 cht4vbd - ok
22:24:37.0844 0x2910 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:24:37.0845 0x2910 circlass - ok
22:24:37.0853 0x2910 [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:24:37.0858 0x2910 CLFS - ok
22:24:37.0871 0x2910 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
22:24:37.0881 0x2910 ClipSVC - ok
22:24:37.0886 0x2910 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
22:24:37.0887 0x2910 clreg - ok
22:24:37.0894 0x2910 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:24:37.0896 0x2910 CmBatt - ok
22:24:37.0907 0x2910 [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:24:37.0915 0x2910 CNG - ok
22:24:37.0919 0x2910 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:24:37.0920 0x2910 cnghwassist - ok
22:24:37.0929 0x2910 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
22:24:37.0931 0x2910 CompositeBus - ok
22:24:37.0933 0x2910 COMSysApp - ok
22:24:37.0936 0x2910 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:24:37.0937 0x2910 condrv - ok
22:24:37.0951 0x2910 [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
22:24:37.0962 0x2910 CoreMessagingRegistrar - ok
22:24:37.0968 0x2910 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:24:37.0970 0x2910 CryptSvc - ok
22:24:37.0980 0x2910 [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC C:\WINDOWS\system32\drivers\csc.sys
22:24:37.0988 0x2910 CSC - ok
22:24:38.0001 0x2910 [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll
22:24:38.0012 0x2910 CscService - ok
22:24:38.0021 0x2910 [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:24:38.0026 0x2910 CTAudSvcService - ok
22:24:38.0045 0x2910 [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda C:\WINDOWS\system32\drivers\cthda.sys
22:24:38.0059 0x2910 cthda - ok
22:24:38.0074 0x2910 [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc C:\WINDOWS\sysWow64\CtHdaSvc.exe
22:24:38.0081 0x2910 CtHdaSvc - ok
22:24:38.0085 0x2910 [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb C:\WINDOWS\system32\DRIVERS\cthdb.sys
22:24:38.0086 0x2910 cthdb - ok
22:24:38.0090 0x2910 [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam C:\WINDOWS\system32\drivers\dam.sys
22:24:38.0090 0x2910 dam - ok
22:24:38.0095 0x2910 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:24:38.0097 0x2910 dbupdate - ok
22:24:38.0101 0x2910 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:24:38.0102 0x2910 dbupdatem - ok
22:24:38.0105 0x2910 dbx - ok
22:24:38.0108 0x2910 [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
22:24:38.0109 0x2910 DbxSvc - ok
22:24:38.0125 0x2910 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:24:38.0138 0x2910 DcomLaunch - ok
22:24:38.0144 0x2910 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
22:24:38.0147 0x2910 DcpSvc - ok
22:24:38.0157 0x2910 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:24:38.0164 0x2910 defragsvc - ok
22:24:38.0173 0x2910 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:24:38.0180 0x2910 DeviceAssociationService - ok
22:24:38.0184 0x2910 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:24:38.0187 0x2910 DeviceInstall - ok
22:24:38.0190 0x2910 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
22:24:38.0192 0x2910 DevQueryBroker - ok
22:24:38.0197 0x2910 [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:24:38.0199 0x2910 Dfsc - ok
22:24:38.0204 0x2910 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:24:38.0206 0x2910 dg_ssudbus - ok
22:24:38.0214 0x2910 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:24:38.0220 0x2910 Dhcp - ok
22:24:38.0224 0x2910 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:24:38.0226 0x2910 diagnosticshub.standardcollector.service - ok
22:24:38.0256 0x2910 [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
22:24:38.0282 0x2910 DiagTrack - ok
22:24:38.0294 0x2910 [ CF7302680AD66C5BF84E2F5CBDE8731F, 88C31F08F9EFF7809397820ED09AC14E76C3015C6D0EFB71B5B30133B3EB4AEA ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
22:24:38.0300 0x2910 DigitalWave.Update.Service - ok
22:24:38.0305 0x2910 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
22:24:38.0307 0x2910 disk - ok
22:24:38.0315 0x2910 [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:24:38.0322 0x2910 DmEnrollmentSvc - ok
22:24:38.0326 0x2910 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:24:38.0327 0x2910 dmvsc - ok
22:24:38.0330 0x2910 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:24:38.0332 0x2910 dmwappushservice - ok
22:24:38.0338 0x2910 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:24:38.0343 0x2910 Dnscache - ok
22:24:38.0350 0x2910 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:24:38.0353 0x2910 dot3svc - ok
22:24:38.0358 0x2910 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
22:24:38.0361 0x2910 DPS - ok
22:24:38.0363 0x2910 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
22:24:38.0364 0x2910 drmkaud - ok
22:24:38.0371 0x2910 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:24:38.0374 0x2910 DsmSvc - ok
22:24:38.0379 0x2910 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
22:24:38.0382 0x2910 DsSvc - ok
22:24:38.0417 0x2910 [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:24:38.0446 0x2910 DXGKrnl - ok
22:24:38.0452 0x2910 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:24:38.0454 0x2910 EapHost - ok
22:24:38.0504 0x2910 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
22:24:38.0548 0x2910 ebdrv - ok
22:24:38.0554 0x2910 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
22:24:38.0556 0x2910 EFS - ok
22:24:38.0560 0x2910 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:24:38.0562 0x2910 EhStorClass - ok
22:24:38.0566 0x2910 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:24:38.0569 0x2910 EhStorTcgDrv - ok
22:24:38.0571 0x2910 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
22:24:38.0572 0x2910 ElbyCDIO - ok
22:24:38.0577 0x2910 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
22:24:38.0580 0x2910 embeddedmode - ok
22:24:38.0587 0x2910 [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:24:38.0592 0x2910 EntAppSvc - ok
22:24:38.0595 0x2910 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:24:38.0595 0x2910 ErrDev - ok
22:24:38.0606 0x2910 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
22:24:38.0613 0x2910 EventSystem - ok
22:24:38.0620 0x2910 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:24:38.0625 0x2910 exfat - ok
22:24:38.0634 0x2910 [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:24:38.0639 0x2910 fastfat - ok
22:24:38.0651 0x2910 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
22:24:38.0661 0x2910 Fax - ok
22:24:38.0664 0x2910 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:24:38.0665 0x2910 fdc - ok
22:24:38.0668 0x2910 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:24:38.0670 0x2910 fdPHost - ok
22:24:38.0673 0x2910 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:24:38.0674 0x2910 FDResPub - ok
22:24:38.0679 0x2910 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:24:38.0681 0x2910 fhsvc - ok
22:24:38.0685 0x2910 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
22:24:38.0687 0x2910 FileCrypt - ok
22:24:38.0690 0x2910 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:24:38.0692 0x2910 FileInfo - ok
22:24:38.0695 0x2910 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:24:38.0696 0x2910 Filetrace - ok
22:24:38.0698 0x2910 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:24:38.0699 0x2910 flpydisk - ok
22:24:38.0708 0x2910 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:24:38.0713 0x2910 FltMgr - ok
22:24:38.0742 0x2910 [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache C:\WINDOWS\system32\FntCache.dll
22:24:38.0767 0x2910 FontCache - ok
22:24:38.0772 0x2910 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:24:38.0774 0x2910 FontCache3.0.0.0 - ok
22:24:38.0789 0x2910 [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
22:24:38.0801 0x2910 FrameServer - ok
22:24:38.0805 0x2910 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:24:38.0806 0x2910 FsDepends - ok
22:24:38.0809 0x2910 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:24:38.0810 0x2910 Fs_Rec - ok
22:24:38.0822 0x2910 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:24:38.0831 0x2910 fvevol - ok
22:24:38.0834 0x2910 [ 4D9C8E6F3D39282EDAD1584AADB1A535, CB9612B215FB78C3DA3EAE74510C6ED6B3BAB95470E181B72C0230F8367313E8 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
22:24:38.0835 0x2910 GamingApp_Service - ok
22:24:38.0838 0x2910 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:24:38.0839 0x2910 gencounter - ok
22:24:38.0842 0x2910 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
22:24:38.0843 0x2910 genericusbfn - ok
22:24:38.0849 0x2910 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:24:38.0852 0x2910 GPIOClx0101 - ok
22:24:38.0873 0x2910 [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:24:38.0890 0x2910 gpsvc - ok
22:24:38.0899 0x2910 [ 96E7F6770E12DD05A8ECF7B5D5DCD2FD, F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD ] GPU-Z C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys
22:24:38.0899 0x2910 GPU-Z - ok
22:24:38.0903 0x2910 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:24:38.0904 0x2910 GpuEnergyDrv - ok
22:24:38.0909 0x2910 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:24:38.0910 0x2910 gupdate - ok
22:24:38.0914 0x2910 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:24:38.0916 0x2910 gupdatem - ok
22:24:38.0920 0x2910 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:24:38.0922 0x2910 HDAudBus - ok
22:24:38.0925 0x2910 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:24:38.0925 0x2910 HidBatt - ok
22:24:38.0929 0x2910 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:24:38.0931 0x2910 HidBth - ok
22:24:38.0934 0x2910 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:24:38.0936 0x2910 hidi2c - ok
22:24:38.0939 0x2910 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
22:24:38.0940 0x2910 hidinterrupt - ok
22:24:38.0944 0x2910 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:24:38.0945 0x2910 HidIr - ok
22:24:38.0948 0x2910 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
22:24:38.0950 0x2910 hidserv - ok
22:24:38.0953 0x2910 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:24:38.0954 0x2910 HidUsb - ok
22:24:38.0960 0x2910 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:24:38.0965 0x2910 HomeGroupListener - ok
22:24:38.0975 0x2910 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:24:38.0982 0x2910 HomeGroupProvider - ok
22:24:38.0986 0x2910 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:24:38.0988 0x2910 HpSAMD - ok
22:24:39.0007 0x2910 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:24:39.0021 0x2910 HTTP - ok
22:24:39.0025 0x2910 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
22:24:39.0027 0x2910 HvHost - ok
22:24:39.0031 0x2910 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
22:24:39.0032 0x2910 hvservice - ok
22:24:39.0035 0x2910 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:24:39.0036 0x2910 hwpolicy - ok
22:24:39.0039 0x2910 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:24:39.0040 0x2910 hyperkbd - ok
22:24:39.0044 0x2910 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:24:39.0046 0x2910 i8042prt - ok
22:24:39.0049 0x2910 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
22:24:39.0049 0x2910 iagpio - ok
22:24:39.0053 0x2910 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
22:24:39.0055 0x2910 iai2c - ok
22:24:39.0058 0x2910 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
22:24:39.0059 0x2910 iaLPSS2i_GPIO2 - ok
22:24:39.0064 0x2910 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
22:24:39.0067 0x2910 iaLPSS2i_I2C - ok
22:24:39.0070 0x2910 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:24:39.0072 0x2910 iaLPSSi_GPIO - ok
22:24:39.0076 0x2910 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:24:39.0078 0x2910 iaLPSSi_I2C - ok
22:24:39.0090 0x2910 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:24:39.0099 0x2910 iaStorAV - ok
22:24:39.0108 0x2910 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:24:39.0114 0x2910 iaStorV - ok
22:24:39.0125 0x2910 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
22:24:39.0132 0x2910 ibbus - ok
22:24:39.0138 0x2910 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
22:24:39.0143 0x2910 icssvc - ok
22:24:39.0159 0x2910 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:24:39.0172 0x2910 IKEEXT - ok
22:24:39.0175 0x2910 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
22:24:39.0176 0x2910 IndirectKmd - ok
22:24:39.0181 0x2910 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:24:39.0182 0x2910 intelide - ok
22:24:39.0185 0x2910 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:24:39.0186 0x2910 intelpep - ok
22:24:39.0190 0x2910 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:24:39.0192 0x2910 intelppm - ok
22:24:39.0195 0x2910 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
22:24:39.0197 0x2910 iorate - ok
22:24:39.0200 0x2910 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:24:39.0203 0x2910 IpFilterDriver - ok
22:24:39.0219 0x2910 [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:24:39.0232 0x2910 iphlpsvc - ok
22:24:39.0237 0x2910 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:24:39.0239 0x2910 IPMIDRV - ok
22:24:39.0245 0x2910 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:24:39.0248 0x2910 IPNAT - ok
22:24:39.0252 0x2910 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
22:24:39.0254 0x2910 irda - ok
22:24:39.0257 0x2910 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:24:39.0258 0x2910 IRENUM - ok
22:24:39.0261 0x2910 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
22:24:39.0263 0x2910 irmon - ok
22:24:39.0265 0x2910 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:24:39.0266 0x2910 isapnp - ok
22:24:39.0273 0x2910 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:24:39.0277 0x2910 iScsiPrt - ok
22:24:39.0280 0x2910 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:24:39.0281 0x2910 kbdclass - ok
22:24:39.0284 0x2910 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:24:39.0285 0x2910 kbdhid - ok
22:24:39.0288 0x2910 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
22:24:39.0289 0x2910 kdnic - ok
22:24:39.0292 0x2910 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
22:24:39.0294 0x2910 KeyIso - ok
22:24:39.0298 0x2910 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:24:39.0300 0x2910 KSecDD - ok
22:24:39.0306 0x2910 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:24:39.0308 0x2910 KSecPkg - ok
22:24:39.0312 0x2910 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
22:24:39.0313 0x2910 ksthunk - ok
22:24:39.0321 0x2910 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:24:39.0327 0x2910 KtmRm - ok
22:24:39.0334 0x2910 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:24:39.0340 0x2910 LanmanServer - ok
22:24:39.0347 0x2910 [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:24:39.0352 0x2910 LanmanWorkstation - ok
22:24:39.0357 0x2910 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
22:24:39.0358 0x2910 lfsvc - ok
22:24:39.0362 0x2910 [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
22:24:39.0363 0x2910 LGBusEnum - ok
22:24:39.0366 0x2910 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
22:24:39.0367 0x2910 LGCoreTemp - ok
22:24:39.0372 0x2910 [ C582EBCB331D4D45F4956ACF3D82F674, 154E889036E825FA8EE9D45262AFCEE15ADB07459AAAA7B68F97DEB727B1859E ] LGJoyHidFilter C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys
22:24:39.0373 0x2910 LGJoyHidFilter - ok
22:24:39.0377 0x2910 [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
22:24:39.0378 0x2910 LGJoyXlCore - ok
22:24:39.0381 0x2910 [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
22:24:39.0382 0x2910 LGVirHid - ok
22:24:39.0385 0x2910 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
22:24:39.0386 0x2910 LicenseManager - ok
22:24:39.0390 0x2910 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
22:24:39.0391 0x2910 lltdio - ok
22:24:39.0397 0x2910 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:24:39.0402 0x2910 lltdsvc - ok
22:24:39.0405 0x2910 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:24:39.0407 0x2910 lmhosts - ok
22:24:39.0411 0x2910 [ AFAF34BF6BD10379FF13BFA086EFF857, E22E114E97EA65B80D6A9252C71E4C016A0B80B82C64426B679773305EFE8C88 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
22:24:39.0414 0x2910 LogiRegistryService - ok
22:24:39.0420 0x2910 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:24:39.0422 0x2910 LSI_SAS - ok
22:24:39.0426 0x2910 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
22:24:39.0428 0x2910 LSI_SAS2i - ok
22:24:39.0433 0x2910 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
22:24:39.0435 0x2910 LSI_SAS3i - ok
22:24:39.0438 0x2910 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:24:39.0440 0x2910 LSI_SSS - ok
22:24:39.0452 0x2910 [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll
22:24:39.0462 0x2910 LSM - ok
22:24:39.0467 0x2910 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:24:39.0469 0x2910 luafv - ok
22:24:39.0473 0x2910 [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker C:\WINDOWS\System32\moshost.dll
22:24:39.0475 0x2910 MapsBroker - ok
22:24:39.0479 0x2910 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:24:39.0481 0x2910 megasas - ok
22:24:39.0484 0x2910 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
22:24:39.0485 0x2910 megasas2i - ok
22:24:39.0496 0x2910 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:24:39.0504 0x2910 megasr - ok
22:24:39.0510 0x2910 [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
22:24:39.0513 0x2910 MEIx64 - ok
22:24:39.0517 0x2910 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:24:39.0519 0x2910 MessagingService - ok
22:24:39.0534 0x2910 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
22:24:39.0545 0x2910 mlx4_bus - ok
22:24:39.0549 0x2910 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
22:24:39.0550 0x2910 MMCSS - ok
22:24:39.0553 0x2910 [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:24:39.0554 0x2910 Modem - ok
22:24:39.0557 0x2910 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:24:39.0558 0x2910 monitor - ok
22:24:39.0561 0x2910 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:24:39.0563 0x2910 mouclass - ok
22:24:39.0565 0x2910 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:24:39.0566 0x2910 mouhid - ok
22:24:39.0570 0x2910 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:24:39.0572 0x2910 mountmgr - ok
22:24:39.0575 0x2910 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:24:39.0577 0x2910 mpsdrv - ok
22:24:39.0592 0x2910 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:24:39.0605 0x2910 MpsSvc - ok
22:24:39.0610 0x2910 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:24:39.0613 0x2910 MRxDAV - ok
22:24:39.0622 0x2910 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:24:39.0629 0x2910 mrxsmb - ok
22:24:39.0635 0x2910 [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:24:39.0639 0x2910 mrxsmb10 - ok
22:24:39.0645 0x2910 [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:24:39.0648 0x2910 mrxsmb20 - ok
22:24:39.0652 0x2910 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
22:24:39.0654 0x2910 MsBridge - ok
22:24:39.0659 0x2910 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:24:39.0662 0x2910 MSDTC - ok
22:24:39.0667 0x2910 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:24:39.0668 0x2910 Msfs - ok
22:24:39.0671 0x2910 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:24:39.0672 0x2910 msgpiowin32 - ok
22:24:39.0674 0x2910 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:24:39.0675 0x2910 mshidkmdf - ok
22:24:39.0678 0x2910 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:24:39.0678 0x2910 mshidumdf - ok
22:24:39.0682 0x2910 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:24:39.0682 0x2910 msisadrv - ok
22:24:39.0687 0x2910 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:24:39.0690 0x2910 MSiSCSI - ok
22:24:39.0692 0x2910 msiserver - ok
22:24:39.0696 0x2910 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
22:24:39.0697 0x2910 MSKSSRV - ok
22:24:39.0700 0x2910 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
22:24:39.0702 0x2910 MsLldp - ok
22:24:39.0704 0x2910 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
22:24:39.0705 0x2910 MSPCLOCK - ok
22:24:39.0707 0x2910 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
22:24:39.0708 0x2910 MSPQM - ok
22:24:39.0715 0x2910 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:24:39.0721 0x2910 MsRPC - ok
22:24:39.0727 0x2910 [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
22:24:39.0730 0x2910 MsSecFlt - ok
22:24:39.0733 0x2910 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:24:39.0734 0x2910 mssmbios - ok
22:24:39.0737 0x2910 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
22:24:39.0738 0x2910 MSTEE - ok
22:24:39.0740 0x2910 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:24:39.0741 0x2910 MTConfig - ok
22:24:39.0745 0x2910 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:24:39.0747 0x2910 Mup - ok
22:24:39.0750 0x2910 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:24:39.0752 0x2910 mvumis - ok
22:24:39.0763 0x2910 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:24:39.0770 0x2910 NativeWifiP - ok
22:24:39.0776 0x2910 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:24:39.0779 0x2910 NcaSvc - ok
22:24:39.0787 0x2910 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:24:39.0792 0x2910 NcbService - ok
22:24:39.0796 0x2910 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:24:39.0798 0x2910 NcdAutoSetup - ok
22:24:39.0802 0x2910 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
22:24:39.0804 0x2910 ndfltr - ok
22:24:39.0824 0x2910 [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:24:39.0841 0x2910 NDIS - ok
22:24:39.0845 0x2910 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
22:24:39.0847 0x2910 NdisCap - ok
22:24:39.0851 0x2910 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:24:39.0853 0x2910 NdisImPlatform - ok
22:24:39.0856 0x2910 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:24:39.0857 0x2910 NdisTapi - ok
22:24:39.0874 0x2910 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
22:24:39.0884 0x2910 Ndisuio - ok
22:24:39.0887 0x2910 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:24:39.0888 0x2910 NdisVirtualBus - ok
22:24:39.0914 0x2910 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
22:24:39.0918 0x2910 NdisWan - ok
22:24:39.0923 0x2910 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:24:39.0925 0x2910 ndiswanlegacy - ok
22:24:39.0929 0x2910 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
22:24:39.0930 0x2910 ndproxy - ok
22:24:39.0934 0x2910 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:24:39.0937 0x2910 Ndu - ok
22:24:39.0941 0x2910 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
22:24:39.0942 0x2910 NetAdapterCx - ok
22:24:39.0946 0x2910 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
22:24:39.0947 0x2910 NetBIOS - ok
22:24:39.0954 0x2910 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:24:39.0957 0x2910 NetBT - ok
22:24:39.0961 0x2910 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:24:39.0962 0x2910 Netlogon - ok
22:24:39.0969 0x2910 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
22:24:39.0974 0x2910 Netman - ok
22:24:39.0984 0x2910 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:24:39.0991 0x2910 netprofm - ok
22:24:39.0998 0x2910 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
22:24:40.0003 0x2910 NetSetupSvc - ok
22:24:40.0009 0x2910 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:24:40.0014 0x2910 NetTcpPortSharing - ok
22:24:40.0023 0x2910 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
22:24:40.0028 0x2910 NgcCtnrSvc - ok
22:24:40.0045 0x2910 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
22:24:40.0060 0x2910 NgcSvc - ok
22:24:40.0068 0x2910 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:24:40.0074 0x2910 NlaSvc - ok
22:24:40.0078 0x2910 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:24:40.0078 0x2910 Npfs - ok
22:24:40.0081 0x2910 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:24:40.0082 0x2910 npsvctrig - ok
22:24:40.0085 0x2910 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
22:24:40.0087 0x2910 nsi - ok
22:24:40.0090 0x2910 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:24:40.0091 0x2910 nsiproxy - ok
22:24:40.0126 0x2910 [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
22:24:40.0156 0x2910 NTFS - ok
22:24:40.0160 0x2910 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:24:40.0161 0x2910 Null - ok
22:24:40.0169 0x2910 [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:24:40.0177 0x2910 NvContainerLocalSystem - ok
22:24:40.0185 0x2910 [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
22:24:40.0190 0x2910 NvContainerNetworkService - ok
22:24:40.0198 0x2910 [ 207A78939B7BBA0EFE8BFA947A35E71C, BB7DDFED575F81CAB958DDC7CFF2D798EB14DAE633F49FA2229D98BDC489C0EE ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
22:24:40.0200 0x2910 NVHDA - ok
22:24:40.0406 0x2910 [ 9337A5F17702A0FFE1E6C6978619B872, 8D4505BA62977BFE8C01F1ABD027AFBAEAA0D3EA6336865E46C28818471B196E ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys
22:24:40.0617 0x2910 nvlddmkm - ok
22:24:40.0633 0x2910 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:24:40.0636 0x2910 nvraid - ok
22:24:40.0641 0x2910 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:24:40.0644 0x2910 nvstor - ok
22:24:40.0646 0x2910 [ 6C672A80B4FBF160E2814EAE0AB3020B, FD5BDE067D29AA9FC20D7C571607D3AC351BFD65EF6E0C75374A2D9C0B17FED3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:24:40.0647 0x2910 NvStreamKms - ok
22:24:40.0656 0x2910 [ 282423AA3B0648082647103A5C42B66C, 5C8DBE5A95C1232E7D0F84E6A8749550C0026F2139D136E94347C2FB2E772950 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
22:24:40.0662 0x2910 NvTelemetryContainer - ok
22:24:40.0666 0x2910 [ 54ABC4EA39DDE92977DCE644D325213A, D754E5D0418B3C48AD9988D1A2705975C78C8B87990E211651C388A76FB17E51 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
22:24:40.0667 0x2910 nvvad_WaveExtensible - ok
22:24:40.0671 0x2910 [ 61BD2E2560FD1C5E0A8B8738816A0B93, 1057A6C4F7D04E81BFFD5B806295B3A5D12DE4D13F66E8542426D83D97E68C97 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
22:24:40.0672 0x2910 nvvhci - ok
22:24:40.0679 0x2910 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
22:24:40.0684 0x2910 OneSyncSvc - ok
22:24:40.0768 0x2910 [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service G:\Origin\OriginClientService.exe
22:24:40.0797 0x2910 Origin Client Service - ok
22:24:40.0866 0x2910 [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service G:\Origin\OriginWebHelperService.exe
22:24:40.0919 0x2910 Origin Web Helper Service - ok
22:24:40.0927 0x2910 [ 58327B7E7C4E325C66B7C4A5220CE5F4, FF66411B23A195CA3C64F5409F2E2C6F88CB01034A4C9DDCA565DE0E144ABC13 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:24:40.0930 0x2910 ose64 - ok
22:24:40.0938 0x2910 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:24:40.0944 0x2910 p2pimsvc - ok
22:24:40.0953 0x2910 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:24:40.0960 0x2910 p2psvc - ok
22:24:40.0964 0x2910 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:24:40.0966 0x2910 Parport - ok
22:24:40.0971 0x2910 [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:24:40.0973 0x2910 partmgr - ok
22:24:40.0984 0x2910 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:24:40.0992 0x2910 PcaSvc - ok
22:24:40.0999 0x2910 [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys
22:24:41.0004 0x2910 pci - ok
22:24:41.0007 0x2910 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:24:41.0008 0x2910 pciide - ok
22:24:41.0012 0x2910 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:24:41.0014 0x2910 pcmcia - ok
22:24:41.0017 0x2910 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:24:41.0018 0x2910 pcw - ok
22:24:41.0022 0x2910 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:24:41.0025 0x2910 pdc - ok
22:24:41.0032 0x2910 [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
22:24:41.0035 0x2910 PDFProFiltSrvPP - ok
22:24:41.0048 0x2910 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
22:24:41.0058 0x2910 PEAUTH - ok
22:24:41.0088 0x2910 [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
22:24:41.0115 0x2910 PeerDistSvc - ok
22:24:41.0120 0x2910 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
22:24:41.0122 0x2910 percsas2i - ok
22:24:41.0126 0x2910 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
22:24:41.0128 0x2910 percsas3i - ok
22:24:41.0140 0x2910 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
22:24:41.0142 0x2910 PerfHost - ok
22:24:41.0160 0x2910 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
22:24:41.0172 0x2910 PhoneSvc - ok
22:24:41.0178 0x2910 [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:24:41.0182 0x2910 PimIndexMaintenanceSvc - ok
22:24:41.0207 0x2910 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
22:24:41.0228 0x2910 pla - ok
22:24:41.0233 0x2910 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:24:41.0235 0x2910 PlugPlay - ok
22:24:41.0239 0x2910 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:24:41.0241 0x2910 PNRPAutoReg - ok
22:24:41.0248 0x2910 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:24:41.0253 0x2910 PNRPsvc - ok
22:24:41.0261 0x2910 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:24:41.0267 0x2910 PolicyAgent - ok
22:24:41.0272 0x2910 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
22:24:41.0276 0x2910 Power - ok
22:24:41.0280 0x2910 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
22:24:41.0282 0x2910 PptpMiniport - ok
22:24:41.0332 0x2910 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:24:41.0393 0x2910 PrintNotify - ok
22:24:41.0400 0x2910 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:24:41.0403 0x2910 Processor - ok
22:24:41.0410 0x2910 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:24:41.0416 0x2910 ProfSvc - ok
22:24:41.0422 0x2910 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
22:24:41.0424 0x2910 Psched - ok
22:24:41.0431 0x2910 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:24:41.0436 0x2910 QWAVE - ok
22:24:41.0439 0x2910 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:24:41.0440 0x2910 QWAVEdrv - ok
22:24:41.0443 0x2910 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:24:41.0444 0x2910 RasAcd - ok
22:24:41.0448 0x2910 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
22:24:41.0450 0x2910 RasAgileVpn - ok
22:24:41.0453 0x2910 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:24:41.0456 0x2910 RasAuto - ok
22:24:41.0460 0x2910 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
22:24:41.0462 0x2910 Rasl2tp - ok
22:24:41.0475 0x2910 [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan C:\WINDOWS\System32\rasmans.dll
22:24:41.0489 0x2910 RasMan - ok
22:24:41.0494 0x2910 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:24:41.0496 0x2910 RasPppoe - ok
22:24:41.0500 0x2910 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
22:24:41.0501 0x2910 RasSstp - ok
22:24:41.0510 0x2910 [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:24:41.0516 0x2910 rdbss - ok
22:24:41.0520 0x2910 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:24:41.0521 0x2910 rdpbus - ok
22:24:41.0526 0x2910 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:24:41.0528 0x2910 RDPDR - ok
22:24:41.0534 0x2910 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:24:41.0534 0x2910 RdpVideoMiniport - ok
22:24:41.0541 0x2910 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:24:41.0545 0x2910 rdyboost - ok
22:24:41.0561 0x2910 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
22:24:41.0574 0x2910 ReFSv1 - ok
22:24:41.0585 0x2910 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:24:41.0594 0x2910 RemoteAccess - ok
22:24:41.0599 0x2910 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:24:41.0603 0x2910 RemoteRegistry - ok
22:24:41.0615 0x2910 [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo C:\WINDOWS\system32\RDXService.dll
22:24:41.0625 0x2910 RetailDemo - ok
22:24:41.0630 0x2910 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
22:24:41.0633 0x2910 RmSvc - ok
22:24:41.0637 0x2910 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:24:41.0640 0x2910 RpcEptMapper - ok
22:24:41.0642 0x2910 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
22:24:41.0644 0x2910 RpcLocator - ok
22:24:41.0658 0x2910 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:24:41.0669 0x2910 RpcSs - ok
22:24:41.0674 0x2910 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
22:24:41.0675 0x2910 rspndr - ok
22:24:41.0686 0x2910 [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
22:24:41.0694 0x2910 rt640x64 - ok
22:24:41.0697 0x2910 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:24:41.0698 0x2910 s3cap - ok
22:24:41.0701 0x2910 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
22:24:41.0703 0x2910 SamSs - ok
22:24:41.0707 0x2910 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:24:41.0709 0x2910 sbp2port - ok
22:24:41.0715 0x2910 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:24:41.0720 0x2910 SCardSvr - ok
22:24:41.0727 0x2910 [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:24:41.0731 0x2910 ScDeviceEnum - ok
22:24:41.0734 0x2910 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:24:41.0736 0x2910 scfilter - ok
22:24:41.0752 0x2910 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:24:41.0767 0x2910 Schedule - ok
22:24:41.0772 0x2910 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
22:24:41.0774 0x2910 scmbus - ok
22:24:41.0778 0x2910 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
22:24:41.0780 0x2910 scmdisk0101 - ok
22:24:41.0785 0x2910 [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:24:41.0787 0x2910 SCPolicySvc - ok
22:24:41.0794 0x2910 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:24:41.0799 0x2910 sdbus - ok
22:24:41.0803 0x2910 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
22:24:41.0807 0x2910 SDRSVC - ok
22:24:41.0811 0x2910 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:24:41.0813 0x2910 sdstor - ok
22:24:41.0816 0x2910 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
22:24:41.0818 0x2910 seclogon - ok
22:24:41.0822 0x2910 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
22:24:41.0824 0x2910 SENS - ok
22:24:41.0826 0x2910 Sense - ok
|
|
09.03.2017, 22:36
| #4 |
| | AdChoices im Firefox Und pt 2: Code:
ATTFilter 22:24:41.0848 0x2910 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:24:41.0868 0x2910 SensorDataService - ok
22:24:41.0877 0x2910 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
22:24:41.0884 0x2910 SensorService - ok
22:24:41.0889 0x2910 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:24:41.0893 0x2910 SensrSvc - ok
22:24:41.0897 0x2910 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:24:41.0898 0x2910 SerCx - ok
22:24:41.0904 0x2910 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:24:41.0907 0x2910 SerCx2 - ok
22:24:41.0909 0x2910 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:24:41.0910 0x2910 Serenum - ok
22:24:41.0914 0x2910 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:24:41.0916 0x2910 Serial - ok
22:24:41.0918 0x2910 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:24:41.0920 0x2910 sermouse - ok
22:24:41.0931 0x2910 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:24:41.0937 0x2910 SessionEnv - ok
22:24:41.0947 0x2910 [ 02DED435FCAA1C02959051AF636E154A, 055DBC64F697085820FC4872586E00E4F71B35AA43841F124CA577CF0B49E753 ] sesvc D:\ShadowExplorer\sesvc.exe
22:24:41.0948 0x2910 sesvc - ok
22:24:41.0951 0x2910 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:24:41.0952 0x2910 sfloppy - ok
22:24:41.0963 0x2910 [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:24:41.0972 0x2910 SharedAccess - ok
22:24:41.0985 0x2910 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:24:41.0994 0x2910 ShellHWDetection - ok
22:24:42.0000 0x2910 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
22:24:42.0004 0x2910 shpamsvc - ok
22:24:42.0007 0x2910 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:24:42.0008 0x2910 SiSRaid2 - ok
22:24:42.0012 0x2910 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:24:42.0013 0x2910 SiSRaid4 - ok
22:24:42.0021 0x2910 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate D:\Skype\Updater\Updater.exe
22:24:42.0026 0x2910 SkypeUpdate - ok
22:24:42.0029 0x2910 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
22:24:42.0032 0x2910 smphost - ok
22:24:42.0042 0x2910 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
22:24:42.0052 0x2910 SmsRouter - ok
22:24:42.0058 0x2910 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:24:42.0060 0x2910 SNMPTRAP - ok
22:24:42.0070 0x2910 [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:24:42.0077 0x2910 spaceport - ok
22:24:42.0081 0x2910 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:24:42.0083 0x2910 SpbCx - ok
22:24:42.0098 0x2910 [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:24:42.0111 0x2910 Spooler - ok
22:24:42.0191 0x2910 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:24:42.0265 0x2910 sppsvc - ok
22:24:42.0278 0x2910 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:24:42.0284 0x2910 srv - ok
22:24:42.0297 0x2910 [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:24:42.0307 0x2910 srv2 - ok
22:24:42.0314 0x2910 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:24:42.0318 0x2910 srvnet - ok
22:24:42.0324 0x2910 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:24:42.0328 0x2910 SSDPSRV - ok
22:24:42.0334 0x2910 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:24:42.0338 0x2910 SstpSvc - ok
22:24:42.0343 0x2910 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:24:42.0346 0x2910 ssudmdm - ok
22:24:42.0405 0x2910 [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
22:24:42.0460 0x2910 StateRepository - ok
22:24:42.0486 0x2910 [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:24:42.0505 0x2910 Steam Client Service - ok
22:24:42.0509 0x2910 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:24:42.0510 0x2910 stexstor - ok
22:24:42.0522 0x2910 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
22:24:42.0532 0x2910 stisvc - ok
22:24:42.0537 0x2910 [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:24:42.0539 0x2910 storahci - ok
22:24:42.0542 0x2910 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
22:24:42.0543 0x2910 storflt - ok
22:24:42.0547 0x2910 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:24:42.0549 0x2910 stornvme - ok
22:24:42.0552 0x2910 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
22:24:42.0553 0x2910 storqosflt - ok
22:24:42.0562 0x2910 [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:24:42.0569 0x2910 StorSvc - ok
22:24:42.0572 0x2910 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
22:24:42.0573 0x2910 storufs - ok
22:24:42.0576 0x2910 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:24:42.0577 0x2910 storvsc - ok
22:24:42.0580 0x2910 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
22:24:42.0582 0x2910 svsvc - ok
22:24:42.0584 0x2910 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:24:42.0585 0x2910 swenum - ok
22:24:42.0594 0x2910 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
22:24:42.0602 0x2910 swprv - ok
22:24:42.0605 0x2910 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:24:42.0606 0x2910 Synth3dVsc - ok
22:24:42.0623 0x2910 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
22:24:42.0637 0x2910 SysMain - ok
22:24:42.0646 0x2910 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:24:42.0652 0x2910 SystemEventsBroker - ok
22:24:42.0658 0x2910 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:24:42.0662 0x2910 TabletInputService - ok
22:24:42.0668 0x2910 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:24:42.0674 0x2910 TapiSrv - ok
22:24:42.0712 0x2910 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:24:42.0746 0x2910 Tcpip - ok
22:24:42.0786 0x2910 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
22:24:42.0814 0x2910 Tcpip6 - ok
22:24:42.0820 0x2910 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:24:42.0821 0x2910 tcpipreg - ok
22:24:42.0826 0x2910 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:24:42.0829 0x2910 tdx - ok
22:24:42.0832 0x2910 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:24:42.0833 0x2910 terminpt - ok
22:24:42.0850 0x2910 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
22:24:42.0863 0x2910 TermService - ok
22:24:42.0867 0x2910 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
22:24:42.0870 0x2910 Themes - ok
22:24:42.0877 0x2910 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:24:42.0882 0x2910 TieringEngineService - ok
22:24:42.0893 0x2910 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
22:24:42.0902 0x2910 tiledatamodelsvc - ok
22:24:42.0909 0x2910 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
22:24:42.0913 0x2910 TimeBrokerSvc - ok
22:24:42.0919 0x2910 [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
22:24:42.0922 0x2910 TPM - ok
22:24:42.0926 0x2910 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:24:42.0930 0x2910 TrkWks - ok
22:24:42.0934 0x2910 [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:24:42.0936 0x2910 TrustedInstaller - ok
22:24:42.0941 0x2910 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
22:24:42.0942 0x2910 tsusbflt - ok
22:24:42.0945 0x2910 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:24:42.0946 0x2910 TsUsbGD - ok
22:24:42.0950 0x2910 [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
22:24:42.0952 0x2910 tsusbhub - ok
22:24:42.0957 0x2910 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
22:24:42.0959 0x2910 tunnel - ok
22:24:42.0963 0x2910 [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
22:24:42.0966 0x2910 tzautoupdate - ok
22:24:42.0971 0x2910 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:24:42.0973 0x2910 UASPStor - ok
22:24:42.0976 0x2910 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
22:24:42.0978 0x2910 UcmCx0101 - ok
22:24:42.0982 0x2910 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
22:24:42.0984 0x2910 UcmTcpciCx0101 - ok
22:24:42.0987 0x2910 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:24:42.0988 0x2910 UcmUcsi - ok
22:24:42.0993 0x2910 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
22:24:42.0997 0x2910 Ucx01000 - ok
22:24:43.0000 0x2910 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
22:24:43.0001 0x2910 UdeCx - ok
22:24:43.0009 0x2910 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:24:43.0014 0x2910 udfs - ok
22:24:43.0016 0x2910 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:24:43.0017 0x2910 UEFI - ok
22:24:43.0020 0x2910 [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
22:24:43.0022 0x2910 UevAgentDriver - ok
22:24:43.0041 0x2910 [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
22:24:43.0058 0x2910 UevAgentService - ok
22:24:43.0065 0x2910 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
22:24:43.0069 0x2910 Ufx01000 - ok
22:24:43.0073 0x2910 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
22:24:43.0076 0x2910 UfxChipidea - ok
22:24:43.0080 0x2910 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
22:24:43.0082 0x2910 ufxsynopsys - ok
22:24:43.0088 0x2910 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:24:43.0090 0x2910 UI0Detect - ok
22:24:43.0093 0x2910 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:24:43.0095 0x2910 umbus - ok
22:24:43.0097 0x2910 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:24:43.0098 0x2910 UmPass - ok
22:24:43.0104 0x2910 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:24:43.0109 0x2910 UmRdpService - ok
22:24:43.0129 0x2910 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
22:24:43.0151 0x2910 UnistoreSvc - ok
22:24:43.0195 0x2910 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:24:43.0258 0x2910 upnphost - ok
22:24:43.0278 0x2910 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
22:24:43.0288 0x2910 UrsChipidea - ok
22:24:43.0316 0x2910 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
22:24:43.0345 0x2910 UrsCx01000 - ok
22:24:43.0351 0x2910 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
22:24:43.0353 0x2910 UrsSynopsys - ok
22:24:43.0362 0x2910 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:24:43.0368 0x2910 usbccgp - ok
22:24:43.0378 0x2910 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:24:43.0380 0x2910 usbcir - ok
22:24:43.0385 0x2910 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:24:43.0386 0x2910 usbehci - ok
22:24:43.0398 0x2910 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:24:43.0407 0x2910 usbhub - ok
22:24:43.0418 0x2910 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:24:43.0426 0x2910 USBHUB3 - ok
22:24:43.0429 0x2910 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:24:43.0431 0x2910 usbohci - ok
22:24:43.0434 0x2910 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:24:43.0435 0x2910 usbprint - ok
22:24:43.0438 0x2910 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:24:43.0439 0x2910 usbscan - ok
22:24:43.0443 0x2910 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
22:24:43.0444 0x2910 usbser - ok
22:24:43.0448 0x2910 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:24:43.0451 0x2910 USBSTOR - ok
22:24:43.0454 0x2910 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:24:43.0455 0x2910 usbuhci - ok
22:24:43.0463 0x2910 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:24:43.0468 0x2910 USBXHCI - ok
22:24:43.0492 0x2910 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
22:24:43.0514 0x2910 UserDataSvc - ok
22:24:43.0533 0x2910 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\WINDOWS\System32\usermgr.dll
22:24:43.0549 0x2910 UserManager - ok
22:24:43.0560 0x2910 [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc C:\WINDOWS\system32\usocore.dll
22:24:43.0569 0x2910 UsoSvc - ok
22:24:43.0573 0x2910 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:24:43.0574 0x2910 VaultSvc - ok
22:24:43.0576 0x2910 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\WINDOWS\System32\drivers\VClone.sys
22:24:43.0577 0x2910 VClone - ok
22:24:43.0581 0x2910 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:24:43.0582 0x2910 vdrvroot - ok
22:24:43.0595 0x2910 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
22:24:43.0604 0x2910 vds - ok
22:24:43.0610 0x2910 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:24:43.0613 0x2910 VerifierExt - ok
22:24:43.0626 0x2910 [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:24:43.0636 0x2910 vhdmp - ok
22:24:43.0639 0x2910 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
22:24:43.0640 0x2910 vhf - ok
22:24:43.0643 0x2910 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:24:43.0646 0x2910 vmbus - ok
22:24:43.0649 0x2910 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:24:43.0650 0x2910 VMBusHID - ok
22:24:43.0652 0x2910 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
22:24:43.0653 0x2910 vmgid - ok
22:24:43.0660 0x2910 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
22:24:43.0665 0x2910 vmicguestinterface - ok
22:24:43.0672 0x2910 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
22:24:43.0676 0x2910 vmicheartbeat - ok
22:24:43.0682 0x2910 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
22:24:43.0686 0x2910 vmickvpexchange - ok
22:24:43.0694 0x2910 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
22:24:43.0700 0x2910 vmicrdv - ok
22:24:43.0707 0x2910 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
22:24:43.0711 0x2910 vmicshutdown - ok
22:24:43.0717 0x2910 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
22:24:43.0721 0x2910 vmictimesync - ok
22:24:43.0728 0x2910 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
22:24:43.0732 0x2910 vmicvmsession - ok
22:24:43.0740 0x2910 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
22:24:43.0744 0x2910 vmicvss - ok
22:24:43.0749 0x2910 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:24:43.0751 0x2910 volmgr - ok
22:24:43.0759 0x2910 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:24:43.0763 0x2910 volmgrx - ok
22:24:43.0772 0x2910 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:24:43.0778 0x2910 volsnap - ok
22:24:43.0781 0x2910 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
22:24:43.0781 0x2910 volume - ok
22:24:43.0785 0x2910 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
22:24:43.0786 0x2910 vpci - ok
22:24:43.0791 0x2910 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:24:43.0794 0x2910 vsmraid - ok
22:24:43.0817 0x2910 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
22:24:43.0838 0x2910 VSS - ok
22:24:43.0846 0x2910 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:24:43.0850 0x2910 VSTXRAID - ok
22:24:43.0854 0x2910 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:24:43.0855 0x2910 vwifibus - ok
22:24:43.0858 0x2910 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
22:24:43.0860 0x2910 vwififlt - ok
22:24:43.0870 0x2910 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
22:24:43.0879 0x2910 W32Time - ok
22:24:43.0882 0x2910 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:24:43.0883 0x2910 WacomPen - ok
22:24:43.0892 0x2910 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
22:24:43.0900 0x2910 WalletService - ok
22:24:43.0906 0x2910 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:24:43.0908 0x2910 wanarp - ok
22:24:43.0910 0x2910 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:24:43.0912 0x2910 wanarpv6 - ok
22:24:43.0937 0x2910 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
22:24:43.0959 0x2910 wbengine - ok
22:24:43.0975 0x2910 [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:24:43.0988 0x2910 WbioSrvc - ok
22:24:43.0993 0x2910 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
22:24:43.0995 0x2910 wcifs - ok
22:24:44.0008 0x2910 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:24:44.0019 0x2910 Wcmsvc - ok
22:24:44.0029 0x2910 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:24:44.0036 0x2910 wcncsvc - ok
22:24:44.0040 0x2910 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
22:24:44.0041 0x2910 wcnfs - ok
22:24:44.0045 0x2910 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:24:44.0047 0x2910 WdBoot - ok
22:24:44.0050 0x2910 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
22:24:44.0051 0x2910 WDC_SAM - ok
22:24:44.0066 0x2910 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:24:44.0077 0x2910 Wdf01000 - ok
22:24:44.0084 0x2910 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:24:44.0089 0x2910 WdFilter - ok
22:24:44.0093 0x2910 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:24:44.0096 0x2910 WdiServiceHost - ok
22:24:44.0099 0x2910 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:24:44.0102 0x2910 WdiSystemHost - ok
22:24:44.0114 0x2910 [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
22:24:44.0125 0x2910 wdiwifi - ok
22:24:44.0130 0x2910 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:24:44.0132 0x2910 WdNisDrv - ok
22:24:44.0134 0x2910 WdNisSvc - ok
22:24:44.0141 0x2910 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:24:44.0145 0x2910 WebClient - ok
22:24:44.0151 0x2910 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:24:44.0155 0x2910 Wecsvc - ok
22:24:44.0159 0x2910 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:24:44.0161 0x2910 WEPHOSTSVC - ok
22:24:44.0165 0x2910 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:24:44.0167 0x2910 wercplsupport - ok
22:24:44.0173 0x2910 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:24:44.0177 0x2910 WerSvc - ok
22:24:44.0181 0x2910 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
22:24:44.0184 0x2910 WFPLWFS - ok
22:24:44.0187 0x2910 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:24:44.0190 0x2910 WiaRpc - ok
22:24:44.0194 0x2910 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:24:44.0195 0x2910 WIMMount - ok
22:24:44.0197 0x2910 WinDefend - ok
22:24:44.0205 0x2910 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:24:44.0207 0x2910 WindowsTrustedRT - ok
22:24:44.0209 0x2910 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:24:44.0210 0x2910 WindowsTrustedRTProxy - ok
22:24:44.0225 0x2910 [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:24:44.0238 0x2910 WinHttpAutoProxySvc - ok
22:24:44.0241 0x2910 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
22:24:44.0243 0x2910 WinMad - ok
22:24:44.0250 0x2910 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:24:44.0254 0x2910 Winmgmt - ok
22:24:44.0295 0x2910 [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:24:44.0334 0x2910 WinRM - ok
22:24:44.0342 0x2910 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
22:24:44.0344 0x2910 WINUSB - ok
22:24:44.0347 0x2910 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
22:24:44.0349 0x2910 WinVerbs - ok
22:24:44.0361 0x2910 [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc C:\WINDOWS\system32\flightsettings.dll
22:24:44.0371 0x2910 wisvc - ok
22:24:44.0406 0x2910 [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:24:44.0440 0x2910 WlanSvc - ok
22:24:44.0474 0x2910 [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:24:44.0503 0x2910 wlidsvc - ok
22:24:44.0508 0x2910 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:24:44.0508 0x2910 WmiAcpi - ok
22:24:44.0515 0x2910 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:24:44.0519 0x2910 wmiApSrv - ok
22:24:44.0521 0x2910 WMPNetworkSvc - ok
22:24:44.0527 0x2910 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:24:44.0530 0x2910 Wof - ok
22:24:44.0559 0x2910 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:24:44.0586 0x2910 workfolderssvc - ok
22:24:44.0591 0x2910 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:24:44.0594 0x2910 WPDBusEnum - ok
22:24:44.0597 0x2910 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:24:44.0598 0x2910 WpdUpFltr - ok
22:24:44.0604 0x2910 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
22:24:44.0608 0x2910 WpnService - ok
22:24:44.0613 0x2910 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
22:24:44.0616 0x2910 WpnUserService - ok
22:24:44.0621 0x2910 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:24:44.0622 0x2910 ws2ifsl - ok
22:24:44.0624 0x2910 [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudioDevice_383 C:\WINDOWS\system32\drivers\VirtualAudio.sys
22:24:44.0626 0x2910 WsAudioDevice_383 - ok
22:24:44.0631 0x2910 [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:24:44.0636 0x2910 wscsvc - ok
22:24:44.0638 0x2910 WSearch - ok
22:24:44.0674 0x2910 [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:24:44.0705 0x2910 wuauserv - ok
22:24:44.0711 0x2910 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:24:44.0714 0x2910 WudfPf - ok
22:24:44.0719 0x2910 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
22:24:44.0723 0x2910 WUDFRd - ok
22:24:44.0727 0x2910 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:24:44.0730 0x2910 wudfsvc - ok
22:24:44.0736 0x2910 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:24:44.0738 0x2910 WUDFWpdFs - ok
22:24:44.0743 0x2910 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:24:44.0746 0x2910 WUDFWpdMtp - ok
22:24:44.0767 0x2910 [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:24:44.0785 0x2910 WwanSvc - ok
22:24:44.0804 0x2910 [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
22:24:44.0825 0x2910 XblAuthManager - ok
22:24:44.0845 0x2910 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
22:24:44.0863 0x2910 XblGameSave - ok
22:24:44.0870 0x2910 [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
22:24:44.0874 0x2910 xboxgip - ok
22:24:44.0892 0x2910 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
22:24:44.0907 0x2910 XboxNetApiSvc - ok
22:24:44.0911 0x2910 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
22:24:44.0913 0x2910 xinputhid - ok
22:24:44.0977 0x2910 [ 380B1AE3C8E99FC2280967180FE4C513, 177507B966532B129760F2E1CCB6CFE04FFA5AA233D434168489EFBC65A7900A ] {41E8078B-96D9-42DC-8789-A1CF102CD880} D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl
22:24:44.0979 0x2910 {41E8078B-96D9-42DC-8789-A1CF102CD880} - ok
22:24:44.0982 0x2910 ================ Scan global ===============================
22:24:44.0988 0x2910 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
22:24:44.0999 0x2910 [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
22:24:45.0010 0x2910 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
22:24:45.0028 0x2910 [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
22:24:45.0036 0x2910 [ Global ] - ok
22:24:45.0036 0x2910 ================ Scan MBR ==================================
22:24:45.0038 0x2910 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:24:45.0076 0x2910 \Device\Harddisk0\DR0 - ok
22:24:45.0092 0x2910 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:24:45.0100 0x2910 \Device\Harddisk1\DR1 - ok
22:24:45.0101 0x2910 ================ Scan VBR ==================================
22:24:45.0104 0x2910 [ 4660A07DB99858BA5E7F978200436AE4 ] \Device\Harddisk0\DR0\Partition1
22:24:45.0106 0x2910 \Device\Harddisk0\DR0\Partition1 - ok
22:24:45.0109 0x2910 [ 8684D3BD1C65DD2197926B1479E260AD ] \Device\Harddisk0\DR0\Partition2
22:24:45.0110 0x2910 \Device\Harddisk0\DR0\Partition2 - ok
22:24:45.0114 0x2910 [ 6FCFE879066021F6FDA7887B147C0DFD ] \Device\Harddisk1\DR1\Partition1
22:24:45.0116 0x2910 \Device\Harddisk1\DR1\Partition1 - ok
22:24:45.0119 0x2910 [ 998048D14C91FFF5A91C1D94B8D86E5C ] \Device\Harddisk1\DR1\Partition2
22:24:45.0121 0x2910 \Device\Harddisk1\DR1\Partition2 - ok
22:24:45.0124 0x2910 [ 6DC71BB652AE74AE33951297819ADA68 ] \Device\Harddisk1\DR1\Partition3
22:24:45.0126 0x2910 \Device\Harddisk1\DR1\Partition3 - ok
22:24:45.0129 0x2910 [ 62EFB9DB817C53C0DF95EDA235F5289D ] \Device\Harddisk1\DR1\Partition4
22:24:45.0131 0x2910 \Device\Harddisk1\DR1\Partition4 - ok
22:24:45.0134 0x2910 [ 4F391211AAFF8203FD61DED7F9C9D782 ] \Device\Harddisk1\DR1\Partition5
22:24:45.0136 0x2910 \Device\Harddisk1\DR1\Partition5 - ok
22:24:45.0137 0x2910 ================ Scan generic autorun ======================
22:24:45.0400 0x2910 [ 58D9B2F0E126B1842D93D7B8862BF02E, 2D5BF0CAA008C2B16014A4E711E9B7F05BC1FD771067627779815E8C48894EDB ] C:\Program Files\Logitech Gaming Software\LCore.exe
22:24:45.0615 0x2910 Launch LCore - ok
22:24:45.0628 0x2910 [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:24:45.0630 0x2910 Avira SystrayStartTrigger - ok
22:24:45.0646 0x2910 [ 1E0029B9936F42C86138EADB5C27439E, 0A57C0DF2E2995C45FB92D1229FFAA1493748F39F01FB53F9559C5AFB5C1CA13 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
22:24:45.0658 0x2910 avgnt - ok
22:24:45.0663 0x2910 Dropbox - ok
22:24:45.0684 0x2910 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] D:\VirtualCloneDrive\VCDDaemon.exe
22:24:45.0686 0x2910 VirtualCloneDrive - ok
22:24:45.0694 0x2910 [ C0F72AF517E27CFE23D4E37EC7FF7E9E, 2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
22:24:45.0698 0x2910 ControlCenter4 - ok
22:24:45.0781 0x2910 [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
22:24:45.0838 0x2910 BrStsMon00 - ok
22:24:45.0844 0x2910 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\WINDOWS\UpdReg.EXE
22:24:45.0846 0x2910 UpdReg - ok
22:24:45.0895 0x2910 [ 6F98C7DA1AE54B3151358971336B7B46, 3FE79211467DCC020C3D284B2DFA286677375004E92A742030EAE29A49A0BF76 ] D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
22:24:45.0921 0x2910 Sound Blaster Recon3D PCIe Control Panel - ok
22:24:45.0944 0x2910 [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
22:24:45.0961 0x2910 DivXUpdate - ok
22:24:45.0988 0x2910 [ 17A2294ED8BA499132BC7B067D43BC66, 4C79D2D63F43C0EDC1FC122676E0019BDF5E55DE7A1674462ABC664AB30D917A ] D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
22:24:45.0998 0x2910 PowerDVD16Agent - ok
22:24:46.0009 0x2910 [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:24:46.0016 0x2910 SunJavaUpdateSched - ok
22:24:46.0150 0x2910 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:24:46.0262 0x2910 OneDriveSetup - ok
22:24:46.0389 0x2910 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:24:46.0483 0x2910 OneDriveSetup - ok
22:24:46.0524 0x2910 [ B657BB057C2CC7B0EC5E7B30FA573729, B80EFB7F8A27C16C014A4EFA41AE362E4B26E508C57F09F294FD4E0A4C7D740D ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
22:24:46.0599 0x2910 uTorrent - ok
22:24:46.0603 0x2910 GoogleDriveSync - ok
22:24:46.0744 0x2910 [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
22:24:46.0862 0x2910 CCleaner Monitoring - ok
22:24:46.0868 0x2910 Waiting for KSN requests completion. In queue: 248
22:24:46.0966 0x2724 Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
22:24:47.0200 0x2724 Object send P2P result: true
22:24:47.0885 0x2910 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.151 ), 0x41000 ( enabled : updated )
22:24:47.0888 0x2910 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
22:24:47.0892 0x2910 Win FW state via NFP2: enabled ( trusted )
22:24:47.0991 0x2910 ============================================================
22:24:47.0991 0x2910 Scan finished
22:24:47.0991 0x2910 ============================================================
22:24:48.0002 0x0a28 Detected object count: 0
22:24:48.0002 0x0a28 Actual detected object count: 0
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von xxx (Administrator) auf SCHWOBB (09-03-2017 22:31:40)
Gestartet von H:\
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AO Kaspersky Lab) H:\Tools\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\xxx\AppData\Local\Temp\{27821D63-9BCC-4D9D-BF02-A508C57BEA88}\{5A9D2CE1-9B3D-4575-BC02-143DE56741BC}.exe
(Don HO don.h@free.fr) D:\NPP\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-09]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\features\{ba65d49e-9429-40ee-8d6e-203f1c721eb2}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-27]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-20] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-08] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-08] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-09 22:31 - 2017-03-09 22:31 - 00000000 ____D C:\FRST
2017-03-09 22:25 - 2017-03-09 22:25 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-09 22:24 - 2017-03-09 22:24 - 00271884 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 22:24 - 2017-03-09 22:24 - 00250064 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\09508804.sys
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-09 15:52 - 2017-03-09 15:52 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-08 23:10 - 2017-03-08 23:42 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-07 23:02 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:44 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-14 19:42 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-09 22:31 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-09 22:14 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-09 18:17 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-09 15:54 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-09 15:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 15:52 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-09 15:52 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-09 01:40 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 00:22 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-08 23:46 - 2016-07-16 23:57 - 01955412 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-08 23:46 - 2016-07-16 23:57 - 00508564 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-08 23:46 - 2015-10-04 16:26 - 04182586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-08 23:40 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 23:39 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:28 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-08 23:13 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-08 19:28 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 17:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 22:05 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:45 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-14 19:45 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-14 19:44 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 03:33 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-10 00:13 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 23:57 - 2016-08-14 12:14 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-08-14 12:14 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-08 18:03 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft
2017-02-07 00:58 - 2016-07-31 22:00 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-05 13:01
==================== Ende von FRST.txt ============================
|
|
09.03.2017, 22:40
| #5 |
| | AdChoices im Firefox Und addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von xxx (09-03-2017 22:32:07)
Gestartet von H:\
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Microsoft Office Proofing Tools 2016“ – lietuviu k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezicnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version: - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công c? Soát l?i Microsoft Office 2016 - Ti?ng Vi?t (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version: - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version: - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version: - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Româna (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version: - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016 - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzedzia sprawdzajace pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – ceština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovencina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – anglešcina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
???a?e?a ???ss???? e?????? t?? Microsoft Office 2016 - ???????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
?????? ????????? ????????? Microsoft Office 2016 – ?????????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
???????? ???????? ???????????? Microsoft Office 2016 — ??????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
??? ????? ?? Microsoft Office 2016 - ????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
???????? ????? Microsoft Office 2016 - ????? (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {2CBCE76D-98A7-4BEE-9286-B590D2202CF5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {6B78D56C-B7FE-43F6-9274-BB86AE74F7C3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {6BAC108C-EE9F-4AD7-9F78-A6EB7F065197} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {7BFE63DD-BEEF-41C8-AA84-3BBFC1702732} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {89645356-5169-40EC-80E3-E2ECE3D6A473} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {8E3B38A0-CA9A-4CB6-A1D5-5CE5F120EE67} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {ADAA096F-3EAC-4EF5-B8E2-E13566DD0B27} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-24 23:32 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-14 12:14 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Unlocker\UnlockerCOM.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () D:\NPP\Notepad++\NppShell_06.dll
2016-08-14 12:26 - 2016-08-14 12:26 - 00959168 _____ () C:\Users\xxx\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_xxxe-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-09 15:52 - 2017-03-09 15:52 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32api.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pywintypes27.dll
2017-03-09 15:52 - 2017-03-09 15:52 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pythoncom27.dll
2017-03-09 15:52 - 2017-03-09 15:52 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32com.shell.shell.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_hashlib.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._core_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._gdi_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._windows_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._controls_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._misc_.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pysqlite2._sqlite.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_ctypes.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\unicodedata.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32file.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32security.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\hashobjs_ext.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\thumbnails_ext.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\usb_ext.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\common.time34.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32event.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32gui.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_socket.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_ssl.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_elementtree.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\pyexpat.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32inet.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_psutil_windows.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\windows._lib_cacheinvalidation.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32crypt.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._wizard.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._html2.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_multiprocessing.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\_yappi.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32process.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\wx._animate.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32pipe.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\select.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32pdh.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32profile.pyd
2017-03-09 15:52 - 2017-03-09 15:52 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI56922\win32ts.pyd
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-09-24 23:32 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 20:45 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-11-27 18:55 - 2016-11-27 18:55 - 00021680 _____ () D:\NPP\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () D:\NPP\Notepad++\plugins\NppFTP.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6D89BEBC-8468-4295-B7B1-F8FB62468B37}] => (Allow) LPort=30751
FirewallRules: [{B49AC9AC-B1CF-44F7-82A6-E31837715F1E}] => (Allow) LPort=30751
FirewallRules: [{5B697788-59A3-4747-B76A-E5EDDE0605DC}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{41925E06-A9CD-47E3-BEC1-3A1D93175331}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C1CE0476-BA3F-4EC0-A323-0D82BB6DDD5C}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{BDDAC986-77B7-4F20-9150-032A108F65AF}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{2D7EAAEE-09A9-4634-A9B1-F3D04B1F44AA}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{840E6FB1-4C73-4892-A8AC-09A0164069D5}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CD2B6346-5FB9-40F0-BCDA-E07A0429522E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CBB679C-08AE-4D50-82BA-C5BA5E179045}] => (Allow) LPort=2869
FirewallRules: [{C36766D1-DBB8-426D-B9F3-C96698E14676}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2FD0D92D-D739-47BE-9618-CB3A63C437E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{2D525972-9794-40D3-A02B-A5CACA96D2B0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{C9669401-FED5-4CFB-B728-D3709671ABFF}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{BCA95B63-B100-4C15-A111-DF8BF46455F7}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{7BE4898B-E4A5-4E3D-9E64-EF7F280C6134}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FE48F9E-0E31-43B9-A9F9-5D7EA410B716}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FC71D3F-B4F5-470F-9A53-B0A73AA50539}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52F0DCBE-1FCA-4F6E-AC44-B6E3B04EAF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCD607C7-5DFC-4BCA-9E53-E0750E10F80C}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{8B01E72B-5704-4285-B365-6776050A0075}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2043F9FF-0AC8-4096-B5B0-87EF086B9688}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{0967E305-8FD2-47B7-AA2C-6A9637218131}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{683AEE22-87DA-4AB5-B7FC-C634826B9E41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AEF5FE01-FCC4-4D4C-BB8F-0B36FE1B9C97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{43B6F3EF-627C-4B90-9E25-66667978C655}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{890EFA8C-E691-4CE9-AA69-4AE9512F1824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D01C8AB7-2424-4719-9194-12F8059582DE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{0A230BC8-3C70-44E0-ADAB-A93E29D1C3BC}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{2E952210-004C-41E0-A8B9-DAA0E96AA873}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FC37E47F-F7EC-4A49-9246-06A80DB92F6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D11ACF96-0CF5-4EA2-8E8F-F05A2E402CCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3578B3AE-F879-48AD-8CB6-F2464A3D055E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FADCF931-8786-4B9C-BC21-67E9380706CB}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{64917906-7DF1-4CDA-90D7-4C147AA838A5}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{A4A1B86B-A6B9-47FE-ACB1-59FAC8FDC767}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0D10BD48-5550-4387-A4A8-EFA0B626281E}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3E8741B3-D529-48C9-9386-AEB4C4A36CEE}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71C117A0-7573-409E-A9BA-19CE1CA2F55D}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{632245F9-6CFD-4852-AF50-DB884D4DE2AA}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{A2FDA54C-7E62-49F5-B8F0-3B3EBE221366}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{69E4D0E7-83B6-430E-8A37-C873DDBCB53F}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{13C20609-1CC6-47C4-B7F4-7BAA982B87B6}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{9DC6F2A9-D8F9-4E07-B818-AA28BF1F31B1}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{7C9811A2-F07B-472F-B00A-8AEEF332EDF0}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD.exe
FirewallRules: [{061BA69A-FDDA-46EF-A1AA-78DF68D58F7F}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{1273216E-938E-4291-8486-A80E064F755D}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{E290168B-0633-4A0D-A403-8848FB710B99}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{C9F6E1F5-ADD5-4F43-BD83-4F8A4BD0AEF2}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\CastingStation.exe
FirewallRules: [{823060CF-DD04-4049-92FA-B36F9C864AC8}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{B2014831-F544-4EA3-9E92-10D8B0613239}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BDABF5B9-BE2B-4592-8372-553610D72982}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4A69B45A-53B7-4A97-A3B5-0132EA98268A}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{DC5ABA74-E951-4324-A19F-88822A3A35D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/09/2017 04:02:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/08/2017 11:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FileHippo.AppManager.exe, Version 2.0.0.392 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 169c
Startzeit: 01d2985a2f6bc2e1
Beendigungszeit: 6
Anwendungspfad: D:\FileHippo.com\FileHippo.AppManager.exe
Berichts-ID: 286b5e67-044e-11e7-9c93-08606ec1264e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/08/2017 07:28:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/08/2017 07:28:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/08/2017 07:28:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "d:\xmlbar\flv downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/08/2017 07:28:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-4199837023-2687035150-3113593764-1001}/">.
Error: (03/08/2017 06:20:14 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/07/2017 07:50:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/06/2017 12:14:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/05/2017 12:22:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (03/09/2017 03:52:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/09/2017 07:57:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 11:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 11:39:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 11:39:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 11:39:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 11:39:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 11:39:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ShadowExplorer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-12-06 11:11:22.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-06 11:11:20.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:04:22.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:03:41.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:51.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:47.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:42.608
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:28.918
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:25.934
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 4126.59 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 4261.88 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:232.4 GB) (Free:139.1 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:221.81 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:207.62 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
10.03.2017, 14:30
| #6 | |
| /// TB-Ausbilder | AdChoices im Firefox bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. |
|
10.03.2017, 19:51
| #7 |
| | AdChoices im FirefoxCode:
ATTFilter 19:49:14.0546 0x1fac TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
19:49:18.0095 0x1fac ============================================================
19:49:18.0096 0x1fac Current date / time: 2017/03/10 19:49:18.0095
19:49:18.0096 0x1fac SystemInfo:
19:49:18.0096 0x1fac
19:49:18.0096 0x1fac OS Version: 10.0.14393 ServicePack: 0.0
19:49:18.0096 0x1fac Product type: Workstation
19:49:18.0096 0x1fac ComputerName: SCHWOBB
19:49:18.0096 0x1fac UserName: xxx
19:49:18.0096 0x1fac Windows directory: C:\WINDOWS
19:49:18.0096 0x1fac System windows directory: C:\WINDOWS
19:49:18.0096 0x1fac Running under WOW64
19:49:18.0096 0x1fac Processor architecture: Intel x64
19:49:18.0096 0x1fac Number of processors: 4
19:49:18.0096 0x1fac Page size: 0x1000
19:49:18.0096 0x1fac Boot type: Normal boot
19:49:18.0096 0x1fac CodeIntegrityOptions = 0x00000001
19:49:18.0096 0x1fac ============================================================
19:49:18.0178 0x1fac KLMD registered as C:\WINDOWS\system32\drivers\17010005.sys
19:49:18.0179 0x1fac KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
19:49:18.0233 0x1fac System UUID: {AAF3A55F-71B7-0C35-F451-C3191FC13C08}
19:49:18.0450 0x1fac Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:49:18.0450 0x1fac Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:49:18.0461 0x1fac ============================================================
19:49:18.0461 0x1fac \Device\Harddisk0\DR0:
19:49:18.0461 0x1fac MBR partitions:
19:49:18.0461 0x1fac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
19:49:18.0461 0x1fac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1D0CA800
19:49:18.0461 0x1fac \Device\Harddisk1\DR1:
19:49:18.0461 0x1fac MBR partitions:
19:49:18.0462 0x1fac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9FA27800
19:49:18.0462 0x1fac \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9FA28000, BlocksNum 0x7530000
19:49:18.0462 0x1fac \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xA6F58000, BlocksNum 0xC350000
19:49:18.0462 0x1fac \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0xB32A8800, BlocksNum 0x3A98000
19:49:18.0462 0x1fac \Device\Harddisk1\DR1\Partition5: MBR, Type 0x7, StartLBA 0xB6D41000, BlocksNum 0x320C7000
19:49:18.0462 0x1fac ============================================================
19:49:18.0463 0x1fac C: <-> \Device\Harddisk0\DR0\Partition2
19:49:18.0511 0x1fac E: <-> \Device\Harddisk1\DR1\Partition1
19:49:18.0532 0x1fac F: <-> \Device\Harddisk1\DR1\Partition2
19:49:18.0550 0x1fac G: <-> \Device\Harddisk1\DR1\Partition3
19:49:18.0559 0x1fac D: <-> \Device\Harddisk1\DR1\Partition4
19:49:18.0565 0x1fac H: <-> \Device\Harddisk1\DR1\Partition5
19:49:18.0566 0x1fac ============================================================
19:49:18.0566 0x1fac Initialize success
19:49:18.0566 0x1fac ============================================================
19:49:19.0805 0x267c ============================================================
19:49:19.0805 0x267c Scan started
19:49:19.0805 0x267c Mode: Manual;
19:49:19.0805 0x267c ============================================================
19:49:19.0805 0x267c KSN ping started
19:49:19.0860 0x267c KSN ping finished: true
19:49:20.0429 0x267c ================ Scan system memory ========================
19:49:20.0429 0x267c System memory - ok
19:49:20.0429 0x267c ================ Scan services =============================
19:49:20.0459 0x267c [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:49:20.0462 0x267c 1394ohci - ok
19:49:20.0469 0x267c [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:49:20.0471 0x267c 3ware - ok
19:49:20.0484 0x267c [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:49:20.0493 0x267c ACPI - ok
19:49:20.0496 0x267c [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:49:20.0497 0x267c AcpiDev - ok
19:49:20.0501 0x267c [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:49:20.0502 0x267c acpiex - ok
19:49:20.0505 0x267c [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:49:20.0506 0x267c acpipagr - ok
19:49:20.0509 0x267c [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:49:20.0509 0x267c AcpiPmi - ok
19:49:20.0512 0x267c [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:49:20.0512 0x267c acpitime - ok
19:49:20.0531 0x267c [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:49:20.0534 0x267c AdobeFlashPlayerUpdateSvc - ok
19:49:20.0556 0x267c [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:49:20.0571 0x267c ADP80XX - ok
19:49:20.0584 0x267c [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:49:20.0591 0x267c AFD - ok
19:49:20.0598 0x267c [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:49:20.0601 0x267c ahcache - ok
19:49:20.0604 0x267c [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:49:20.0605 0x267c AJRouter - ok
19:49:20.0609 0x267c [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
19:49:20.0610 0x267c ALG - ok
19:49:20.0620 0x267c [ 23CB92EE5654BA92619D796E3AC7DB86, DD4536B55F021990DDAD8864F9BAECCDE40B2B532F6FB0D6CF9EB1A6B112A983 ] ALSysIO C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys
19:49:20.0621 0x267c ALSysIO - ok
19:49:20.0625 0x267c [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:49:20.0627 0x267c AmdK8 - ok
19:49:20.0631 0x267c [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:49:20.0633 0x267c AmdPPM - ok
19:49:20.0636 0x267c [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:49:20.0638 0x267c amdsata - ok
19:49:20.0644 0x267c [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:49:20.0648 0x267c amdsbs - ok
19:49:20.0651 0x267c [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:49:20.0652 0x267c amdxata - ok
19:49:20.0673 0x267c [ 42A60840C182E9CFCD4E5EF950303512, E7C3D9888529156D9FB03BC51B170AC027ABA6E7B1ED69FA29944546A202907A ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
19:49:20.0686 0x267c AntiVirMailService - ok
19:49:20.0696 0x267c [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
19:49:20.0701 0x267c AntiVirSchedulerService - ok
19:49:20.0712 0x267c [ 58FD213E044D88825E411A1A0A6AEE64, 870591B7995874215C70218F460C1761564533D75BD4855ACB071F9425AAAB77 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
19:49:20.0717 0x267c AntiVirService - ok
19:49:20.0741 0x267c [ 4C1B4579EF9D12C88132367333F8F794, 2193359E04F5313BFB7E5FE9AF6D7FBCFFF2CEBCC217F29817F9D450C91160DD ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
19:49:20.0758 0x267c AntiVirWebService - ok
19:49:20.0764 0x267c [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:49:20.0766 0x267c AppID - ok
19:49:20.0771 0x267c [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:49:20.0772 0x267c AppIDSvc - ok
19:49:20.0776 0x267c [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:49:20.0778 0x267c Appinfo - ok
19:49:20.0781 0x267c [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:49:20.0781 0x267c applockerfltr - ok
19:49:20.0787 0x267c [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:49:20.0789 0x267c AppMgmt - ok
19:49:20.0801 0x267c [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:49:20.0808 0x267c AppReadiness - ok
19:49:20.0823 0x267c [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
19:49:20.0833 0x267c AppVClient - ok
19:49:20.0838 0x267c [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
19:49:20.0840 0x267c AppvStrm - ok
19:49:20.0846 0x267c [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:49:20.0848 0x267c AppvVemgr - ok
19:49:20.0853 0x267c [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
19:49:20.0855 0x267c AppvVfs - ok
19:49:20.0890 0x267c [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:49:20.0918 0x267c AppXSvc - ok
19:49:20.0925 0x267c [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:49:20.0927 0x267c arcsas - ok
19:49:20.0930 0x267c [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:49:20.0931 0x267c AsyncMac - ok
19:49:20.0934 0x267c [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:49:20.0934 0x267c atapi - ok
19:49:20.0941 0x267c [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:49:20.0946 0x267c AudioEndpointBuilder - ok
19:49:20.0962 0x267c [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:49:20.0974 0x267c Audiosrv - ok
19:49:20.0979 0x267c [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:49:20.0981 0x267c avgntflt - ok
19:49:20.0986 0x267c [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:49:20.0988 0x267c avipbb - ok
19:49:20.0996 0x267c [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
19:49:21.0001 0x267c Avira.ServiceHost - ok
19:49:21.0005 0x267c [ 8D2830B4A88B957890AC292686140E2D, 5B645D67EC327E074C0A01B2CDF2FDBF376B6F869E2724F2699A7DEF4AA366D2 ] AviraUpdaterService C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
19:49:21.0006 0x267c AviraUpdaterService - ok
19:49:21.0009 0x267c [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:49:21.0009 0x267c avkmgr - ok
19:49:21.0013 0x267c [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
19:49:21.0014 0x267c avnetflt - ok
19:49:21.0018 0x267c [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:49:21.0020 0x267c AxInstSV - ok
19:49:21.0030 0x267c [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:49:21.0037 0x267c b06bdrv - ok
19:49:21.0042 0x267c [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:49:21.0043 0x267c BasicDisplay - ok
19:49:21.0046 0x267c [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:49:21.0046 0x267c BasicRender - ok
19:49:21.0050 0x267c [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
19:49:21.0050 0x267c bcmfn - ok
19:49:21.0053 0x267c [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:49:21.0053 0x267c bcmfn2 - ok
19:49:21.0061 0x267c [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:49:21.0065 0x267c BDESVC - ok
19:49:21.0068 0x267c [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:49:21.0069 0x267c Beep - ok
19:49:21.0082 0x267c [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
19:49:21.0092 0x267c BFE - ok
19:49:21.0111 0x267c [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
19:49:21.0126 0x267c BITS - ok
19:49:21.0130 0x267c [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:49:21.0132 0x267c bowser - ok
19:49:21.0146 0x267c [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:49:21.0156 0x267c BrokerInfrastructure - ok
19:49:21.0162 0x267c [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
19:49:21.0164 0x267c Browser - ok
19:49:21.0170 0x267c [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
19:49:21.0174 0x267c BrYNSvc - ok
19:49:21.0177 0x267c [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:49:21.0178 0x267c BthAvrcpTg - ok
19:49:21.0181 0x267c [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:49:21.0182 0x267c BthHFEnum - ok
19:49:21.0185 0x267c [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:49:21.0185 0x267c bthhfhid - ok
19:49:21.0192 0x267c [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:49:21.0196 0x267c BthHFSrv - ok
19:49:21.0200 0x267c [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:49:21.0201 0x267c BTHMODEM - ok
19:49:21.0207 0x267c [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
19:49:21.0209 0x267c bthserv - ok
19:49:21.0212 0x267c [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:49:21.0213 0x267c buttonconverter - ok
19:49:21.0217 0x267c [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:49:21.0219 0x267c CapImg - ok
19:49:21.0222 0x267c [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:49:21.0224 0x267c cdfs - ok
19:49:21.0232 0x267c [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:49:21.0237 0x267c CDPSvc - ok
19:49:21.0245 0x267c [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:49:21.0250 0x267c CDPUserSvc - ok
19:49:21.0256 0x267c [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:49:21.0258 0x267c cdrom - ok
19:49:21.0263 0x267c [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:49:21.0266 0x267c CertPropSvc - ok
19:49:21.0273 0x267c [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:49:21.0278 0x267c cht4iscsi - ok
19:49:21.0310 0x267c [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:49:21.0336 0x267c cht4vbd - ok
19:49:21.0341 0x267c [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:49:21.0341 0x267c circlass - ok
19:49:21.0349 0x267c [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:49:21.0353 0x267c CLFS - ok
19:49:21.0367 0x267c [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:49:21.0377 0x267c ClipSVC - ok
19:49:21.0381 0x267c [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
19:49:21.0382 0x267c clreg - ok
19:49:21.0388 0x267c [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:49:21.0389 0x267c CmBatt - ok
19:49:21.0400 0x267c [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:49:21.0408 0x267c CNG - ok
19:49:21.0411 0x267c [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:49:21.0412 0x267c cnghwassist - ok
19:49:21.0422 0x267c [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
19:49:21.0422 0x267c CompositeBus - ok
19:49:21.0425 0x267c COMSysApp - ok
19:49:21.0428 0x267c [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:49:21.0429 0x267c condrv - ok
19:49:21.0444 0x267c [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:49:21.0454 0x267c CoreMessagingRegistrar - ok
19:49:21.0460 0x267c [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:49:21.0461 0x267c CryptSvc - ok
19:49:21.0472 0x267c [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC C:\WINDOWS\system32\drivers\csc.sys
19:49:21.0478 0x267c CSC - ok
19:49:21.0491 0x267c [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll
19:49:21.0501 0x267c CscService - ok
19:49:21.0511 0x267c [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:49:21.0516 0x267c CTAudSvcService - ok
19:49:21.0534 0x267c [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda C:\WINDOWS\system32\drivers\cthda.sys
19:49:21.0548 0x267c cthda - ok
19:49:21.0561 0x267c [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc C:\WINDOWS\sysWow64\CtHdaSvc.exe
19:49:21.0562 0x267c CtHdaSvc - ok
19:49:21.0566 0x267c [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb C:\WINDOWS\system32\DRIVERS\cthdb.sys
19:49:21.0566 0x267c cthdb - ok
19:49:21.0570 0x267c [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam C:\WINDOWS\system32\drivers\dam.sys
19:49:21.0571 0x267c dam - ok
19:49:21.0575 0x267c [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:49:21.0577 0x267c dbupdate - ok
19:49:21.0581 0x267c [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:49:21.0583 0x267c dbupdatem - ok
19:49:21.0585 0x267c dbx - ok
19:49:21.0588 0x267c [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
19:49:21.0589 0x267c DbxSvc - ok
19:49:21.0605 0x267c [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:49:21.0618 0x267c DcomLaunch - ok
19:49:21.0624 0x267c [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
19:49:21.0626 0x267c DcpSvc - ok
19:49:21.0636 0x267c [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:49:21.0643 0x267c defragsvc - ok
19:49:21.0653 0x267c [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:49:21.0659 0x267c DeviceAssociationService - ok
19:49:21.0663 0x267c [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:49:21.0665 0x267c DeviceInstall - ok
19:49:21.0668 0x267c [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:49:21.0669 0x267c DevQueryBroker - ok
19:49:21.0674 0x267c [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:49:21.0676 0x267c Dfsc - ok
19:49:21.0680 0x267c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:49:21.0682 0x267c dg_ssudbus - ok
19:49:21.0690 0x267c [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:49:21.0695 0x267c Dhcp - ok
19:49:21.0699 0x267c [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:49:21.0700 0x267c diagnosticshub.standardcollector.service - ok
19:49:21.0730 0x267c [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:49:21.0756 0x267c DiagTrack - ok
19:49:21.0767 0x267c [ CF7302680AD66C5BF84E2F5CBDE8731F, 88C31F08F9EFF7809397820ED09AC14E76C3015C6D0EFB71B5B30133B3EB4AEA ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:49:21.0772 0x267c DigitalWave.Update.Service - ok
19:49:21.0777 0x267c [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:49:21.0778 0x267c disk - ok
19:49:21.0787 0x267c [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:49:21.0793 0x267c DmEnrollmentSvc - ok
19:49:21.0797 0x267c [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:49:21.0797 0x267c dmvsc - ok
19:49:21.0800 0x267c [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:49:21.0802 0x267c dmwappushservice - ok
19:49:21.0808 0x267c [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:49:21.0811 0x267c Dnscache - ok
19:49:21.0818 0x267c [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:49:21.0821 0x267c dot3svc - ok
19:49:21.0826 0x267c [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
19:49:21.0829 0x267c DPS - ok
19:49:21.0832 0x267c [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
19:49:21.0832 0x267c drmkaud - ok
19:49:21.0838 0x267c [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:49:21.0840 0x267c DsmSvc - ok
19:49:21.0845 0x267c [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:49:21.0847 0x267c DsSvc - ok
19:49:21.0882 0x267c [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:49:21.0911 0x267c DXGKrnl - ok
19:49:21.0917 0x267c [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:49:21.0918 0x267c EapHost - ok
19:49:21.0968 0x267c [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:49:22.0012 0x267c ebdrv - ok
19:49:22.0018 0x267c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
19:49:22.0020 0x267c EFS - ok
19:49:22.0023 0x267c [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:49:22.0024 0x267c EhStorClass - ok
19:49:22.0028 0x267c [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:49:22.0030 0x267c EhStorTcgDrv - ok
19:49:22.0033 0x267c [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
19:49:22.0034 0x267c ElbyCDIO - ok
19:49:22.0038 0x267c [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:49:22.0040 0x267c embeddedmode - ok
19:49:22.0047 0x267c [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:49:22.0051 0x267c EntAppSvc - ok
19:49:22.0053 0x267c [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:49:22.0054 0x267c ErrDev - ok
19:49:22.0065 0x267c [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
19:49:22.0071 0x267c EventSystem - ok
19:49:22.0078 0x267c [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:49:22.0082 0x267c exfat - ok
19:49:22.0090 0x267c [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:49:22.0095 0x267c fastfat - ok
19:49:22.0107 0x267c [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
19:49:22.0115 0x267c Fax - ok
19:49:22.0119 0x267c [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:49:22.0119 0x267c fdc - ok
19:49:22.0122 0x267c [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:49:22.0123 0x267c fdPHost - ok
19:49:22.0126 0x267c [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:49:22.0127 0x267c FDResPub - ok
19:49:22.0131 0x267c [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:49:22.0133 0x267c fhsvc - ok
19:49:22.0136 0x267c [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:49:22.0137 0x267c FileCrypt - ok
19:49:22.0141 0x267c [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:49:22.0142 0x267c FileInfo - ok
19:49:22.0147 0x267c [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:49:22.0148 0x267c Filetrace - ok
19:49:22.0151 0x267c [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:49:22.0151 0x267c flpydisk - ok
19:49:22.0159 0x267c [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:49:22.0163 0x267c FltMgr - ok
19:49:22.0192 0x267c [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache C:\WINDOWS\system32\FntCache.dll
19:49:22.0215 0x267c FontCache - ok
19:49:22.0220 0x267c [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:49:22.0221 0x267c FontCache3.0.0.0 - ok
19:49:22.0235 0x267c [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:49:22.0246 0x267c FrameServer - ok
19:49:22.0250 0x267c [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:49:22.0251 0x267c FsDepends - ok
19:49:22.0254 0x267c [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:49:22.0255 0x267c Fs_Rec - ok
19:49:22.0267 0x267c [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:49:22.0275 0x267c fvevol - ok
19:49:22.0278 0x267c [ 4D9C8E6F3D39282EDAD1584AADB1A535, CB9612B215FB78C3DA3EAE74510C6ED6B3BAB95470E181B72C0230F8367313E8 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
19:49:22.0279 0x267c GamingApp_Service - ok
19:49:22.0281 0x267c [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:49:22.0282 0x267c gencounter - ok
19:49:22.0284 0x267c [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:49:22.0285 0x267c genericusbfn - ok
19:49:22.0290 0x267c [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:49:22.0292 0x267c GPIOClx0101 - ok
19:49:22.0313 0x267c [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:49:22.0330 0x267c gpsvc - ok
19:49:22.0340 0x267c [ 96E7F6770E12DD05A8ECF7B5D5DCD2FD, F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD ] GPU-Z C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys
19:49:22.0341 0x267c GPU-Z - ok
19:49:22.0343 0x267c [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:49:22.0344 0x267c GpuEnergyDrv - ok
19:49:22.0348 0x267c [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:22.0350 0x267c gupdate - ok
19:49:22.0354 0x267c [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:49:22.0356 0x267c gupdatem - ok
19:49:22.0359 0x267c [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:49:22.0360 0x267c HDAudBus - ok
19:49:22.0363 0x267c [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:49:22.0364 0x267c HidBatt - ok
19:49:22.0368 0x267c [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:49:22.0369 0x267c HidBth - ok
19:49:22.0372 0x267c [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:49:22.0373 0x267c hidi2c - ok
19:49:22.0376 0x267c [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:49:22.0377 0x267c hidinterrupt - ok
19:49:22.0380 0x267c [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:49:22.0381 0x267c HidIr - ok
19:49:22.0384 0x267c [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:49:22.0385 0x267c hidserv - ok
19:49:22.0388 0x267c [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:49:22.0389 0x267c HidUsb - ok
19:49:22.0395 0x267c [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:49:22.0400 0x267c HomeGroupListener - ok
19:49:22.0408 0x267c [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:49:22.0416 0x267c HomeGroupProvider - ok
19:49:22.0420 0x267c [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:49:22.0421 0x267c HpSAMD - ok
19:49:22.0440 0x267c [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:49:22.0453 0x267c HTTP - ok
19:49:22.0458 0x267c [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:49:22.0459 0x267c HvHost - ok
19:49:22.0462 0x267c [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:49:22.0463 0x267c hvservice - ok
19:49:22.0467 0x267c [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:49:22.0467 0x267c hwpolicy - ok
19:49:22.0470 0x267c [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:49:22.0471 0x267c hyperkbd - ok
19:49:22.0477 0x267c [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:49:22.0478 0x267c i8042prt - ok
19:49:22.0481 0x267c [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:49:22.0482 0x267c iagpio - ok
19:49:22.0485 0x267c [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:49:22.0486 0x267c iai2c - ok
19:49:22.0489 0x267c [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:49:22.0490 0x267c iaLPSS2i_GPIO2 - ok
19:49:22.0495 0x267c [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:49:22.0497 0x267c iaLPSS2i_I2C - ok
19:49:22.0500 0x267c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:49:22.0501 0x267c iaLPSSi_GPIO - ok
19:49:22.0505 0x267c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:49:22.0506 0x267c iaLPSSi_I2C - ok
19:49:22.0518 0x267c [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:49:22.0527 0x267c iaStorAV - ok
19:49:22.0535 0x267c [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:49:22.0540 0x267c iaStorV - ok
19:49:22.0551 0x267c [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:49:22.0558 0x267c ibbus - ok
19:49:22.0563 0x267c [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:49:22.0567 0x267c icssvc - ok
19:49:22.0583 0x267c [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:49:22.0595 0x267c IKEEXT - ok
19:49:22.0598 0x267c [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:49:22.0599 0x267c IndirectKmd - ok
19:49:22.0603 0x267c [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:49:22.0603 0x267c intelide - ok
19:49:22.0606 0x267c [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:49:22.0607 0x267c intelpep - ok
19:49:22.0611 0x267c [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:49:22.0613 0x267c intelppm - ok
19:49:22.0616 0x267c [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:49:22.0617 0x267c iorate - ok
19:49:22.0620 0x267c [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:49:22.0622 0x267c IpFilterDriver - ok
19:49:22.0638 0x267c [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:49:22.0650 0x267c iphlpsvc - ok
19:49:22.0654 0x267c [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:49:22.0656 0x267c IPMIDRV - ok
19:49:22.0662 0x267c [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:49:22.0664 0x267c IPNAT - ok
19:49:22.0668 0x267c [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
19:49:22.0670 0x267c irda - ok
19:49:22.0673 0x267c [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:49:22.0673 0x267c IRENUM - ok
19:49:22.0676 0x267c [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
19:49:22.0677 0x267c irmon - ok
19:49:22.0680 0x267c [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:49:22.0680 0x267c isapnp - ok
19:49:22.0686 0x267c [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:49:22.0691 0x267c iScsiPrt - ok
19:49:22.0694 0x267c [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:49:22.0695 0x267c kbdclass - ok
19:49:22.0698 0x267c [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:49:22.0699 0x267c kbdhid - ok
19:49:22.0701 0x267c [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:49:22.0702 0x267c kdnic - ok
19:49:22.0705 0x267c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:49:22.0706 0x267c KeyIso - ok
19:49:22.0710 0x267c [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:49:22.0712 0x267c KSecDD - ok
19:49:22.0717 0x267c [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:49:22.0720 0x267c KSecPkg - ok
19:49:22.0722 0x267c [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:49:22.0723 0x267c ksthunk - ok
19:49:22.0730 0x267c [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:49:22.0736 0x267c KtmRm - ok
19:49:22.0743 0x267c [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:49:22.0748 0x267c LanmanServer - ok
19:49:22.0754 0x267c [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:49:22.0759 0x267c LanmanWorkstation - ok
19:49:22.0763 0x267c [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:49:22.0765 0x267c lfsvc - ok
19:49:22.0767 0x267c [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
19:49:22.0768 0x267c LGBusEnum - ok
19:49:22.0772 0x267c [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
19:49:22.0772 0x267c LGCoreTemp - ok
19:49:22.0775 0x267c [ C582EBCB331D4D45F4956ACF3D82F674, 154E889036E825FA8EE9D45262AFCEE15ADB07459AAAA7B68F97DEB727B1859E ] LGJoyHidFilter C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys
19:49:22.0776 0x267c LGJoyHidFilter - ok
19:49:22.0779 0x267c [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
19:49:22.0780 0x267c LGJoyXlCore - ok
19:49:22.0783 0x267c [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
19:49:22.0784 0x267c LGVirHid - ok
19:49:22.0786 0x267c [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:49:22.0788 0x267c LicenseManager - ok
19:49:22.0791 0x267c [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:49:22.0792 0x267c lltdio - ok
19:49:22.0798 0x267c [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:49:22.0803 0x267c lltdsvc - ok
19:49:22.0805 0x267c [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:49:22.0806 0x267c lmhosts - ok
19:49:22.0811 0x267c [ AFAF34BF6BD10379FF13BFA086EFF857, E22E114E97EA65B80D6A9252C71E4C016A0B80B82C64426B679773305EFE8C88 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
19:49:22.0813 0x267c LogiRegistryService - ok
19:49:22.0818 0x267c [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:49:22.0820 0x267c LSI_SAS - ok
19:49:22.0824 0x267c [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:49:22.0825 0x267c LSI_SAS2i - ok
19:49:22.0829 0x267c [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:49:22.0831 0x267c LSI_SAS3i - ok
19:49:22.0834 0x267c [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:49:22.0835 0x267c LSI_SSS - ok
19:49:22.0848 0x267c [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll
19:49:22.0858 0x267c LSM - ok
19:49:22.0863 0x267c [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:49:22.0864 0x267c luafv - ok
19:49:22.0868 0x267c [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:49:22.0870 0x267c MapsBroker - ok
19:49:22.0873 0x267c [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:49:22.0874 0x267c megasas - ok
19:49:22.0877 0x267c [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:49:22.0878 0x267c megasas2i - ok
19:49:22.0890 0x267c [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:49:22.0897 0x267c megasr - ok
19:49:22.0902 0x267c [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:49:22.0905 0x267c MEIx64 - ok
19:49:22.0908 0x267c [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:49:22.0910 0x267c MessagingService - ok
19:49:22.0925 0x267c [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:49:22.0936 0x267c mlx4_bus - ok
19:49:22.0940 0x267c [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:49:22.0941 0x267c MMCSS - ok
19:49:22.0945 0x267c [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:49:22.0946 0x267c Modem - ok
19:49:22.0948 0x267c [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:49:22.0949 0x267c monitor - ok
19:49:22.0952 0x267c [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:49:22.0953 0x267c mouclass - ok
19:49:22.0956 0x267c [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:49:22.0957 0x267c mouhid - ok
19:49:22.0960 0x267c [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:49:22.0962 0x267c mountmgr - ok
19:49:22.0965 0x267c [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:49:22.0966 0x267c mpsdrv - ok
19:49:22.0981 0x267c [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:49:22.0993 0x267c MpsSvc - ok
19:49:22.0998 0x267c [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:49:23.0000 0x267c MRxDAV - ok
19:49:23.0009 0x267c [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:49:23.0015 0x267c mrxsmb - ok
19:49:23.0021 0x267c [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:49:23.0025 0x267c mrxsmb10 - ok
19:49:23.0030 0x267c [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:49:23.0034 0x267c mrxsmb20 - ok
19:49:23.0037 0x267c [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:49:23.0039 0x267c MsBridge - ok
19:49:23.0043 0x267c [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:49:23.0046 0x267c MSDTC - ok
19:49:23.0051 0x267c [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:49:23.0052 0x267c Msfs - ok
19:49:23.0055 0x267c [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:49:23.0056 0x267c msgpiowin32 - ok
19:49:23.0058 0x267c [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:49:23.0059 0x267c mshidkmdf - ok
19:49:23.0061 0x267c [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:49:23.0061 0x267c mshidumdf - ok
19:49:23.0064 0x267c [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:49:23.0065 0x267c msisadrv - ok
19:49:23.0069 0x267c [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:49:23.0072 0x267c MSiSCSI - ok
19:49:23.0075 0x267c msiserver - ok
19:49:23.0077 0x267c [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:49:23.0078 0x267c MSKSSRV - ok
19:49:23.0081 0x267c [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:49:23.0083 0x267c MsLldp - ok
19:49:23.0085 0x267c [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:49:23.0086 0x267c MSPCLOCK - ok
19:49:23.0088 0x267c [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:49:23.0088 0x267c MSPQM - ok
19:49:23.0096 0x267c [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:49:23.0101 0x267c MsRPC - ok
19:49:23.0108 0x267c [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
19:49:23.0111 0x267c MsSecFlt - ok
19:49:23.0114 0x267c [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:49:23.0115 0x267c mssmbios - ok
19:49:23.0117 0x267c [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:49:23.0117 0x267c MSTEE - ok
19:49:23.0120 0x267c [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:49:23.0120 0x267c MTConfig - ok
19:49:23.0125 0x267c [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:49:23.0126 0x267c Mup - ok
19:49:23.0130 0x267c [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:49:23.0131 0x267c mvumis - ok
19:49:23.0142 0x267c [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:49:23.0149 0x267c NativeWifiP - ok
19:49:23.0154 0x267c [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:49:23.0157 0x267c NcaSvc - ok
19:49:23.0164 0x267c [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:49:23.0169 0x267c NcbService - ok
19:49:23.0173 0x267c [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:49:23.0175 0x267c NcdAutoSetup - ok
19:49:23.0179 0x267c [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:49:23.0181 0x267c ndfltr - ok
19:49:23.0201 0x267c [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:49:23.0216 0x267c NDIS - ok
19:49:23.0220 0x267c [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:49:23.0221 0x267c NdisCap - ok
19:49:23.0224 0x267c [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:49:23.0226 0x267c NdisImPlatform - ok
19:49:23.0229 0x267c [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:49:23.0230 0x267c NdisTapi - ok
19:49:23.0235 0x267c [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:49:23.0236 0x267c Ndisuio - ok
19:49:23.0238 0x267c [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:49:23.0239 0x267c NdisVirtualBus - ok
19:49:23.0245 0x267c [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:49:23.0247 0x267c NdisWan - ok
19:49:23.0253 0x267c [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:49:23.0255 0x267c ndiswanlegacy - ok
19:49:23.0259 0x267c [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:49:23.0260 0x267c ndproxy - ok
19:49:23.0264 0x267c [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:49:23.0265 0x267c Ndu - ok
19:49:23.0268 0x267c [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:49:23.0269 0x267c NetAdapterCx - ok
19:49:23.0272 0x267c [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:49:23.0273 0x267c NetBIOS - ok
19:49:23.0281 0x267c [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:49:23.0285 0x267c NetBT - ok
19:49:23.0288 0x267c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:49:23.0289 0x267c Netlogon - ok
19:49:23.0295 0x267c [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
19:49:23.0299 0x267c Netman - ok
19:49:23.0309 0x267c [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:49:23.0316 0x267c netprofm - ok
19:49:23.0323 0x267c [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:49:23.0327 0x267c NetSetupSvc - ok
19:49:23.0332 0x267c [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:49:23.0334 0x267c NetTcpPortSharing - ok
19:49:23.0343 0x267c [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:49:23.0347 0x267c NgcCtnrSvc - ok
19:49:23.0364 0x267c [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:49:23.0377 0x267c NgcSvc - ok
19:49:23.0385 0x267c [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:49:23.0391 0x267c NlaSvc - ok
19:49:23.0394 0x267c [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:49:23.0396 0x267c Npfs - ok
19:49:23.0399 0x267c [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:49:23.0399 0x267c npsvctrig - ok
19:49:23.0402 0x267c [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
19:49:23.0404 0x267c nsi - ok
19:49:23.0406 0x267c [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:49:23.0407 0x267c nsiproxy - ok
19:49:23.0442 0x267c [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:49:23.0471 0x267c NTFS - ok
19:49:23.0475 0x267c [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:49:23.0476 0x267c Null - ok
19:49:23.0484 0x267c [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:49:23.0490 0x267c NvContainerLocalSystem - ok
19:49:23.0499 0x267c [ 62D705A1C4F8FBDD2941CCD2E9DEC206, 2E1F6127737D764AE6A35655C54ADE554333C3156CAA322C0FE5704A693A1BD7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:49:23.0504 0x267c NvContainerNetworkService - ok
19:49:23.0510 0x267c [ 207A78939B7BBA0EFE8BFA947A35E71C, BB7DDFED575F81CAB958DDC7CFF2D798EB14DAE633F49FA2229D98BDC489C0EE ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
19:49:23.0513 0x267c NVHDA - ok
19:49:23.0717 0x267c [ 9337A5F17702A0FFE1E6C6978619B872, 8D4505BA62977BFE8C01F1ABD027AFBAEAA0D3EA6336865E46C28818471B196E ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys
19:49:23.0899 0x267c nvlddmkm - ok
19:49:23.0915 0x267c [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:49:23.0916 0x267c nvraid - ok
19:49:23.0921 0x267c [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:49:23.0923 0x267c nvstor - ok
19:49:23.0926 0x267c [ 6C672A80B4FBF160E2814EAE0AB3020B, FD5BDE067D29AA9FC20D7C571607D3AC351BFD65EF6E0C75374A2D9C0B17FED3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:49:23.0927 0x267c NvStreamKms - ok
19:49:23.0936 0x267c [ 282423AA3B0648082647103A5C42B66C, 5C8DBE5A95C1232E7D0F84E6A8749550C0026F2139D136E94347C2FB2E772950 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
19:49:23.0941 0x267c NvTelemetryContainer - ok
19:49:23.0945 0x267c [ 54ABC4EA39DDE92977DCE644D325213A, D754E5D0418B3C48AD9988D1A2705975C78C8B87990E211651C388A76FB17E51 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:49:23.0946 0x267c nvvad_WaveExtensible - ok
19:49:23.0949 0x267c [ 61BD2E2560FD1C5E0A8B8738816A0B93, 1057A6C4F7D04E81BFFD5B806295B3A5D12DE4D13F66E8542426D83D97E68C97 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
19:49:23.0950 0x267c nvvhci - ok
19:49:23.0957 0x267c [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:49:23.0962 0x267c OneSyncSvc - ok
19:49:24.0020 0x267c [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service G:\Origin\OriginClientService.exe
19:49:24.0049 0x267c Origin Client Service - ok
19:49:24.0092 0x267c [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service G:\Origin\OriginWebHelperService.exe
19:49:24.0119 0x267c Origin Web Helper Service - ok
19:49:24.0127 0x267c [ 58327B7E7C4E325C66B7C4A5220CE5F4, FF66411B23A195CA3C64F5409F2E2C6F88CB01034A4C9DDCA565DE0E144ABC13 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:49:24.0129 0x267c ose64 - ok
19:49:24.0138 0x267c [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:49:24.0144 0x267c p2pimsvc - ok
19:49:24.0153 0x267c [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:49:24.0159 0x267c p2psvc - ok
19:49:24.0163 0x267c [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:49:24.0164 0x267c Parport - ok
19:49:24.0168 0x267c [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:49:24.0170 0x267c partmgr - ok
19:49:24.0180 0x267c [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:49:24.0187 0x267c PcaSvc - ok
19:49:24.0194 0x267c [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys
19:49:24.0198 0x267c pci - ok
19:49:24.0201 0x267c [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:49:24.0202 0x267c pciide - ok
19:49:24.0206 0x267c [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:49:24.0208 0x267c pcmcia - ok
19:49:24.0211 0x267c [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:49:24.0212 0x267c pcw - ok
19:49:24.0215 0x267c [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:49:24.0217 0x267c pdc - ok
19:49:24.0224 0x267c [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
19:49:24.0225 0x267c PDFProFiltSrvPP - ok
19:49:24.0237 0x267c [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:49:24.0246 0x267c PEAUTH - ok
19:49:24.0276 0x267c [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
19:49:24.0301 0x267c PeerDistSvc - ok
19:49:24.0306 0x267c [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:49:24.0307 0x267c percsas2i - ok
19:49:24.0310 0x267c [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:49:24.0311 0x267c percsas3i - ok
19:49:24.0323 0x267c [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:49:24.0324 0x267c PerfHost - ok
19:49:24.0342 0x267c [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:49:24.0353 0x267c PhoneSvc - ok
19:49:24.0358 0x267c [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:49:24.0362 0x267c PimIndexMaintenanceSvc - ok
19:49:24.0387 0x267c [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
19:49:24.0406 0x267c pla - ok
19:49:24.0411 0x267c [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:49:24.0413 0x267c PlugPlay - ok
19:49:24.0416 0x267c [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:49:24.0418 0x267c PNRPAutoReg - ok
19:49:24.0426 0x267c [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:49:24.0431 0x267c PNRPsvc - ok
19:49:24.0439 0x267c [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:49:24.0444 0x267c PolicyAgent - ok
19:49:24.0450 0x267c [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
19:49:24.0453 0x267c Power - ok
19:49:24.0457 0x267c [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:49:24.0458 0x267c PptpMiniport - ok
19:49:24.0508 0x267c [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:49:24.0551 0x267c PrintNotify - ok
19:49:24.0558 0x267c [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:49:24.0559 0x267c Processor - ok
19:49:24.0566 0x267c [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:49:24.0572 0x267c ProfSvc - ok
19:49:24.0576 0x267c [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:49:24.0578 0x267c Psched - ok
19:49:24.0587 0x267c [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:49:24.0592 0x267c QWAVE - ok
19:49:24.0596 0x267c [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:49:24.0596 0x267c QWAVEdrv - ok
19:49:24.0599 0x267c [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:49:24.0600 0x267c RasAcd - ok
19:49:24.0603 0x267c [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:49:24.0605 0x267c RasAgileVpn - ok
19:49:24.0609 0x267c [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:49:24.0611 0x267c RasAuto - ok
19:49:24.0615 0x267c [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:49:24.0616 0x267c Rasl2tp - ok
19:49:24.0629 0x267c [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan C:\WINDOWS\System32\rasmans.dll
19:49:24.0642 0x267c RasMan - ok
19:49:24.0647 0x267c [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:49:24.0649 0x267c RasPppoe - ok
19:49:24.0652 0x267c [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:49:24.0654 0x267c RasSstp - ok
19:49:24.0663 0x267c [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:49:24.0668 0x267c rdbss - ok
19:49:24.0672 0x267c [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:49:24.0672 0x267c rdpbus - ok
19:49:24.0677 0x267c [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:49:24.0679 0x267c RDPDR - ok
19:49:24.0685 0x267c [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:49:24.0685 0x267c RdpVideoMiniport - ok
19:49:24.0692 0x267c [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:49:24.0695 0x267c rdyboost - ok
19:49:24.0711 0x267c [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:49:24.0722 0x267c ReFSv1 - ok
19:49:24.0734 0x267c [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:49:24.0741 0x267c RemoteAccess - ok
19:49:24.0746 0x267c [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:49:24.0749 0x267c RemoteRegistry - ok
19:49:24.0761 0x267c [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:49:24.0771 0x267c RetailDemo - ok
19:49:24.0776 0x267c [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:49:24.0779 0x267c RmSvc - ok
19:49:24.0783 0x267c [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:49:24.0785 0x267c RpcEptMapper - ok
19:49:24.0787 0x267c [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
19:49:24.0788 0x267c RpcLocator - ok
19:49:24.0803 0x267c [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:49:24.0814 0x267c RpcSs - ok
19:49:24.0818 0x267c [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:49:24.0820 0x267c rspndr - ok
19:49:24.0830 0x267c [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
19:49:24.0838 0x267c rt640x64 - ok
19:49:24.0841 0x267c [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:49:24.0841 0x267c s3cap - ok
19:49:24.0846 0x267c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
19:49:24.0847 0x267c SamSs - ok
19:49:24.0851 0x267c [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:49:24.0853 0x267c sbp2port - ok
19:49:24.0859 0x267c [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:49:24.0862 0x267c SCardSvr - ok
19:49:24.0869 0x267c [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:49:24.0872 0x267c ScDeviceEnum - ok
19:49:24.0877 0x267c [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:49:24.0878 0x267c scfilter - ok
19:49:24.0895 0x267c [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:49:24.0907 0x267c Schedule - ok
19:49:24.0911 0x267c [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:49:24.0913 0x267c scmbus - ok
19:49:24.0917 0x267c [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
19:49:24.0918 0x267c scmdisk0101 - ok
19:49:24.0924 0x267c [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:49:24.0926 0x267c SCPolicySvc - ok
19:49:24.0933 0x267c [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:49:24.0936 0x267c sdbus - ok
19:49:24.0941 0x267c [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:49:24.0944 0x267c SDRSVC - ok
19:49:24.0948 0x267c [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:49:24.0949 0x267c sdstor - ok
19:49:24.0952 0x267c [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
19:49:24.0954 0x267c seclogon - ok
19:49:24.0957 0x267c [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
19:49:24.0959 0x267c SENS - ok
19:49:24.0961 0x267c Sense - ok
19:49:24.0984 0x267c [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:49:25.0001 0x267c SensorDataService - ok
19:49:25.0011 0x267c [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
19:49:25.0017 0x267c SensorService - ok
19:49:25.0022 0x267c [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:49:25.0025 0x267c SensrSvc - ok
19:49:25.0029 0x267c [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:49:25.0030 0x267c SerCx - ok
19:49:25.0035 0x267c [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:49:25.0037 0x267c SerCx2 - ok
19:49:25.0039 0x267c [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:49:25.0040 0x267c Serenum - ok
19:49:25.0043 0x267c [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:49:25.0044 0x267c Serial - ok
19:49:25.0047 0x267c [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:49:25.0048 0x267c sermouse - ok
19:49:25.0060 0x267c [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:49:25.0065 0x267c SessionEnv - ok
19:49:25.0123 0x267c [ 02DED435FCAA1C02959051AF636E154A, 055DBC64F697085820FC4872586E00E4F71B35AA43841F124CA577CF0B49E753 ] sesvc D:\ShadowExplorer\sesvc.exe
19:49:25.0124 0x267c sesvc - ok
19:49:25.0130 0x267c [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:49:25.0132 0x267c sfloppy - ok
19:49:25.0152 0x267c [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:49:25.0168 0x267c SharedAccess - ok
19:49:25.0184 0x267c [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:49:25.0194 0x267c ShellHWDetection - ok
19:49:25.0200 0x267c [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:49:25.0204 0x267c shpamsvc - ok
19:49:25.0207 0x267c [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:49:25.0208 0x267c SiSRaid2 - ok
19:49:25.0212 0x267c [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:49:25.0214 0x267c SiSRaid4 - ok
19:49:25.0223 0x267c [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate D:\Skype\Updater\Updater.exe
19:49:25.0228 0x267c SkypeUpdate - ok
19:49:25.0231 0x267c [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
19:49:25.0233 0x267c smphost - ok
19:49:25.0244 0x267c [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:49:25.0253 0x267c SmsRouter - ok
19:49:25.0258 0x267c [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:49:25.0260 0x267c SNMPTRAP - ok
19:49:25.0270 0x267c [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:49:25.0277 0x267c spaceport - ok
19:49:25.0281 0x267c [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:49:25.0282 0x267c SpbCx - ok
19:49:25.0298 0x267c [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:49:25.0309 0x267c Spooler - ok
19:49:25.0387 0x267c [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:49:25.0459 0x267c sppsvc - ok
19:49:25.0471 0x267c [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:49:25.0476 0x267c srv - ok
19:49:25.0489 0x267c [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:49:25.0497 0x267c srv2 - ok
19:49:25.0504 0x267c [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:49:25.0507 0x267c srvnet - ok
19:49:25.0512 0x267c [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:49:25.0516 0x267c SSDPSRV - ok
19:49:25.0522 0x267c [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:49:25.0526 0x267c SstpSvc - ok
19:49:25.0531 0x267c [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:49:25.0533 0x267c ssudmdm - ok
19:49:25.0592 0x267c [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:49:25.0645 0x267c StateRepository - ok
19:49:25.0671 0x267c [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:49:25.0688 0x267c Steam Client Service - ok
19:49:25.0692 0x267c [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:49:25.0692 0x267c stexstor - ok
19:49:25.0704 0x267c [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:49:25.0713 0x267c stisvc - ok
19:49:25.0718 0x267c [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:49:25.0719 0x267c storahci - ok
19:49:25.0723 0x267c [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:49:25.0723 0x267c storflt - ok
19:49:25.0727 0x267c [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:49:25.0728 0x267c stornvme - ok
19:49:25.0732 0x267c [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:49:25.0733 0x267c storqosflt - ok
19:49:25.0741 0x267c [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:49:25.0748 0x267c StorSvc - ok
19:49:25.0751 0x267c [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:49:25.0751 0x267c storufs - ok
19:49:25.0754 0x267c [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:49:25.0755 0x267c storvsc - ok
19:49:25.0758 0x267c [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
19:49:25.0759 0x267c svsvc - ok
19:49:25.0762 0x267c [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:49:25.0762 0x267c swenum - ok
19:49:25.0771 0x267c [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
19:49:25.0779 0x267c swprv - ok
19:49:25.0783 0x267c [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:49:25.0784 0x267c Synth3dVsc - ok
19:49:25.0800 0x267c [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
19:49:25.0813 0x267c SysMain - ok
19:49:25.0822 0x267c [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:49:25.0828 0x267c SystemEventsBroker - ok
19:49:25.0833 0x267c [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:49:25.0836 0x267c TabletInputService - ok
19:49:25.0843 0x267c [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:49:25.0848 0x267c TapiSrv - ok
19:49:25.0887 0x267c [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:49:25.0919 0x267c Tcpip - ok
19:49:25.0957 0x267c [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:49:25.0985 0x267c Tcpip6 - ok
19:49:25.0991 0x267c [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:49:25.0992 0x267c tcpipreg - ok
19:49:25.0997 0x267c [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:49:25.0999 0x267c tdx - ok
19:49:26.0002 0x267c [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:49:26.0003 0x267c terminpt - ok
19:49:26.0019 0x267c [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
19:49:26.0032 0x267c TermService - ok
19:49:26.0037 0x267c [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
19:49:26.0039 0x267c Themes - ok
19:49:26.0045 0x267c [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:49:26.0050 0x267c TieringEngineService - ok
19:49:26.0061 0x267c [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:49:26.0069 0x267c tiledatamodelsvc - ok
19:49:26.0075 0x267c [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:49:26.0079 0x267c TimeBrokerSvc - ok
19:49:26.0084 0x267c [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:49:26.0087 0x267c TPM - ok
19:49:26.0091 0x267c [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:49:26.0094 0x267c TrkWks - ok
19:49:26.0098 0x267c [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:49:26.0100 0x267c TrustedInstaller - ok
19:49:26.0104 0x267c [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:49:26.0105 0x267c tsusbflt - ok
19:49:26.0108 0x267c [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:49:26.0109 0x267c TsUsbGD - ok
19:49:26.0113 0x267c [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
19:49:26.0114 0x267c tsusbhub - ok
19:49:26.0119 0x267c [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:49:26.0121 0x267c tunnel - ok
19:49:26.0125 0x267c [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:49:26.0127 0x267c tzautoupdate - ok
19:49:26.0131 0x267c [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:49:26.0132 0x267c UASPStor - ok
19:49:26.0136 0x267c [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:49:26.0137 0x267c UcmCx0101 - ok
19:49:26.0141 0x267c [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:49:26.0142 0x267c UcmTcpciCx0101 - ok
19:49:26.0145 0x267c [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:49:26.0146 0x267c UcmUcsi - ok
19:49:26.0153 0x267c [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:49:26.0155 0x267c Ucx01000 - ok
19:49:26.0159 0x267c [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:49:26.0159 0x267c UdeCx - ok
19:49:26.0166 0x267c [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:49:26.0170 0x267c udfs - ok
19:49:26.0173 0x267c [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:49:26.0174 0x267c UEFI - ok
19:49:26.0177 0x267c [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:49:26.0178 0x267c UevAgentDriver - ok
19:49:26.0196 0x267c [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:49:26.0213 0x267c UevAgentService - ok
19:49:26.0220 0x267c [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:49:26.0224 0x267c Ufx01000 - ok
19:49:26.0227 0x267c [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:49:26.0229 0x267c UfxChipidea - ok
19:49:26.0233 0x267c [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:49:26.0235 0x267c ufxsynopsys - ok
19:49:26.0240 0x267c [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:49:26.0242 0x267c UI0Detect - ok
19:49:26.0245 0x267c [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:49:26.0246 0x267c umbus - ok
19:49:26.0249 0x267c [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:49:26.0249 0x267c UmPass - ok
19:49:26.0256 0x267c [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:49:26.0261 0x267c UmRdpService - ok
19:49:26.0280 0x267c [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:49:26.0296 0x267c UnistoreSvc - ok
19:49:26.0307 0x267c [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:49:26.0313 0x267c upnphost - ok
19:49:26.0317 0x267c [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:49:26.0317 0x267c UrsChipidea - ok
19:49:26.0321 0x267c [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:49:26.0321 0x267c UrsCx01000 - ok
19:49:26.0325 0x267c [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:49:26.0326 0x267c UrsSynopsys - ok
19:49:26.0331 0x267c [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:49:26.0333 0x267c usbccgp - ok
19:49:26.0337 0x267c [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:49:26.0338 0x267c usbcir - ok
19:49:26.0342 0x267c [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:49:26.0343 0x267c usbehci - ok
19:49:26.0353 0x267c [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:49:26.0359 0x267c usbhub - ok
19:49:26.0370 0x267c [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:49:26.0376 0x267c USBHUB3 - ok
19:49:26.0380 0x267c [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:49:26.0380 0x267c usbohci - ok
19:49:26.0383 0x267c [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:49:26.0384 0x267c usbprint - ok
19:49:26.0387 0x267c [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:49:26.0388 0x267c usbscan - ok
19:49:26.0391 0x267c [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:49:26.0392 0x267c usbser - ok
19:49:26.0397 0x267c [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:49:26.0398 0x267c USBSTOR - ok
19:49:26.0401 0x267c [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:49:26.0402 0x267c usbuhci - ok
19:49:26.0410 0x267c [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:49:26.0414 0x267c USBXHCI - ok
19:49:26.0439 0x267c [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:49:26.0460 0x267c UserDataSvc - ok
19:49:26.0479 0x267c [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:49:26.0493 0x267c UserManager - ok
19:49:26.0505 0x267c [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:49:26.0514 0x267c UsoSvc - ok
19:49:26.0517 0x267c [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:49:26.0519 0x267c VaultSvc - ok
19:49:26.0522 0x267c [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\WINDOWS\System32\drivers\VClone.sys
19:49:26.0523 0x267c VClone - ok
19:49:26.0526 0x267c [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:49:26.0527 0x267c vdrvroot - ok
19:49:26.0538 0x267c [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
19:49:26.0548 0x267c vds - ok
19:49:26.0554 0x267c [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:49:26.0556 0x267c VerifierExt - ok
19:49:26.0569 0x267c [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:49:26.0578 0x267c vhdmp - ok
19:49:26.0581 0x267c [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:49:26.0582 0x267c vhf - ok
19:49:26.0586 0x267c [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:49:26.0587 0x267c vmbus - ok
19:49:26.0590 0x267c [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:49:26.0591 0x267c VMBusHID - ok
19:49:26.0593 0x267c [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:49:26.0594 0x267c vmgid - ok
19:49:26.0601 0x267c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:49:26.0605 0x267c vmicguestinterface - ok
19:49:26.0611 0x267c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:49:26.0615 0x267c vmicheartbeat - ok
19:49:26.0621 0x267c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
|
|
10.03.2017, 19:54
| #8 |
| | AdChoices im Firefox TDSS II Code:
ATTFilter 19:49:26.0625 0x267c vmickvpexchange - ok
19:49:26.0633 0x267c [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:49:26.0639 0x267c vmicrdv - ok
19:49:26.0646 0x267c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:49:26.0650 0x267c vmicshutdown - ok
19:49:26.0656 0x267c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:49:26.0660 0x267c vmictimesync - ok
19:49:26.0666 0x267c [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:49:26.0670 0x267c vmicvmsession - ok
19:49:26.0678 0x267c [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:49:26.0682 0x267c vmicvss - ok
19:49:26.0686 0x267c [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:49:26.0687 0x267c volmgr - ok
19:49:26.0695 0x267c [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:49:26.0699 0x267c volmgrx - ok
19:49:26.0707 0x267c [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:49:26.0712 0x267c volsnap - ok
19:49:26.0715 0x267c [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
19:49:26.0716 0x267c volume - ok
19:49:26.0719 0x267c [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:49:26.0720 0x267c vpci - ok
19:49:26.0725 0x267c [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:49:26.0727 0x267c vsmraid - ok
19:49:26.0751 0x267c [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
19:49:26.0769 0x267c VSS - ok
19:49:26.0777 0x267c [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:49:26.0781 0x267c VSTXRAID - ok
19:49:26.0784 0x267c [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:49:26.0785 0x267c vwifibus - ok
19:49:26.0788 0x267c [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:49:26.0789 0x267c vwififlt - ok
19:49:26.0799 0x267c [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
19:49:26.0807 0x267c W32Time - ok
19:49:26.0811 0x267c [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:49:26.0812 0x267c WacomPen - ok
19:49:26.0820 0x267c [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
19:49:26.0827 0x267c WalletService - ok
19:49:26.0831 0x267c [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:49:26.0833 0x267c wanarp - ok
19:49:26.0835 0x267c [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:49:26.0837 0x267c wanarpv6 - ok
19:49:26.0861 0x267c [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
19:49:26.0883 0x267c wbengine - ok
19:49:26.0898 0x267c [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:49:26.0910 0x267c WbioSrvc - ok
19:49:26.0915 0x267c [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:49:26.0917 0x267c wcifs - ok
19:49:26.0929 0x267c [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:49:26.0940 0x267c Wcmsvc - ok
19:49:26.0949 0x267c [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:49:26.0957 0x267c wcncsvc - ok
19:49:26.0960 0x267c [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:49:26.0961 0x267c wcnfs - ok
19:49:26.0965 0x267c [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:49:26.0966 0x267c WdBoot - ok
19:49:26.0969 0x267c [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
19:49:26.0969 0x267c WDC_SAM - ok
19:49:26.0984 0x267c [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:49:26.0995 0x267c Wdf01000 - ok
19:49:27.0002 0x267c [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:49:27.0005 0x267c WdFilter - ok
19:49:27.0009 0x267c [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:49:27.0012 0x267c WdiServiceHost - ok
19:49:27.0015 0x267c [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:49:27.0017 0x267c WdiSystemHost - ok
19:49:27.0030 0x267c [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:49:27.0039 0x267c wdiwifi - ok
19:49:27.0044 0x267c [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:49:27.0045 0x267c WdNisDrv - ok
19:49:27.0048 0x267c WdNisSvc - ok
19:49:27.0054 0x267c [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:49:27.0058 0x267c WebClient - ok
19:49:27.0064 0x267c [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:49:27.0067 0x267c Wecsvc - ok
19:49:27.0071 0x267c [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:49:27.0073 0x267c WEPHOSTSVC - ok
19:49:27.0076 0x267c [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:49:27.0079 0x267c wercplsupport - ok
19:49:27.0083 0x267c [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:49:27.0086 0x267c WerSvc - ok
19:49:27.0091 0x267c [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:49:27.0093 0x267c WFPLWFS - ok
19:49:27.0097 0x267c [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:49:27.0099 0x267c WiaRpc - ok
19:49:27.0103 0x267c [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:49:27.0103 0x267c WIMMount - ok
19:49:27.0105 0x267c WinDefend - ok
19:49:27.0112 0x267c [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:49:27.0114 0x267c WindowsTrustedRT - ok
19:49:27.0117 0x267c [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:49:27.0117 0x267c WindowsTrustedRTProxy - ok
19:49:27.0133 0x267c [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:49:27.0144 0x267c WinHttpAutoProxySvc - ok
19:49:27.0149 0x267c [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:49:27.0150 0x267c WinMad - ok
19:49:27.0158 0x267c [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:49:27.0161 0x267c Winmgmt - ok
19:49:27.0203 0x267c [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:49:27.0240 0x267c WinRM - ok
19:49:27.0249 0x267c [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:49:27.0250 0x267c WINUSB - ok
19:49:27.0253 0x267c [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:49:27.0254 0x267c WinVerbs - ok
19:49:27.0266 0x267c [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:49:27.0274 0x267c wisvc - ok
19:49:27.0311 0x267c [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:49:27.0344 0x267c WlanSvc - ok
19:49:27.0379 0x267c [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:49:27.0406 0x267c wlidsvc - ok
19:49:27.0411 0x267c [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:49:27.0411 0x267c WmiAcpi - ok
19:49:27.0418 0x267c [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:49:27.0420 0x267c wmiApSrv - ok
19:49:27.0422 0x267c WMPNetworkSvc - ok
19:49:27.0428 0x267c [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:49:27.0431 0x267c Wof - ok
19:49:27.0460 0x267c [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:49:27.0485 0x267c workfolderssvc - ok
19:49:27.0490 0x267c [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:49:27.0492 0x267c WPDBusEnum - ok
19:49:27.0495 0x267c [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:49:27.0496 0x267c WpdUpFltr - ok
19:49:27.0502 0x267c [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:49:27.0506 0x267c WpnService - ok
19:49:27.0510 0x267c [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:49:27.0513 0x267c WpnUserService - ok
19:49:27.0517 0x267c [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:49:27.0518 0x267c ws2ifsl - ok
19:49:27.0521 0x267c [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudioDevice_383 C:\WINDOWS\system32\drivers\VirtualAudio.sys
19:49:27.0522 0x267c WsAudioDevice_383 - ok
19:49:27.0527 0x267c [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:49:27.0531 0x267c wscsvc - ok
19:49:27.0535 0x267c WSearch - ok
19:49:27.0571 0x267c [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:49:27.0601 0x267c wuauserv - ok
19:49:27.0607 0x267c [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:49:27.0608 0x267c WudfPf - ok
19:49:27.0614 0x267c [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
19:49:27.0617 0x267c WUDFRd - ok
19:49:27.0621 0x267c [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:49:27.0624 0x267c wudfsvc - ok
19:49:27.0629 0x267c [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:49:27.0631 0x267c WUDFWpdFs - ok
19:49:27.0636 0x267c [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:49:27.0639 0x267c WUDFWpdMtp - ok
19:49:27.0661 0x267c [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:49:27.0679 0x267c WwanSvc - ok
19:49:27.0697 0x267c [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:49:27.0712 0x267c XblAuthManager - ok
19:49:27.0733 0x267c [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:49:27.0749 0x267c XblGameSave - ok
19:49:27.0757 0x267c [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:49:27.0760 0x267c xboxgip - ok
19:49:27.0777 0x267c [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:49:27.0791 0x267c XboxNetApiSvc - ok
19:49:27.0795 0x267c [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:49:27.0796 0x267c xinputhid - ok
19:49:27.0818 0x267c [ 380B1AE3C8E99FC2280967180FE4C513, 177507B966532B129760F2E1CCB6CFE04FFA5AA233D434168489EFBC65A7900A ] {41E8078B-96D9-42DC-8789-A1CF102CD880} D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl
19:49:27.0818 0x267c {41E8078B-96D9-42DC-8789-A1CF102CD880} - ok
19:49:27.0819 0x267c ================ Scan global ===============================
19:49:27.0822 0x267c [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
19:49:27.0827 0x267c [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
19:49:27.0833 0x267c [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
19:49:27.0843 0x267c [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
19:49:27.0849 0x267c [ Global ] - ok
19:49:27.0849 0x267c ================ Scan MBR ==================================
19:49:27.0851 0x267c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:49:27.0889 0x267c \Device\Harddisk0\DR0 - ok
19:49:27.0891 0x267c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:49:27.0895 0x267c \Device\Harddisk1\DR1 - ok
19:49:27.0895 0x267c ================ Scan VBR ==================================
19:49:27.0897 0x267c [ 4660A07DB99858BA5E7F978200436AE4 ] \Device\Harddisk0\DR0\Partition1
19:49:27.0899 0x267c \Device\Harddisk0\DR0\Partition1 - ok
19:49:27.0900 0x267c [ 8684D3BD1C65DD2197926B1479E260AD ] \Device\Harddisk0\DR0\Partition2
19:49:27.0901 0x267c \Device\Harddisk0\DR0\Partition2 - ok
19:49:27.0903 0x267c [ 6FCFE879066021F6FDA7887B147C0DFD ] \Device\Harddisk1\DR1\Partition1
19:49:27.0904 0x267c \Device\Harddisk1\DR1\Partition1 - ok
19:49:27.0906 0x267c [ 998048D14C91FFF5A91C1D94B8D86E5C ] \Device\Harddisk1\DR1\Partition2
19:49:27.0907 0x267c \Device\Harddisk1\DR1\Partition2 - ok
19:49:27.0910 0x267c [ 6DC71BB652AE74AE33951297819ADA68 ] \Device\Harddisk1\DR1\Partition3
19:49:27.0911 0x267c \Device\Harddisk1\DR1\Partition3 - ok
19:49:27.0912 0x267c [ 62EFB9DB817C53C0DF95EDA235F5289D ] \Device\Harddisk1\DR1\Partition4
19:49:27.0914 0x267c \Device\Harddisk1\DR1\Partition4 - ok
19:49:27.0915 0x267c [ 4F391211AAFF8203FD61DED7F9C9D782 ] \Device\Harddisk1\DR1\Partition5
19:49:27.0917 0x267c \Device\Harddisk1\DR1\Partition5 - ok
19:49:27.0917 0x267c ================ Scan generic autorun ======================
19:49:28.0153 0x267c [ 58D9B2F0E126B1842D93D7B8862BF02E, 2D5BF0CAA008C2B16014A4E711E9B7F05BC1FD771067627779815E8C48894EDB ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:49:28.0332 0x267c Launch LCore - ok
19:49:28.0346 0x267c [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
19:49:28.0348 0x267c Avira SystrayStartTrigger - ok
19:49:28.0364 0x267c [ 1E0029B9936F42C86138EADB5C27439E, 0A57C0DF2E2995C45FB92D1229FFAA1493748F39F01FB53F9559C5AFB5C1CA13 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
19:49:28.0374 0x267c avgnt - ok
19:49:28.0379 0x267c Dropbox - ok
19:49:28.0383 0x267c [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] D:\VirtualCloneDrive\VCDDaemon.exe
19:49:28.0384 0x267c VirtualCloneDrive - ok
19:49:28.0390 0x267c [ C0F72AF517E27CFE23D4E37EC7FF7E9E, 2CF4F78EC4BE99258BC91F5D94A9AF261F0DBDFD55D0100DCA2CA88813AAD4B4 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
19:49:28.0391 0x267c ControlCenter4 - ok
19:49:28.0454 0x267c [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
19:49:28.0503 0x267c BrStsMon00 - ok
19:49:28.0509 0x267c [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\WINDOWS\UpdReg.EXE
19:49:28.0510 0x267c UpdReg - ok
19:49:28.0534 0x267c [ 6F98C7DA1AE54B3151358971336B7B46, 3FE79211467DCC020C3D284B2DFA286677375004E92A742030EAE29A49A0BF76 ] D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
19:49:28.0544 0x267c Sound Blaster Recon3D PCIe Control Panel - ok
19:49:28.0564 0x267c [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
19:49:28.0578 0x267c DivXUpdate - ok
19:49:28.0590 0x267c [ 17A2294ED8BA499132BC7B067D43BC66, 4C79D2D63F43C0EDC1FC122676E0019BDF5E55DE7A1674462ABC664AB30D917A ] D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
19:49:28.0596 0x267c PowerDVD16Agent - ok
19:49:28.0607 0x267c [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:49:28.0613 0x267c SunJavaUpdateSched - ok
19:49:28.0746 0x267c [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:49:28.0845 0x267c OneDriveSetup - ok
19:49:28.0972 0x267c [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:49:29.0066 0x267c OneDriveSetup - ok
19:49:29.0107 0x267c [ B657BB057C2CC7B0EC5E7B30FA573729, B80EFB7F8A27C16C014A4EFA41AE362E4B26E508C57F09F294FD4E0A4C7D740D ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
19:49:29.0136 0x267c uTorrent - ok
19:49:29.0139 0x267c GoogleDriveSync - ok
19:49:29.0273 0x267c [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
19:49:29.0370 0x267c CCleaner Monitoring - ok
19:49:29.0376 0x267c Waiting for KSN requests completion. In queue: 248
19:49:29.0470 0x0ab0 Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
19:49:29.0688 0x0ab0 Object send P2P result: true
19:49:30.0387 0x267c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.151 ), 0x41000 ( enabled : updated )
19:49:30.0389 0x267c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
19:49:30.0392 0x267c Win FW state via NFP2: enabled ( trusted )
19:49:30.0493 0x267c ============================================================
19:49:30.0493 0x267c Scan finished
19:49:30.0493 0x267c ============================================================
19:49:30.0504 0x0af4 Detected object count: 0
19:49:30.0504 0x0af4 Actual detected object count: 0
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von xxx (10-03-2017 19:53:03)
Gestartet von C:\Users\xxx\Desktop
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version: - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version: - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version: - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version: - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version: - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016 - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {2CBCE76D-98A7-4BEE-9286-B590D2202CF5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {6B78D56C-B7FE-43F6-9274-BB86AE74F7C3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {6BAC108C-EE9F-4AD7-9F78-A6EB7F065197} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {7BFE63DD-BEEF-41C8-AA84-3BBFC1702732} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {89645356-5169-40EC-80E3-E2ECE3D6A473} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {8E3B38A0-CA9A-4CB6-A1D5-5CE5F120EE67} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {ADAA096F-3EAC-4EF5-B8E2-E13566DD0B27} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-24 23:32 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-14 12:14 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-14 12:26 - 2016-08-14 12:26 - 00959168 _____ () C:\Users\xxx\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Unlocker\UnlockerCOM.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () D:\NPP\Notepad++\NppShell_06.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-10 08:20 - 2017-03-10 08:20 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32api.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pywintypes27.dll
2017-03-10 08:20 - 2017-03-10 08:20 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pythoncom27.dll
2017-03-10 08:20 - 2017-03-10 08:20 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32com.shell.shell.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_hashlib.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._core_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._gdi_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._windows_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._controls_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._misc_.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pysqlite2._sqlite.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_ctypes.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\unicodedata.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32file.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32security.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\hashobjs_ext.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\thumbnails_ext.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\usb_ext.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\common.time34.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32event.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32gui.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_socket.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_ssl.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_elementtree.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\pyexpat.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32inet.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_psutil_windows.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\windows._lib_cacheinvalidation.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32crypt.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._wizard.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._html2.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_multiprocessing.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\_yappi.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32process.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\wx._animate.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32pipe.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\select.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32pdh.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32profile.pyd
2017-03-10 08:20 - 2017-03-10 08:20 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI66682\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-09-24 23:32 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-24 23:32 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 20:45 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6D89BEBC-8468-4295-B7B1-F8FB62468B37}] => (Allow) LPort=30751
FirewallRules: [{B49AC9AC-B1CF-44F7-82A6-E31837715F1E}] => (Allow) LPort=30751
FirewallRules: [{5B697788-59A3-4747-B76A-E5EDDE0605DC}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{41925E06-A9CD-47E3-BEC1-3A1D93175331}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C1CE0476-BA3F-4EC0-A323-0D82BB6DDD5C}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{BDDAC986-77B7-4F20-9150-032A108F65AF}] => (Allow) G:\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{2D7EAAEE-09A9-4634-A9B1-F3D04B1F44AA}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{840E6FB1-4C73-4892-A8AC-09A0164069D5}] => (Allow) G:\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CD2B6346-5FB9-40F0-BCDA-E07A0429522E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0CBB679C-08AE-4D50-82BA-C5BA5E179045}] => (Allow) LPort=2869
FirewallRules: [{C36766D1-DBB8-426D-B9F3-C96698E14676}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2FD0D92D-D739-47BE-9618-CB3A63C437E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{2D525972-9794-40D3-A02B-A5CACA96D2B0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{C9669401-FED5-4CFB-B728-D3709671ABFF}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{BCA95B63-B100-4C15-A111-DF8BF46455F7}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{7BE4898B-E4A5-4E3D-9E64-EF7F280C6134}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FE48F9E-0E31-43B9-A9F9-5D7EA410B716}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FC71D3F-B4F5-470F-9A53-B0A73AA50539}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52F0DCBE-1FCA-4F6E-AC44-B6E3B04EAF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCD607C7-5DFC-4BCA-9E53-E0750E10F80C}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{8B01E72B-5704-4285-B365-6776050A0075}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2043F9FF-0AC8-4096-B5B0-87EF086B9688}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{0967E305-8FD2-47B7-AA2C-6A9637218131}] => (Allow) G:\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{683AEE22-87DA-4AB5-B7FC-C634826B9E41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AEF5FE01-FCC4-4D4C-BB8F-0B36FE1B9C97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{43B6F3EF-627C-4B90-9E25-66667978C655}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{890EFA8C-E691-4CE9-AA69-4AE9512F1824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D01C8AB7-2424-4719-9194-12F8059582DE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{0A230BC8-3C70-44E0-ADAB-A93E29D1C3BC}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{2E952210-004C-41E0-A8B9-DAA0E96AA873}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FC37E47F-F7EC-4A49-9246-06A80DB92F6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D11ACF96-0CF5-4EA2-8E8F-F05A2E402CCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3578B3AE-F879-48AD-8CB6-F2464A3D055E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FADCF931-8786-4B9C-BC21-67E9380706CB}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{64917906-7DF1-4CDA-90D7-4C147AA838A5}] => (Allow) G:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{A4A1B86B-A6B9-47FE-ACB1-59FAC8FDC767}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0D10BD48-5550-4387-A4A8-EFA0B626281E}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3E8741B3-D529-48C9-9386-AEB4C4A36CEE}] => (Allow) G:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71C117A0-7573-409E-A9BA-19CE1CA2F55D}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{632245F9-6CFD-4852-AF50-DB884D4DE2AA}] => (Allow) G:\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{A2FDA54C-7E62-49F5-B8F0-3B3EBE221366}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{69E4D0E7-83B6-430E-8A37-C873DDBCB53F}] => (Allow) G:\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe
FirewallRules: [{13C20609-1CC6-47C4-B7F4-7BAA982B87B6}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{9DC6F2A9-D8F9-4E07-B818-AA28BF1F31B1}] => (Allow) G:\Origin Games\Crysis 2\bin32\Crysis2.exe
FirewallRules: [{7C9811A2-F07B-472F-B00A-8AEEF332EDF0}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD.exe
FirewallRules: [{061BA69A-FDDA-46EF-A1AA-78DF68D58F7F}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe
FirewallRules: [{1273216E-938E-4291-8486-A80E064F755D}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe
FirewallRules: [{E290168B-0633-4A0D-A403-8848FB710B99}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\Movie\PowerDVDMovie.exe
FirewallRules: [{C9F6E1F5-ADD5-4F43-BD83-4F8A4BD0AEF2}] => (Allow) D:\CyberLink\PowerDVD16\PowerDVD16\CastingStation.exe
FirewallRules: [{823060CF-DD04-4049-92FA-B36F9C864AC8}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{B2014831-F544-4EA3-9E92-10D8B0613239}] => (Allow) D:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BDABF5B9-BE2B-4592-8372-553610D72982}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4A69B45A-53B7-4A97-A3B5-0132EA98268A}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{DC5ABA74-E951-4324-A19F-88822A3A35D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/10/2017 08:23:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/10/2017 12:44:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SimImages.exe, Version 2013.11.5076.20057 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17c0
Startzeit: 01d2992f0b26af13
Beendigungszeit: 4294967295
Anwendungspfad: D:\SimilarImages\SimImages.exe
Berichts-ID: 60c0351d-0522-11e7-9c94-08606ec1264e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/09/2017 04:02:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/08/2017 11:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FileHippo.AppManager.exe, Version 2.0.0.392 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 169c
Startzeit: 01d2985a2f6bc2e1
Beendigungszeit: 6
Anwendungspfad: D:\FileHippo.com\FileHippo.AppManager.exe
Berichts-ID: 286b5e67-044e-11e7-9c93-08606ec1264e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/08/2017 07:28:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/08/2017 07:28:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/08/2017 07:28:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "d:\xmlbar\flv downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/08/2017 07:28:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-4199837023-2687035150-3113593764-1001}/">.
Error: (03/08/2017 06:20:14 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/07/2017 07:50:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (03/10/2017 08:20:37 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/10/2017 01:33:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/10/2017 12:44:35 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/09/2017 03:52:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/09/2017 07:57:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 11:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 11:39:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/08/2017 11:39:40 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 11:39:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-12-06 11:11:22.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-06 11:11:20.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:04:22.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:03:41.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:51.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:47.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:42.608
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:28.918
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:25.934
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 4539.63 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 4765.98 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:232.4 GB) (Free:138.76 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:221.78 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:206.54 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
10.03.2017, 19:56
| #9 |
| | AdChoices im Firefox FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von xxx (Administrator) auf SCHWOBB (10-03-2017 19:52:38)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-10]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\features\{ba65d49e-9429-40ee-8d6e-203f1c721eb2}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-27]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-20] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-08] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-08] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-10 19:52 - 2017-03-10 19:52 - 00030796 _____ C:\Users\xxx\Desktop\FRST.txt
2017-03-10 19:49 - 2017-03-10 19:52 - 00271972 _____ C:\TDSSKiller.3.1.0.12_10.03.2017_19.49.14_log.txt
2017-03-10 19:48 - 2017-03-09 22:31 - 02423808 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2017-03-10 19:48 - 2017-03-09 22:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\xxx\Desktop\tdsskiller.exe
2017-03-10 08:20 - 2017-03-10 08:20 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-09 22:31 - 2017-03-10 19:52 - 00000000 ____D C:\FRST
2017-03-09 22:25 - 2017-03-09 22:25 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-09 22:24 - 2017-03-09 22:41 - 00271972 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 23:10 - 2017-03-08 23:42 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-10 00:44 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:44 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-14 19:42 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-10 19:50 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-10 19:38 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-10 19:37 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-10 13:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 12:25 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-10 11:11 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-10 08:21 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-10 08:20 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-10 01:31 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-10 00:58 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-09 01:40 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-08 23:46 - 2016-07-16 23:57 - 01955412 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-08 23:46 - 2016-07-16 23:57 - 00508564 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-08 23:46 - 2015-10-04 16:26 - 04182586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-08 23:40 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-08 23:39 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-08 23:13 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-08 19:28 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 17:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:45 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-14 19:45 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-14 19:44 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 03:33 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-10 00:13 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 23:57 - 2016-08-14 12:14 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-08-14 12:14 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-08 18:03 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-05 13:01
==================== Ende von FRST.txt ============================
|
|
10.03.2017, 22:04
| #10 |
| /// TB-Ausbilder | AdChoices im Firefox Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
10.03.2017, 23:22
| #11 |
| | AdChoices im Firefox Hier erstmal das adwcleaner log: Code:
ATTFilter # AdwCleaner v6.044 - Bericht erstellt am 10/03/2017 um 22:51:15
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-10.1 [Lokal]
# Betriebssystem : Windows 10 Education (X64)
# Benutzername : xxx - SCHWOBB
# Gestartet von : C:\Users\xxx\Desktop\adwcleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt:
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C2].txt - [1168 Bytes] - [10/03/2017 22:51:15]
C:\AdwCleaner\AdwCleaner[S3].txt - [1788 Bytes] - [10/03/2017 22:39:24]
C:\AdwCleaner\AdwCleaner[S4].txt - [1860 Bytes] - [10/03/2017 22:44:27]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1606 Bytes] ##########
(Nach Neustart verlangten utorrent, java, und die logitech software Änderungen an den Firewall-Einstellungen, die ich allesamt akzeptiert habe). mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10.03.2017 Scan Time: 22:57 Logfile: mbam.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2017.03.10.07 Rootkit Database: v2017.03.10.02 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: xxx Scan Type: Threat Scan Result: Completed Objects Scanned: 340587 Time Elapsed: 5 min, 1 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 10 Education x64
Ran by xxx (Administrator) on 10.03.2017 at 23:13:37,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.03.2017 at 23:14:45,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von xxx (Administrator) auf SCHWOBB (10-03-2017 23:18:29)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Skype Technologies) D:\Skype\Updater\Updater.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\ProgramData\NVIDIA Corporation\Downloader\0cfd1195e705a478237a4db99f7ce77c\GeForce_Experience_Update_v3.4.0.70.exe
(NVIDIA Corporation) C:\Users\xxx\AppData\Local\Temp\NVIDIA\GFE\setup.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-10]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\features\{ba65d49e-9429-40ee-8d6e-203f1c721eb2}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-20] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
R2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-10] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-10] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-10 23:18 - 2017-03-10 23:18 - 00030300 _____ C:\Users\xxx\Desktop\FRST.txt
2017-03-10 23:13 - 2017-03-10 23:13 - 01663736 _____ (Malwarebytes) C:\Users\xxx\Desktop\JRT.exe
2017-03-10 22:37 - 2017-03-08 23:10 - 04031440 _____ C:\Users\xxx\Desktop\adwcleaner_6.044.exe
2017-03-10 19:49 - 2017-03-10 19:52 - 00271972 _____ C:\TDSSKiller.3.1.0.12_10.03.2017_19.49.14_log.txt
2017-03-10 19:48 - 2017-03-09 22:31 - 02423808 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2017-03-10 19:48 - 2017-03-09 22:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\xxx\Desktop\tdsskiller.exe
2017-03-10 08:20 - 2017-03-10 23:17 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-09 22:31 - 2017-03-10 23:18 - 00000000 ____D C:\FRST
2017-03-09 22:25 - 2017-03-09 22:25 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-09 22:24 - 2017-03-09 22:41 - 00271972 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 23:10 - 2017-03-10 22:51 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-10 21:55 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:44 - 2017-02-09 23:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-14 19:42 - 2017-02-10 03:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-10 23:18 - 2016-12-19 20:45 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-10 23:18 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-10 23:17 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-10 23:17 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-10 23:17 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-10 23:16 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-10 23:16 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-10 23:15 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-10 22:59 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-10 22:58 - 2016-07-16 23:57 - 01971100 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-10 22:58 - 2016-07-16 23:57 - 00513082 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-10 22:58 - 2015-10-04 16:26 - 04211776 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-10 22:56 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-10 22:51 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-10 22:51 - 2015-10-10 19:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-10 22:33 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-10 13:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 11:11 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-10 00:58 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 17:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 19:35 - 2017-01-24 18:29 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-23 19:35 - 2016-09-24 23:32 - 01880512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01468864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-23 15:32 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-23 15:30 - 2016-12-19 20:45 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:45 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-14 19:44 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 03:33 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 03:33 - 2016-08-14 09:35 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-09 23:57 - 2016-08-14 12:14 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 23:57 - 2016-08-14 12:14 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 23:57 - 2016-08-14 12:14 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-08 18:03 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-05 13:01
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von xxx (10-03-2017 23:18:56)
Gestartet von C:\Users\xxx\Desktop
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version: - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version: - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version: - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version: - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version: - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016 - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05001D00-94EA-4916-995B-467D4900BEE8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {1C4C8B66-4DF8-462F-8E87-CBE032ABAF30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2BFAAD70-8D29-466C-A07A-460F7C0F4C9A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {50B21913-5161-4191-BADF-F66225BCB709} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A5D6499A-C992-48ED-B1F5-F3B8D64AF774} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {B28D159A-2323-481D-AD6E-82B161212314} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {B2BA0468-9693-4E8E-9C43-D5FFB4D52D46} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-14 12:14 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-01-19 12:34 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2017-03-10 23:17 - 2017-03-10 23:17 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32api.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pywintypes27.dll
2017-03-10 23:17 - 2017-03-10 23:17 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pythoncom27.dll
2017-03-10 23:17 - 2017-03-10 23:17 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32com.shell.shell.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_hashlib.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._core_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._gdi_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._windows_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._controls_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._misc_.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pysqlite2._sqlite.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_ctypes.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\unicodedata.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32file.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32security.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\hashobjs_ext.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\thumbnails_ext.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\usb_ext.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\common.time34.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32event.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32gui.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_socket.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_ssl.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_elementtree.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\pyexpat.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32inet.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_psutil_windows.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\windows._lib_cacheinvalidation.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32crypt.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._wizard.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._html2.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_multiprocessing.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\_yappi.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32process.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\wx._animate.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32pipe.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\select.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32pdh.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32profile.pyd
2017-03-10 23:17 - 2017-03-10 23:17 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI72682\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-24 23:32 - 2017-02-23 19:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-24 23:32 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-27 18:55 - 2016-11-27 18:55 - 00021680 _____ () D:\NPP\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () D:\NPP\Notepad++\plugins\NppFTP.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{718C9E62-BD64-4930-8C6D-6C4D05D17421}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4B69572B-2F6D-4B94-A786-C414A289F482}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7BEB64AB-AE33-428C-9DD8-E8F00C7AA2F1}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CAAB1C6D-0865-45EA-8A97-4FA45569B558}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B525EECE-5BBF-4902-A392-E9A89DE2CCCE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{16170517-E72C-419B-8876-80F06846C60F}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{D9371820-BFE5-416A-853F-E4940F32A9B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{5923764D-84CC-480B-AEE7-A40C086602FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0EE97BF4-38FE-4D45-87E7-F0CAA4A0ACC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6374BA76-38CB-4DA9-9171-CAEEAEFE70A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B240CBB2-2D5C-4EC3-B5C2-D507BC6D82F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Wiederherstellungspunkte =========================
20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8
10-03-2017 23:13:37 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/10/2017 11:13:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/10/2017 10:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 52.0.0.6270, Zeitstempel: 0x58b88eeb
Name des fehlerhaften Moduls: mozglue.dll, Version: 52.0.0.6270, Zeitstempel: 0x58b88a72
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f775
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0x01d299e80e0bd966
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: d030e671-53a8-4f70-846c-648c284d1121
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/10/2017 09:34:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 52.0.0.6270 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f00
Startzeit: 01d299da5faf31bb
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: f8ab30fc-05d0-11e7-9c94-08606ec1264e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/10/2017 08:40:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Tools\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/10/2017 08:23:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/10/2017 12:44:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SimImages.exe, Version 2013.11.5076.20057 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17c0
Startzeit: 01d2992f0b26af13
Beendigungszeit: 4294967295
Anwendungspfad: D:\SimilarImages\SimImages.exe
Berichts-ID: 60c0351d-0522-11e7-9c94-08606ec1264e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/09/2017 04:02:11 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/08/2017 11:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FileHippo.AppManager.exe, Version 2.0.0.392 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 169c
Startzeit: 01d2985a2f6bc2e1
Beendigungszeit: 6
Anwendungspfad: D:\FileHippo.com\FileHippo.AppManager.exe
Berichts-ID: 286b5e67-044e-11e7-9c93-08606ec1264e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/08/2017 07:28:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/08/2017 07:28:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (03/10/2017 11:17:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/10/2017 11:16:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/10/2017 11:13:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/10/2017 10:57:33 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: SCHWOBB)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-4199837023-2687035150-3113593764-1001-1-ntuser.dat
Error: (03/10/2017 10:57:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: SCHWOBB)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-4199837023-2687035150-3113593764-1001-0-ntuser.dat
Error: (03/10/2017 10:52:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/10/2017 10:51:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (03/10/2017 10:51:29 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (03/10/2017 10:51:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (03/10/2017 10:51:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-12-06 11:11:22.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-06 11:11:20.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:04:22.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:03:41.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:51.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:47.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:42.608
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:28.918
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:25.934
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 5320.32 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 6083.2 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:232.4 GB) (Free:137.88 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:217.14 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:213.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
Problem ist immer noch vorhanden, aber nicht auf allen Seiten von stern.de, zb hier schon: hxxp://www.stern.de/wirtschaft/news/lidl--dm--deichmann--diese-marken-liegen-im-preis-leistungs-verhaeltnis-ganz-vorne-7357746.html aber hier nicht: hxxp://www.stern.de/panorama/stern-crime/herne--marcel-h--gesteht-zwei-morde---ermittler-geben-erste-pressekonferenz-7363804.html Ansonsten keinerlei Probleme auf Seiten, die ich sonst oft benutze. |
|
11.03.2017, 12:37
| #12 |
| /// TB-Ausbilder | AdChoices im Firefox Servus, wenn ich bei mir unter FF Adblock Plus und NoScript deaktiviere, sehe ich auch diese "AdChoices", ist einfach "Werbung" (ähnlich wie ein Werbebanner), aber es steckt jetzt keine Schadsoftware dahinter. Deine Logdateien sehen auch gut aus. AdBlockPlus ist nicht zufällig auf dieser Seite deaktiviert, oder? Schau mal bei AdBlock Plus unter Filtereinstellungen nach. Entferne ggf. den Haken bei "Einige nicht aufdringliche Werbung" zulassen. Wir kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
SetDefaultFilePermissions: C:\WINDOWS\system32\N;
Folder: C:\WINDOWS\system32\N;
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
12.03.2017, 08:25
| #13 |
| | AdChoices im Firefox fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von xxx (12-03-2017 00:35:35) Run:1
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
SetDefaultFilePermissions: C:\WINDOWS\system32\N;
Folder: C:\WINDOWS\system32\N;
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
"C:\WINDOWS\system32\N;" => Standard Berechtigungen erfolgreich wiederhergestellt.
========================= Folder: C:\WINDOWS\system32\N; ========================
====== Ende von Folder: ======
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\Program Files
19.02.2017 21:39 <DIR> .
19.02.2017 21:39 <DIR> ..
14.08.2016 09:47 <DIR> CCleaner
14.08.2016 13:12 <DIR> CMAK
04.03.2017 13:06 <DIR> Common Files
09.02.2016 23:51 <DIR> Creative
27.10.2016 00:13 <DIR> DivX
24.09.2016 08:41 <DIR> Duplicate Photo Cleaner
19.02.2017 21:39 <DIR> Easy Duplicate Finder
20.02.2017 21:34 <DIR> Internet Explorer
23.12.2016 22:40 <DIR> Logitech Gaming Software
07.10.2015 22:42 <DIR> Microsoft Analysis Services
07.10.2015 22:43 <DIR> Microsoft Office
14.08.2016 13:10 <DIR> MSBuild
28.01.2016 22:48 <DIR> Nuance
10.03.2017 23:18 <DIR> NVIDIA Corporation
14.08.2016 12:17 <DIR> Realtek
14.08.2016 13:10 <DIR> Reference Assemblies
27.01.2016 21:10 <DIR> Tracker Software
15.09.2016 15:10 <DIR> Windows Defender
30.09.2016 16:40 <DIR> Windows Defender Advanced Threat Protection
04.10.2015 17:17 <DIR> Windows Live
12.10.2016 21:11 <DIR> Windows Mail
28.10.2016 12:04 <DIR> Windows Media Player
16.07.2016 12:47 <DIR> Windows Multimedia Platform
14.08.2016 12:21 <DIR> Windows NT
12.10.2016 21:11 <DIR> Windows Photo Viewer
16.07.2016 12:47 <DIR> Windows Portable Devices
16.07.2016 12:47 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
29 Verzeichnis(se), 145.611.132.928 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\Program Files (x86)
11.03.2017 18:12 <DIR> .
11.03.2017 18:12 <DIR> ..
19.12.2016 22:12 <DIR> Avira
07.04.2016 21:44 <DIR> Brother
28.01.2016 22:42 <DIR> Browny02
14.08.2016 13:12 <DIR> CMAK
04.03.2017 13:06 <DIR> Common Files
09.07.2016 06:52 <DIR> ControlCenter4
14.08.2016 09:29 <DIR> Creative
27.10.2016 00:13 <DIR> CyberLink
27.10.2016 00:13 <DIR> DivX
09.03.2017 21:35 <DIR> Dropbox
26.10.2016 00:16 <DIR> FreeCodecPack
19.08.2016 14:20 <DIR> FreeCommander XE
25.02.2017 01:18 <DIR> Google
10.11.2016 11:27 <DIR> Hewlett-Packard
20.02.2017 21:34 <DIR> Internet Explorer
07.10.2015 22:42 <DIR> Microsoft Analysis Services
09.11.2015 19:15 <DIR> Microsoft ASP.NET
07.10.2015 22:42 <DIR> Microsoft Office
04.10.2015 17:17 <DIR> Microsoft SQL Server Compact Edition
14.08.2016 12:17 <DIR> Microsoft.NET
08.03.2017 23:21 <DIR> Mozilla Firefox
14.08.2016 13:10 <DIR> MSBuild
06.10.2015 21:59 <DIR> MSI
28.01.2016 22:46 <DIR> MSXML 4.0
27.10.2016 00:13 <DIR> NSIS Uninstall Information
29.01.2016 23:16 <DIR> Nuance
10.03.2017 23:18 <DIR> NVIDIA Corporation
14.08.2016 13:10 <DIR> Reference Assemblies
19.09.2016 16:55 <DIR> RLinkToolbox 3
20.02.2017 21:19 <DIR> Skype
19.09.2016 16:55 <DIR> TomTom International B.V
10.03.2017 23:36 <DIR> VulkanRT
15.09.2016 15:10 <DIR> Windows Defender
04.10.2015 17:17 <DIR> Windows Live
15.09.2016 15:10 <DIR> Windows Mail
28.10.2016 12:04 <DIR> Windows Media Player
16.07.2016 12:47 <DIR> Windows Multimedia Platform
16.07.2016 12:47 <DIR> Windows NT
12.10.2016 21:11 <DIR> Windows Photo Viewer
16.07.2016 12:47 <DIR> Windows Portable Devices
16.07.2016 12:47 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
43 Verzeichnis(se), 145.611.132.928 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\ProgramData
19.02.2017 20:22 42 .SimImages
19.12.2016 22:12 <DIR> Avira
14.08.2016 12:17 <DIR> Brother
07.11.2016 17:22 <DIR> Canneverbe Limited
16.07.2016 12:47 <DIR> Comms
09.07.2016 06:52 <DIR> ControlCenter4
04.10.2015 17:01 <DIR> Creative
27.10.2016 00:06 <DIR> CyberLink
11.03.2017 17:34 <DIR> DigitalWave.ApplicationUpdater_files
27.10.2016 00:13 <DIR> DivX
07.10.2015 22:08 <DIR> Dropbox
05.02.2016 23:03 <DIR> Duplicate Photo Cleaner
19.02.2017 21:00 <DIR> Easy Duplicate Finder
09.02.2016 14:26 <DIR> Electronic Arts
16.10.2015 22:07 <DIR> EPSON
27.01.2016 21:10 <DIR> FileOpen
28.01.2016 22:47 <DIR> FLEXnet
10.11.2016 11:27 <DIR> Hewlett-Packard
27.01.2017 01:20 <DIR> install_backup
27.10.2016 00:12 <DIR> install_clap
07.04.2016 10:21 <DIR> iSkysoft Application Common Data
25.04.2016 00:42 <DIR> iSkysoft iTube Studio
12.12.2015 22:05 <DIR> Leawo
04.10.2015 20:13 <DIR> LogiShrd
03.04.2016 21:47 <DIR> Malwarebytes
03.04.2016 22:17 <DIR> Malwarebytes' Anti-Malware (portable)
11.01.2017 19:40 <DIR> Microsoft Help
14.08.2016 12:25 <DIR> Microsoft OneDrive
29.01.2016 23:16 <DIR> Nuance
12.03.2017 00:30 <DIR> NVIDIA
10.03.2017 23:37 <DIR> NVIDIA Corporation
24.01.2017 18:29 8.442 NvTelemetryContainer.log
22.01.2017 16:17 20.937 NvTelemetryContainer.log_backup1
28.01.2017 16:48 <DIR> Oracle
04.03.2017 17:46 <DIR> Origin
13.02.2017 00:38 <DIR> Package Cache
28.01.2016 22:42 <DIR> PCFaxTx
04.10.2015 22:43 <DIR> PDVD
20.12.2016 20:46 <DIR> RavensburgerTipToi3
14.08.2016 12:22 <DIR> regid.1991-06.com.microsoft
28.01.2016 22:52 <DIR> ScanSoft
20.02.2017 21:19 <DIR> Skype
16.07.2016 12:47 <DIR> SoftwareDistribution
27.01.2017 01:20 <DIR> SUPPORTDIR
04.10.2015 21:05 <DIR> Temp
04.03.2017 13:06 <DIR> Thomson.ResearchSoft.Installers
12.03.2017 00:30 <DIR> UMS
14.08.2016 12:25 <DIR> USOPrivate
14.08.2016 12:25 <DIR> USOShared
07.04.2016 10:26 <DIR> Wondershare AllMytube
11.12.2015 23:31 <DIR> XDMessagingv4
3 Datei(en), 29.421 Bytes
48 Verzeichnis(se), 145.611.128.832 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\Users\xxx\AppData\Roaming
08.03.2017 23:35 <DIR> .
08.03.2017 23:35 <DIR> ..
04.10.2015 16:23 <DIR> Adobe
27.11.2016 02:21 <DIR> Audacity
01.03.2017 00:47 <DIR> avidemux
04.10.2015 17:39 <DIR> Avira
20.02.2016 22:27 <DIR> baidu
20.02.2016 22:27 <DIR> BaiduYunGuanjia
20.02.2016 22:27 <DIR> BaiduYunKernel
25.11.2015 23:58 <DIR> Brother
07.11.2016 17:22 <DIR> Canneverbe Limited
15.11.2016 14:59 <DIR> ControlCenter4
04.10.2015 21:03 <DIR> CyberLink
10.12.2015 22:17 <DIR> DigitalVolcano
31.05.2016 23:06 <DIR> DirectoryListPrintPro
07.11.2016 18:30 <DIR> DivX
07.10.2015 22:09 <DIR> Dropbox
21.09.2016 22:54 <DIR> DuplicatePhotoCleaner
25.02.2017 12:30 <DIR> dvdcss
11.03.2017 17:33 <DIR> DVDVideoSoft
08.03.2017 23:33 <DIR> DVS
19.02.2017 21:00 <DIR> EasyDuplicateFinder
11.03.2017 00:50 <DIR> foobar2000
28.02.2017 23:25 <DIR> HandBrake
28.10.2016 20:43 <DIR> HandBrake Team
10.11.2016 11:24 <DIR> hpqLog
04.10.2015 17:18 <DIR> Identities
28.01.2016 22:39 <DIR> InstallShield
09.11.2015 00:57 <DIR> IrfanView
12.12.2015 22:05 <DIR> Leawo
04.10.2015 20:07 <DIR> Logishrd
04.10.2015 20:07 <DIR> Logitech
04.10.2015 19:03 <DIR> Macromedia
04.10.2015 16:40 <DIR> Mozilla
20.02.2017 21:45 <DIR> Mp3tag
29.12.2016 01:55 <DIR> MPC-HC
14.08.2016 11:29 <DIR> Notepad++
29.01.2016 21:54 <DIR> Nuance
17.11.2016 00:25 <DIR> NVIDIA
13.12.2015 21:10 <DIR> Oracle
05.03.2017 01:31 <DIR> Origin
31.05.2016 19:21 <DIR> PortForward.com
20.12.2016 20:48 <DIR> RavensburgerTipToi3
22.01.2017 23:18 <DIR> RStudio
20.02.2017 21:36 <DIR> Skype
04.10.2015 17:57 <DIR> Sun
06.10.2015 21:56 <DIR> Tracker Software
12.03.2017 00:32 <DIR> uTorrent
31.07.2016 22:07 <DIR> Video Downloader(xmlbar)
10.03.2017 23:36 <DIR> vlc
09.10.2015 22:13 <DIR> Windows Live Writer
10.10.2015 23:41 <DIR> WinRAR
11.08.2016 09:01 <DIR> www.shadowexplorer.com
29.01.2016 21:54 <DIR> Zeon
0 Datei(en), 0 Bytes
54 Verzeichnis(se), 145.611.124.736 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\Users\xxx\AppData\Local
12.03.2017 00:31 <DIR> .
12.03.2017 00:31 <DIR> ..
06.12.2016 00:36 <DIR> 4kdownload.com
12.12.2015 08:23 <DIR> ActiveSync
27.10.2016 07:54 <DIR> Adobe
02.08.2016 11:52 <DIR> Apps
06.10.2015 21:49 <DIR> CEF
19.12.2016 20:45 <DIR> Chromium
04.10.2015 16:58 <DIR> Comms
14.08.2016 23:01 <DIR> ConnectedDevicesPlatform
10.03.2017 22:51 <DIR> CrashDumps
05.11.2016 11:03 <DIR> Creative
27.10.2016 00:13 <DIR> CyberLink
10.11.2015 15:03 <DIR> Diagnostics
30.05.2016 12:31 <DIR> Downloaded Installations
09.03.2017 21:35 <DIR> Dropbox
18.02.2016 21:12 <DIR> fontconfig
19.08.2016 14:20 <DIR> FreeCommanderXE
27.01.2017 22:16 <DIR> Google
04.10.2015 20:11 <DIR> Logitech
04.10.2015 19:03 <DIR> Macromedia
04.10.2015 20:59 <DIR> MediaServer
28.11.2015 20:13 <DIR> MediaShow
07.01.2017 02:00 <DIR> Microsoft
26.08.2016 16:06 <DIR> Microsoft Help
06.10.2015 20:33 <DIR> MicrosoftEdge
06.02.2016 00:44 <DIR> MindGems
07.10.2015 08:17 <DIR> Mozilla
24.09.2016 23:32 <DIR> NVIDIA
19.12.2016 20:45 <DIR> NVIDIA Corporation
19.12.2016 20:58 <DIR> Origin
04.03.2017 13:04 <DIR> Packages
30.07.2016 22:44 <DIR> Paint.NET
05.10.2015 20:18 <DIR> PeerDistRepub
04.10.2015 19:18 <DIR> Programs
04.10.2015 16:23 <DIR> Publishers
19.09.2016 16:55 <DIR> Renault
22.01.2017 23:18 <DIR> RStudio-Desktop
11.03.2017 08:28 <DIR> SimilarImages
28.10.2016 14:25 <DIR> Skyrim Special Edition
07.01.2017 02:14 <DIR> Steam
12.03.2017 00:31 <DIR> Temp
04.10.2015 16:23 <DIR> TileDataLayer
07.01.2017 02:11 <DIR> Ubisoft Game Launcher
13.11.2015 17:46 <DIR> VirtualStore
01.11.2016 09:25 <DIR> Windows Live
04.10.2015 17:18 <DIR> Windows Live Writer
0 Datei(en), 0 Bytes
47 Verzeichnis(se), 145.611.124.736 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\Program Files (x86)\Common Files
04.03.2017 13:06 <DIR> .
04.03.2017 13:06 <DIR> ..
27.10.2016 00:13 <DIR> DivX Shared
11.03.2017 18:12 <DIR> DVDVideoSoft
04.10.2015 16:35 <DIR> InstallShield
28.01.2017 16:48 <DIR> Java
19.02.2017 20:54 <DIR> MaierSoft
14.08.2016 12:17 <DIR> Microsoft Shared
27.10.2016 00:06 <DIR> Nikon
20.12.2016 22:42 <DIR> Risxtd
28.01.2016 22:52 <DIR> ScanSoft Shared
16.07.2016 12:47 <DIR> Services
20.02.2017 21:19 <DIR> Skype
04.03.2017 17:53 <DIR> Steam
16.07.2016 23:57 <DIR> System
04.10.2015 17:03 <DIR> Windows Live
0 Datei(en), 0 Bytes
16 Verzeichnis(se), 145.611.120.640 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 985E-D7C3
Verzeichnis von C:\Program Files\Common Files
04.03.2017 13:06 <DIR> .
04.03.2017 13:06 <DIR> ..
07.10.2015 22:43 <DIR> DESIGNER
12.10.2015 18:19 <DIR> EPSON
14.08.2016 12:17 <DIR> microsoft shared
16.07.2016 12:47 <DIR> Services
14.08.2016 12:17 <DIR> System
0 Datei(en), 0 Bytes
7 Verzeichnis(se), 145.611.128.832 Bytes frei
========= Ende von CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 467092230 B
Java, Flash, Steam htmlcache => 63411234 B
Windows/system/drivers => 40960 B
Edge => 0 B
Chrome => 344602146 B
Firefox => 394653526 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 92381184 B
xxx => 69579905 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 00:35:43 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c95001652412bc49a0820d779545b4bc
# end=init
# utc_time=2017-03-11 11:39:18
# local_time=2017-03-12 12:39:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32685
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c95001652412bc49a0820d779545b4bc
# end=updated
# utc_time=2017-03-11 11:44:11
# local_time=2017-03-12 12:44:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c95001652412bc49a0820d779545b4bc
# engine=32685
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-12 02:01:18
# local_time=2017-03-12 03:01:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 41977 48163886 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9000170 20614694 0 0
# scanned=378891
# found=7
# cleaned=0
# scan_time=8227
sh=21FBA3DF010A5D1144701EDBF30B54D45EADBB33 ft=1 fh=981326570f13c46b vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\ProgramData\DigitalWave.ApplicationUpdater_files\install_app_60.exe"
sh=21FBA3DF010A5D1144701EDBF30B54D45EADBB33 ft=1 fh=981326570f13c46b vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\All Users\DigitalWave.ApplicationUpdater_files\install_app_60.exe"
sh=5C1016CEC291721EC6BD63A53C0A111295F31F14 ft=1 fh=40be34a04d220424 vn="Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\xxx\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe"
sh=B453A3E737F7E34B4070207D63CE0E92287D8513 ft=1 fh=29e742d37976a7ed vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\10AppsManager - CHIP-Installer.exe"
sh=D5BFE92E6128E41BF2538CDBD9C0AA34B0FC8CA9 ft=1 fh=7ebc9b6ec9275e3a vn="Win32/Toolbar.Conduit.AN eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\CyberLink_MediaEspresso7.5_MEX160804-01.exe"
sh=65817D4AC14CDE00DE7C45E760A8E4A6FCD6EA98 ft=1 fh=cc6dca1f25b25b86 vn="Variante von Win32/Auslogics.C eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\duplicate-file-finder-setup.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E eventuell unerwünschte Anwendung" ac=I fn="H:\Tools\Unlocker1.9.2.exe"
 Hitman Code:
ATTFilter HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : SCHWOBB
Windows . . . . . . . : 10.0.0.14393.X64/4
User name . . . . . . : SCHWOBB\xxx
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-03-12 08:26:18
Scan mode . . . . . . : Normal
Scan duration . . . . : 1m 30s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 2
Objects scanned . . . : 2.046.321
Files scanned . . . . : 53.206
Remnants scanned . . : 441.195 files / 1.551.920 keys
Suspicious files ____________________________________________________________
C:\$Recycle.Bin\S-1-5-21-4199837023-2687035150-3113593764-1001\$R3B6JX6\FRST64.exe
Size . . . . . . . : 2.423.808 bytes
Age . . . . . . . : 1.5 days (2017-03-10 19:48:58)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 0C11A0E7E1D7950EAAB54F640609BD62DC8E7F6CCBDD4520ACD6E0A67C252262
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-0.0s C:\Users\xxx\Desktop\tdsskiller.exe
0.0s C:\$Recycle.Bin\S-1-5-21-4199837023-2687035150-3113593764-1001\$R3B6JX6\FRST64.exe
C:\Users\xxx\Desktop\FRST64.exe
Size . . . . . . . : 2.424.320 bytes
Age . . . . . . . : 0.3 days (2017-03-12 00:35:27)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 888080A18968475A4AF792C1F4EAED87442D61A9BD32DAAD9763CB641B5C97D9
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von xxx (Administrator) auf SCHWOBB (12-03-2017 08:30:55)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) G:\Origin\OriginWebHelperService.exe
(www.shadowexplorer.com) D:\ShadowExplorer\sesvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(ALCPU) D:\Core Temp\Core Temp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(techPowerUp (www.techpowerup.com)) D:\GPU-Z\GPU-Z.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
() C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\xxx\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe
(Oracle Corporation) D:\Java64\bin\javaw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Creative Technology Ltd) D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(SurfRight B.V.) C:\Users\xxx\Desktop\HitmanPro_x64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe
(Don HO don.h@free.fr) D:\NPP\Notepad++\notepad++.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [27308304 2017-03-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => D:\Creative\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [PowerDVD16Agent] => D:\CyberLink\PowerDVD16\PowerDVD16\PowerDVD16Agent.exe [525352 2016-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-04] (BitTorrent Inc.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2015-10-04]
ShortcutTarget: Universal Media Server.lnk -> D:\UMS\UMS.exe (Universal Media Server)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{91c30c7d-d0a5-4365-a93e-eafa498ca70d}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer64.dll [2016-04-03] (www.startisback.com)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java64\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java64\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> D:\ONE\OldNewExplorer32.dll [2016-04-03] (www.startisback.com)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java32\bin\ssv.dll [2017-01-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java32\bin\jp2ssv.dll [2017-01-28] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: febeprof.xxx
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx [2017-03-12]
FF Homepage: Mozilla\Firefox\Profiles\febeprof.xxx -> hxxp://www.spiegel-online.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\febeprof.xxx -> type", 0
FF Extension: (New XKit) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\@new-xkit.xpi [2016-10-07]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (DownThemAll! AntiContainer) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\anticontainer@downthemall.net.xpi [2016-04-15]
FF Extension: (MEGA) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\firefox@mega.co.nz.xpi [2017-03-09]
FF Extension: (Tumblr Savior) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2017-03-07]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-03-09]
FF Extension: (Japanese Language Pack) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Save Images) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (RememberPass) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\rememberpass@teesoft.info.xpi [2016-04-28]
FF Extension: (S3.Google Translator) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\s3google@translator.xpi [2016-10-19]
FF Extension: (Locale Switcher) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2016-04-28]
FF Extension: (Google Image Search) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2016-04-28]
FF Extension: (Video DownloadHelper) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-01]
FF Extension: (DivX Wizard Pro) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cc79db9d-e06e-469f-932a-2537c0db2b4a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (RightToClick) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: (Adblock Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Tab Mix Plus) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-01-31]
FF Extension: (DownThemAll!) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.xxx\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> D:\Java64\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> D:\Java64\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Java32\bin\dtplugin\npDeployJava1.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Java32\bin\plugin2\npjp2.dll [2017-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Google Präsentationen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Google Docs) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Video Downloader professional) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-09-01]
CHR Extension: (Google Tabellen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Avira Browserschutz) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-11]
CHR Extension: (Google Docs Offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\WINDOWS\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-01-21] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-02-08] (Digital Wave Ltd.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (Micro-Star Int'l Co., Ltd.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2122248 2017-02-08] (Electronic Arts)
R2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2184208 2017-02-08] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 sesvc; D:\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Datei ist nicht signiert]
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [317400 2017-01-16] (Skype Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ALSysIO; C:\Users\xxx\AppData\Local\Temp\ALSysIO64.sys [35320 2017-03-12] (Arthur Liberman) <==== ACHTUNG
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\WINDOWS\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\WINDOWS\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 GPU-Z; C:\Users\xxx\AppData\Local\Temp\GPU-Z.sys [27008 2017-03-12] () <==== ACHTUNG
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2016-12-08] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2a6e383a1adc0e24\nvlddmkm.sys [14569528 2017-02-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2016-02-29] (Wondershare)
R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; D:\CyberLink\PowerDVD16\PowerDVD16\Common\NavFilter\000.fcl [38168 2016-12-19] (CyberLink Corp.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-12 08:30 - 2017-03-12 08:31 - 00031061 _____ C:\Users\xxx\Desktop\FRST.txt
2017-03-12 08:25 - 2017-03-12 08:31 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-12 02:10 - 2017-03-12 08:25 - 11581544 _____ (SurfRight B.V.) C:\Users\xxx\Desktop\HitmanPro_x64.exe
2017-03-12 00:39 - 2017-03-12 00:39 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-12 00:38 - 2017-03-12 00:39 - 02870984 _____ (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_deu.exe
2017-03-12 00:34 - 2017-03-12 00:34 - 00000000 _____ C:\Users\xxx\Desktop\Neues Textdokument.txt
2017-03-12 00:30 - 2017-03-12 00:36 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\uTorrent
2017-03-10 23:36 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-03-10 23:35 - 2017-03-10 23:36 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-10 23:34 - 2017-02-23 23:55 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 34992184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 19007528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 11019888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 08990256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437878.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437878.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00989632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00721768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00687408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00573632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-03-10 23:34 - 2017-02-23 11:32 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-03-10 23:13 - 2017-03-10 23:13 - 01663736 _____ (Malwarebytes) C:\Users\xxx\Desktop\JRT.exe
2017-03-10 22:37 - 2017-03-08 23:10 - 04031440 _____ C:\Users\xxx\Desktop\adwcleaner_6.044.exe
2017-03-10 19:49 - 2017-03-10 19:52 - 00271972 _____ C:\TDSSKiller.3.1.0.12_10.03.2017_19.49.14_log.txt
2017-03-10 19:48 - 2017-03-12 00:35 - 02424320 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2017-03-10 19:48 - 2017-03-09 22:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\xxx\Desktop\tdsskiller.exe
2017-03-09 22:31 - 2017-03-12 08:30 - 00000000 ____D C:\FRST
2017-03-09 22:24 - 2017-03-09 22:41 - 00271972 _____ C:\TDSSKiller.3.1.0.12_09.03.2017_22.24.21_log.txt
2017-03-09 21:35 - 2017-03-09 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 23:10 - 2017-03-10 22:51 - 00000000 ____D C:\AdwCleaner
2017-03-06 21:50 - 2017-03-06 21:50 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-04 15:02 - 2017-03-04 15:09 - 05713860 _____ C:\Users\xxx\Desktop\robocopy_log3.txt
2017-03-04 14:23 - 2017-03-04 14:55 - 02310791 _____ C:\Users\xxx\Desktop\robocopy_log2.txt
2017-03-04 13:30 - 2017-03-04 13:05 - 00000000 __SHD C:\WINDOWS\system32\N;
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.QtWebEngineProcess
2017-03-02 23:38 - 2017-03-02 23:38 - 00000000 ____D C:\Users\xxx\.Origin
2017-02-25 01:18 - 2017-02-25 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-24 23:34 - 2017-03-05 21:43 - 00056509 _____ C:\Users\xxx\Desktop\48G.xlsx
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-20 21:19 - 2017-02-20 21:19 - 00000000 ____D C:\Program Files (x86)\Skype
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder
2017-02-19 21:39 - 2017-02-19 21:39 - 00000000 ____D C:\Program Files\Easy Duplicate Finder
2017-02-19 21:13 - 2017-03-02 20:59 - 00000024 _____ C:\Users\xxx\Documents\AutoSaveLastScanResults.dup
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\Documents\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\EasyDuplicateFinder
2017-02-19 21:00 - 2017-02-19 21:00 - 00000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-02-19 20:54 - 2017-02-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2017-02-19 20:22 - 2017-03-11 08:28 - 00000000 ____D C:\Users\xxx\AppData\Local\SimilarImages
2017-02-19 20:22 - 2017-02-19 20:22 - 00000042 _____ C:\ProgramData\.SimImages
2017-02-14 22:57 - 2017-02-14 23:09 - 00001274 _____ C:\Users\xxx\.jalview_properties
2017-02-14 19:42 - 2017-02-23 11:32 - 28252608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-14 19:42 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-13 00:38 - 2017-02-13 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-10 19:42 - 2017-02-10 19:42 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-12 08:28 - 2015-10-05 22:45 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2017-03-12 08:19 - 2016-11-18 12:49 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2017-03-12 08:18 - 2016-08-14 12:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 01:52 - 2015-10-04 19:25 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2017-03-12 01:21 - 2015-10-04 19:35 - 00000000 ____D C:\Users\xxx\AppData\Roaming\foobar2000
2017-03-12 00:42 - 2016-07-16 23:57 - 02018164 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-12 00:42 - 2016-07-16 23:57 - 00526636 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-12 00:42 - 2015-10-04 16:26 - 04299346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-12 00:36 - 2016-08-14 12:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 00:36 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-12 00:36 - 2016-02-26 09:16 - 00000000 ___RD C:\Users\xxx\Google Drive
2017-03-12 00:36 - 2015-10-04 20:43 - 00000000 ____D C:\ProgramData\UMS
2017-03-12 00:35 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-12 00:35 - 2016-04-26 20:00 - 00000000 ____D C:\Users\xxx\AppData\LocalLow\Temp
2017-03-11 18:12 - 2016-10-26 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-03-11 17:34 - 2017-01-27 21:56 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-03-11 17:33 - 2016-04-03 13:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVDVideoSoft
2017-03-11 15:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-11 07:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-10 23:37 - 2016-08-14 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-10 23:37 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-10 23:37 - 2015-10-04 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-10 23:36 - 2016-03-11 00:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-10 23:18 - 2016-12-19 20:45 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-09-24 23:32 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-10 23:18 - 2016-08-14 12:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-10 22:56 - 2015-12-11 19:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-10 22:51 - 2016-01-04 08:10 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2017-03-10 22:51 - 2015-10-10 19:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-10 11:11 - 2016-08-14 12:14 - 00013389 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Users\xxx\AppData\Local\Dropbox
2017-03-09 21:35 - 2015-10-07 22:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-08 23:33 - 2016-05-26 19:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DVS
2017-03-08 23:21 - 2015-10-06 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-05 01:36 - 2016-08-14 12:16 - 00000000 ____D C:\Users\xxx
2017-03-05 01:31 - 2016-02-09 14:26 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Origin
2017-03-04 17:46 - 2016-02-09 14:26 - 00000000 ____D C:\ProgramData\Origin
2017-03-04 13:06 - 2016-12-20 22:42 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2017-03-04 13:04 - 2015-10-04 16:23 - 00000000 ____D C:\Users\xxx\AppData\Local\Packages
2017-03-03 08:30 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-03 08:29 - 2016-10-08 09:03 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-03 08:29 - 2015-10-04 17:37 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-01 23:14 - 2016-07-12 07:38 - 00053669 _____ C:\Users\xxx\Desktop\krams.xlsx
2017-03-01 23:04 - 2016-12-21 13:13 - 00000000 ____D C:\Users\xxx\Documents\Japanisch
2017-03-01 00:47 - 2015-10-05 22:52 - 00000000 ____D C:\Users\xxx\AppData\Roaming\avidemux
2017-02-28 23:25 - 2016-10-28 20:42 - 00000000 ____D C:\Users\xxx\AppData\Roaming\HandBrake
2017-02-25 12:30 - 2015-10-05 00:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\dvdcss
2017-02-25 01:18 - 2015-12-06 21:26 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 16:55 - 2015-10-04 16:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 16:53 - 2015-10-04 16:51 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 23:55 - 2016-08-14 09:35 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-02-23 23:55 - 2016-08-14 09:35 - 00217528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-02-23 19:35 - 2016-09-24 23:32 - 01880512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01468864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-09-24 23:32 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-23 19:34 - 2017-01-24 18:29 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-23 15:30 - 2016-12-19 20:45 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-02-23 11:32 - 2016-08-14 09:35 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 09306312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 03596616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 00576008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-23 11:32 - 2016-08-14 09:35 - 00043566 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-23 09:43 - 2016-09-24 23:32 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-08-14 12:14 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 02479160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-08-14 12:14 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-23 07:38 - 2016-08-14 12:14 - 07807027 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-22 21:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-22 21:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 21:45 - 2015-10-09 22:08 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mp3tag
2017-02-20 21:36 - 2016-02-05 08:13 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2017-02-20 21:19 - 2016-02-05 08:12 - 00000000 ____D C:\ProgramData\Skype
2017-02-19 17:37 - 2017-01-29 19:46 - 00000134 _____ C:\Users\xxx\Documents\default.vsp
2017-02-19 16:21 - 2015-10-04 19:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-19 09:07 - 2016-03-08 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-13 00:38 - 2015-10-04 17:36 - 00000000 ____D C:\ProgramData\Package Cache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-19 20:22 - 2017-02-19 20:22 - 0000042 _____ () C:\ProgramData\.SimImages
2015-12-12 04:23 - 2015-12-12 04:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-19 20:45 - 2017-01-24 18:29 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:45 - 2017-01-22 16:17 - 0020937 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-05 13:01
==================== Ende von FRST.txt ============================
Geändert von rka0 (12.03.2017 um 08:39 Uhr) |
|
12.03.2017, 08:37
| #14 |
| | AdChoices im Firefox Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von xxx (12-03-2017 08:31:22)
Gestartet von C:\Users\xxx\Desktop
Windows 10 Education Version 1607 (X64) (2016-08-14 11:21:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4199837023-2687035150-3113593764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4199837023-2687035150-3113593764-503 - Limited - Disabled)
Gast (S-1-5-21-4199837023-2687035150-3113593764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4199837023-2687035150-3113593764-1003 - Limited - Enabled)
xxx (S-1-5-21-4199837023-2687035150-3113593764-1001 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ansel (Version: 378.78 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 10.12.2015) (HKLM-x32\...\Anti-Twin 2015-12-10 22.13.58) (Version: - Joerg Rosenthal, Germany)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{115347FE-037B-4F4D-86F2-057FEF294C7A}) (Version: 1.2.4.459 - Avira Operations GmbH & Co. KG)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Core Temp 1.6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.6 - ALCPU)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink MediaEspresso 7.5 (HKLM-x32\...\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}) (Version: 7.5.8022_61105 - CyberLink Corp.)
CyberLink PhotoDirector 7 (HKLM-x32\...\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}) (Version: 7.0.7504.0 - CyberLink Corp.)
CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Directory List & Print (Pro) (HKLM-x32\...\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1) (Version: 3.14 - Infonautics GmbH, Switzerland)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version: - WebMinds, Inc.)
Easy Duplicate Finder (HKLM\...\{DA060B99-6B87-4D85-8B1A-29BCF6DF2B06}_is1) (Version: - WebMinds, Inc.)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FLV Downloader (xmlbar) (nur entfernen) (HKLM-x32\...\Xmlbar FLVDownloader) (Version: - )
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.31.119 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.36.208 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LCDSirReal - a multipurpose plugin for the Logitech G13/G15 (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\LCDSirReal) (Version: - Link Data Stockholm)
Logitech Gaming Software 8.89 (HKLM\...\Logitech Gaming Software) (Version: 8.89.68 - Logitech Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2016 - German/Deutsch (HKLM\...\Office16.OMUI.de-de) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.78 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.78 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF-XChange Editor (HKLM\...\{3D1987D7-5A88-4DDA-9D29-6977AE2BDBD0}) (Version: 5.5.316.1 - Tracker Software Products (Canada) Ltd.)
PerigeeCopy 1.7 (HKLM\...\PerigeeCopy) (Version: 1.7 - Jeremy Stanley)
PicasaDownloader (HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\052751e036427773) (Version: 1.0.0.25 - PicasaDownloader)
ProjectX - Complete (HKLM-x32\...\{513C7CA5-86D3-495D-B2D4-409EE41F68A7}_is1) (Version: 0.91.0.10 - WatchersNET)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.486 - RStudio)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 6.5.3 - Universal Media Server)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3128049) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.OMUI.de-de_{801D5242-0189-4C99-977B-0C77DBD1F046}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05001D00-94EA-4916-995B-467D4900BEE8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {0B9CCC01-1DF2-4808-BF9A-AC12ADB03DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1A596B82-4A61-47BE-8E4B-5ADDD69D5009} - System32\Tasks\GPU-Z => D:\GPU-Z\GPU-Z.exe [2016-07-13] (techPowerUp (www.techpowerup.com))
Task: {1C4C8B66-4DF8-462F-8E87-CBE032ABAF30} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2BFAAD70-8D29-466C-A07A-460F7C0F4C9A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {2FD6432B-C391-458F-9BE3-AB00C6407F77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {50B21913-5161-4191-BADF-F66225BCB709} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEDE775-418E-4909-B886-9A30F522D9E8} - System32\Tasks\Core Temp Autostart xxx => D:\Core Temp\Core Temp.exe [2017-02-18] (ALCPU)
Task: {8C1234D8-F860-499B-B4FD-C1917BCF7D3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {8CC6D714-CD0D-4CB5-98A3-A9D31B0220D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A5D6499A-C992-48ED-B1F5-F3B8D64AF774} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {B28D159A-2323-481D-AD6E-82B161212314} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {B2BA0468-9693-4E8E-9C43-D5FFB4D52D46} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {BA2D4D30-2F9F-4788-9958-1A91D5180A1E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {C336F517-C7CA-4129-9A13-DCC6BA3331B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {D19802B5-8605-4D2E-9056-1A8471F61B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {D41E18A6-38D8-4A38-9382-6B3949BF6593} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D9E404F0-FD41-414D-9B55-A30853C55AC3} - System32\Tasks\DeviceDetector7.5 => D:\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2016-08-22] (CyberLink Corp.)
Task: {EFD345F9-A347-405E-A865-C1F58F6BCF8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-14 12:14 - 2017-02-23 09:28 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 20:27 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Unlocker\UnlockerCOM.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00230064 _____ () D:\NPP\Notepad++\NppShell_06.dll
2016-08-14 12:26 - 2016-08-14 12:26 - 00959168 _____ () C:\Users\xxx\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-15 10:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 19:16 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 19:16 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 19:16 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 19:16 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-08 21:47 - 2016-12-08 21:47 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2011-06-21 10:14 - 2011-06-21 10:14 - 00207872 _____ () C:\Users\xxx\Documents\LCDSirReal\LCDSirReal.exe
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-10-26 00:16 - 2017-01-19 12:35 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-10-26 00:16 - 2017-02-08 14:44 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-02-08 14:44 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-10-26 00:16 - 2017-02-08 14:44 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-26 00:37 - 2017-02-08 23:04 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-24 23:32 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-12 00:36 - 2017-03-12 00:36 - 00098816 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32api.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00110080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pywintypes27.dll
2017-03-12 00:36 - 2017-03-12 00:36 - 00364544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pythoncom27.dll
2017-03-12 00:36 - 2017-03-12 00:36 - 00320512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32com.shell.shell.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00914432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_hashlib.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 01176576 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._core_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00806400 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._gdi_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00816128 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._windows_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 01067008 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._controls_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00733184 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._misc_.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00682496 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pysqlite2._sqlite.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_ctypes.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00686080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\unicodedata.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00119808 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32file.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00108544 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32security.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00007168 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\hashobjs_ext.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00017920 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\thumbnails_ext.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00088064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\usb_ext.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00012800 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\common.time34.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00018432 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32event.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00167936 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32gui.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00046080 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_socket.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 01303552 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_ssl.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00128512 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_elementtree.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00127488 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\pyexpat.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00038912 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32inet.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00036864 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_psutil_windows.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00524248 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\windows._lib_cacheinvalidation.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00011264 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32crypt.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00123392 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._wizard.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00077312 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._html2.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00027648 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_multiprocessing.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00020480 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\_yappi.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00035840 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32process.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00078848 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\wx._animate.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00024064 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32pipe.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00010240 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\select.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00025600 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32pdh.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00017408 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32profile.pyd
2017-03-12 00:36 - 2017-03-12 00:36 - 00022528 ____R () C:\Users\xxx\AppData\Local\Temp\_MEI74722\win32ts.pyd
2016-09-24 23:32 - 2017-02-23 19:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-03-09 21:35 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2015-12-12 08:23 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 08:23 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-09 21:35 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 08:23 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-09 21:35 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-09 21:35 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-04 23:21 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 08:23 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 08:23 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 20:55 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 12:42 - 2017-03-06 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:34 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:35 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 21:35 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-03-09 21:35 - 2016-12-02 22:44 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-09 21:35 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-09 21:35 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-09 21:35 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 08:23 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 23:21 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 21:35 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-24 23:32 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 23:32 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 23:32 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-01-28 22:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 00021680 _____ () D:\NPP\Notepad++\plugins\NppExport.dll
2015-05-15 15:24 - 2015-05-15 15:24 - 02873856 _____ () D:\NPP\Notepad++\plugins\NppFTP.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4199837023-2687035150-3113593764-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{718C9E62-BD64-4930-8C6D-6C4D05D17421}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4B69572B-2F6D-4B94-A786-C414A289F482}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7BEB64AB-AE33-428C-9DD8-E8F00C7AA2F1}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{CAAB1C6D-0865-45EA-8A97-4FA45569B558}C:\users\tim\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tim\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B525EECE-5BBF-4902-A392-E9A89DE2CCCE}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [UDP Query User{16170517-E72C-419B-8876-80F06846C60F}D:\java64\bin\javaw.exe] => (Allow) D:\java64\bin\javaw.exe
FirewallRules: [{D9371820-BFE5-416A-853F-E4940F32A9B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{5923764D-84CC-480B-AEE7-A40C086602FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0EE97BF4-38FE-4D45-87E7-F0CAA4A0ACC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6374BA76-38CB-4DA9-9171-CAEEAEFE70A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B240CBB2-2D5C-4EC3-B5C2-D507BC6D82F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9CB4C646-F3C7-4E7B-9CA9-522D41389314}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D0F36A0A-12EC-4DCC-A262-8172DBEDC063}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
==================== Wiederherstellungspunkte =========================
20-02-2017 19:46:26 Geplanter Prüfpunkt
24-02-2017 16:53:10 Windows Update
04-03-2017 13:05:27 Removed EndNote X8
10-03-2017 23:13:37 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/12/2017 08:28:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/12/2017 08:28:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/12/2017 08:28:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\CyberLink\PowerDVD16\PowerDVD16\Kernel\DMS\CLMSMediaInfoPDVD16.exe".
Die abhängige Assemblierung "CLMSMediaInfo.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/12/2017 08:28:37 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "d:\xmlbar\flv downloader\FLVDownloader(xmlbar).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/12/2017 08:28:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/12/2017 02:27:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Tools\esetsmartinstaller_enu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/12/2017 02:26:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Tools\esetsmartinstaller_deu[1].exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (03/12/2017 12:44:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/12/2017 12:41:04 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "d:\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/12/2017 12:41:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Systemfehler:
=============
Error: (03/12/2017 12:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/12/2017 12:44:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys
Error: (03/12/2017 12:44:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/12/2017 12:44:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys
Error: (03/12/2017 12:44:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/12/2017 12:44:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys
Error: (03/12/2017 12:39:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/12/2017 12:39:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys
Error: (03/12/2017 12:39:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/12/2017 12:39:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\xxx\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-12-06 11:11:22.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-12-06 11:11:20.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:04:22.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-28 01:03:41.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:51.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:47.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-15 19:37:42.608
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:28.918
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-10-06 19:09:25.934
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8139.25 MB
Verfügbarer physikalischer RAM: 4949.73 MB
Summe virtueller Speicher: 9419.25 MB
Verfügbarer virtueller Speicher: 5049.03 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:232.4 GB) (Free:135.7 GB) NTFS
Drive d: (Programme) (Fixed) (Total:29.3 GB) (Free:22.42 GB) NTFS
Drive e: (48G) (Fixed) (Total:1277.08 GB) (Free:216.98 GB) NTFS
Drive f: (Music) (Fixed) (Total:58.59 GB) (Free:17.59 GB) NTFS
Drive g: (Games) (Fixed) (Total:97.66 GB) (Free:14.88 GB) NTFS
Drive h: (Stuff) (Fixed) (Total:400.39 GB) (Free:213.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0AFA54B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 64BFCCCC)
Partition 1: (Not Active) - (Size=1277.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.7 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
12.03.2017, 12:37
| #15 | |||||||||||
| /// TB-Ausbilder | AdChoices im Firefox Servus, Zitat:
Wie beim ESET-Suchlauf wieder den externen Datenträger (Laufwerk H) anschließen! Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Du hast deinen richtigen Benutzernamen mit xxx unkenntlich gemacht, daher musst du für den folgenden Fix diese xxx selbst durch den richtigen Benutzernamen ersetzen, sonst wird der Fix nicht funktionieren! Code:
ATTFilter start
CloseProcesses:
C:\ProgramData\DigitalWave.ApplicationUpdater_files\install_app_60.exe
C:\Users\xxx\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe
H:\Tools\10AppsManager - CHIP-Installer.exe
H:\Tools\CyberLink_MediaEspresso7.5_MEX160804-01.exe
H:\Tools\duplicate-file-finder-setup.exe
H:\Tools\Unlocker1.9.2.exe
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu AdChoices im Firefox |
| adchoices, doppel, doppelt, durchlauf, firefox, hilfe, hilfe!, links, malwarebytes, nicht |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
