| |
| |||||||
Log-Analyse und Auswertung: Öffnen mancher Programme dauert 2-3 MinutenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.07.2015, 12:45
| #1 |
 |  Öffnen mancher Programme dauert 2-3 Minuten Hallo, Habe einen i7 860 mit Windows 8.1, 16GB RAM, GTX 750 Ti. Seit 2 Tagen öffnen sich einfache Programme wie Core Temp, Fraps erst nach 2 - 3 Minuten. Andere Programme wie Mozilla, Excel usw. öffnen sich sofort. Hab schon die Hardware gecheckt und diverse Festplatteneinstellungen, Autostart. Nichts hat eine Verbesserung gebracht. Hab ich vielleicht Malware drauf? Anti Malwarebytes sagt nichts gefunden? Kann mir bitte jemand weiter helfen? |
|
27.07.2015, 12:57
| #2 |
| /// TB-Ausbilder   | Öffnen mancher Programme dauert 2-3 Minuten Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
27.07.2015, 15:23
| #3 |
| | Öffnen mancher Programme dauert 2-3 Minuten Hier die logs. Danke schön für die Hilfe.
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von m1ck3y (Administrator) auf MICKEY (27-07-2015 16:14:01)
Gestartet von B:\Downloads
Geladene Profile: m1ck3y (Verfügbare Profile: m1ck3y & l3jlah)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Microsoft Corporation) C:\Users\m1ck3y\AppData\Local\Temp\17C17DD2-CEBA-4322-8193-8655DD0C2D14\DismHost.exe
(Microsoft Corporation) C:\Users\m1ck3y\AppData\Local\Temp\89DA05E5-DDB4-4739-A3B8-7FCC8B5FAFDA\DismHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-24] (VIA)
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-07-20] (Glarysoft Ltd)
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49484;https=127.0.0.1:49484
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1474457362-1224508852-2511664465-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C0BA8A3E-6804-48B1-93D8-098A2353C75C}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-30]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-07-11] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-04] (Glarysoft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-27 16:13 - 2015-07-27 16:14 - 00000000 ____D C:\FRST
2015-07-27 16:11 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:41 - 2015-07-27 12:41 - 00003000 _____ C:\Windows\System32\Tasks\ASUS GPU Tweak
2015-07-27 12:39 - 2015-07-27 12:39 - 00002984 _____ C:\Windows\System32\Tasks\CoreTemp
2015-07-27 00:26 - 2015-07-27 16:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-27 00:25 - 2015-07-27 00:25 - 00001134 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-27 00:25 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-27 00:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-27 00:23 - 2015-07-27 16:13 - 00201320 _____ C:\Windows\WindowsUpdate.log
2015-07-27 00:23 - 2015-07-27 16:05 - 00002784 _____ C:\Windows\setupact.log
2015-07-27 00:23 - 2015-07-27 06:28 - 00000710 _____ C:\Windows\PFRO.log
2015-07-27 00:23 - 2015-07-27 00:23 - 00000000 _____ C:\Windows\setuperr.log
2015-07-27 00:22 - 2015-07-27 00:22 - 00000683 _____ C:\Users\m1ck3y\Desktop\Fraps.lnk
2015-07-27 00:21 - 2015-07-27 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-07-27 00:06 - 2015-07-27 00:06 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\CEF
2015-07-27 00:04 - 2015-07-27 00:04 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-27 00:01 - 2015-07-27 00:01 - 00000939 _____ C:\Users\m1ck3y\Desktop\Steam.lnk
2015-07-27 00:00 - 2015-07-27 00:00 - 00000909 _____ C:\Users\m1ck3y\Desktop\CPU-Z.lnk
2015-07-26 23:09 - 2015-07-26 23:09 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-25 00:43 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-25 00:43 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-25 00:43 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-25 00:43 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-25 00:43 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iPod
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-23 23:08 - 2015-07-14 21:06 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 23:08 - 2015-07-14 21:05 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-22 22:25 - 2015-07-22 22:25 - 00003312 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-22 22:25 - 2015-07-22 22:25 - 00002970 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-21 06:21 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 06:21 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 06:57 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 06:57 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 06:19 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 06:19 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 06:19 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 06:19 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 06:19 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 06:19 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 06:19 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 06:19 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 06:19 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 06:19 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 06:19 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 06:19 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 06:19 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 06:19 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 06:19 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 06:19 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 06:19 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 06:19 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 06:19 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 06:19 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 06:19 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 06:19 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 06:18 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 06:18 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:18 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 06:18 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 06:18 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 06:18 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 06:18 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:18 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 06:18 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 06:18 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 06:18 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 06:18 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 06:17 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 06:17 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 06:17 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 06:17 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 06:17 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 06:17 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 06:17 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 06:17 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 06:17 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 06:17 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 06:17 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 06:17 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 06:17 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 06:17 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 06:17 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 06:17 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 06:17 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 06:17 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 06:17 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 06:17 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 06:17 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 06:17 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 06:17 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 06:17 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 06:17 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 06:17 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 06:17 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 06:17 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 06:16 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 06:16 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 06:16 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 06:16 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 06:16 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 06:16 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 06:16 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 06:16 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 06:16 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 06:16 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-11 21:39 - 2015-07-11 21:39 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\ESN
2015-07-08 21:47 - 2015-07-08 21:47 - 00001520 _____ C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIDA64.lnk
2015-07-08 20:32 - 2015-07-08 20:32 - 00000979 _____ C:\Users\m1ck3y\Desktop\GPU-Z.lnk
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2015-07-08 19:53 - 2015-07-08 20:51 - 00000000 ____D C:\Program Files\AIDA64
2015-07-08 12:31 - 2015-07-08 12:31 - 00007602 _____ C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
2015-07-05 10:43 - 2015-07-05 11:03 - 00000000 ____D C:\Users\l3jlah\Desktop\Flowers
2015-07-03 21:54 - 2015-07-04 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-27 16:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 16:10 - 2014-03-18 12:03 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 16:10 - 2014-03-18 11:25 - 00726688 _____ C:\Windows\system32\perfh007.dat
2015-07-27 16:10 - 2014-03-18 11:25 - 00151380 _____ C:\Windows\system32\perfc007.dat
2015-07-27 16:08 - 2015-04-06 14:32 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1001
2015-07-27 16:03 - 2015-04-06 18:27 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\JDownloader v2.0
2015-07-27 16:03 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-27 16:03 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 16:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-27 15:59 - 2015-04-06 18:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-27 14:53 - 2015-06-10 12:41 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EFE052BD-2E86-4D2D-9DC8-BC8E897EFFE8}
2015-07-27 12:46 - 2015-06-11 15:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\vlc
2015-07-27 12:35 - 2015-04-06 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-07-27 12:23 - 2015-04-06 14:59 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2E756853-EE45-40C9-9F7F-0E07554DD0BE}
2015-07-27 07:09 - 2015-04-06 22:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1004
2015-07-27 00:27 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-27 00:25 - 2015-04-15 21:45 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-07-27 00:15 - 2015-06-01 10:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-26 21:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-25 16:05 - 2015-04-06 21:59 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\Origin
2015-07-25 10:09 - 2015-04-06 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-23 23:09 - 2015-04-06 18:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-23 23:08 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-23 13:18 - 2015-04-06 21:44 - 00000000 ___RD C:\Users\l3jlah\Desktop\NewMods
2015-07-22 22:25 - 2015-04-15 21:45 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-21 12:37 - 2015-04-15 21:43 - 00347872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 20:49 - 2015-04-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 07:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 07:00 - 2015-04-06 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-15 06:59 - 2015-04-06 18:25 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 06:57 - 2015-04-06 15:44 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 21:06 - 2015-04-06 18:13 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 21:05 - 2015-04-06 18:13 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-11 21:39 - 2015-04-17 19:11 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-11 21:36 - 2015-04-17 19:11 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-08 20:33 - 2015-04-11 12:37 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-07-07 22:08 - 2015-05-04 11:44 - 00001106 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-07-05 19:21 - 2015-04-06 14:26 - 00000000 ____D C:\Users\m1ck3y
2015-07-05 18:59 - 2015-04-06 18:36 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Origin
2015-07-05 12:08 - 2015-04-06 15:45 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 09:21 - 2015-04-06 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2015-04-06 15:44 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 20:54 - 2015-04-12 11:30 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieUserList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieSiteList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieBrowserModeList
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-08 12:31 - 2015-07-08 12:31 - 0007602 _____ () C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_1285987372563826868.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_2693695413324671472.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_4799849925856133150.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_5316211035364318025.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_6627871448769734756.dll
C:\Users\m1ck3y\AppData\Local\Temp\JNativeHook_3060682515364898488.dll
C:\Users\m1ck3y\AppData\Local\Temp\proxy_vole1336121362630580984.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-27 07:09
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von m1ck3y an 2015-07-27 16:14:28
Gestartet von B:\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1474457362-1224508852-2511664465-500 - Administrator - Disabled)
Gast (S-1-5-21-1474457362-1224508852-2511664465-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1474457362-1224508852-2511664465-1003 - Limited - Enabled)
l3jlah (S-1-5-21-1474457362-1224508852-2511664465-1004 - Limited - Enabled) => C:\Users\l3jlah
m1ck3y (S-1-5-21-1474457362-1224508852-2511664465-1001 - Administrator - Enabled) => C:\Users\m1ck3y
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.4 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Glary Utilities PRO 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
Nettv+ Player 4 (HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Nettv+ Player 4) (Version: 00.04.06.01 - nettvplus)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
TreeSize Professional V6.1.1 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.1.1 - JAM Software)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
16-07-2015 19:50:11 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
19-07-2015 16:03:14 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
22-07-2015 19:35:26 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
24-07-2015 06:24:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-07-2015 16:11:39 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-06-11 15:24 - 2015-06-11 15:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01715C8D-9566-45AD-BE02-BE7EA7478F8B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0EF61142-F08C-48BF-9D30-96DF18163B77} - System32\Tasks\CoreTemp => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {22E9B6C9-A4C0-41E2-8401-6CCCFA4668F6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2A6D6A1B-A1F8-4265-BD57-6F9255DF57DA} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-07-20] (Glarysoft Ltd)
Task: {388C38E3-CC2A-446F-8380-5B22598630DC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-20] (Glarysoft Ltd)
Task: {40C74B36-95DC-44E8-96F1-6031486BF6D3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6DC08257-9D30-439D-90D2-74DE31162F69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {929ABC3F-D23E-4893-83B9-E0442ADCECA9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {9A71BA07-BA9E-4841-807D-7D3E21EDCADE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A5F4E90E-A039-4713-804B-2095A05CCF17} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CAD9F925-2480-4A1A-BE8E-CBBE34CC1E5D} - System32\Tasks\{93906159-D190-4A12-89B3-99C3C7FF8853} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {CCDF18BE-AD00-4166-AF5D-B6107E56E042} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2B441F0-2A40-4026-8F6A-99B0D4317F59} - System32\Tasks\{B3BACB37-C6F1-4D0E-84D7-E73EC5F68A0A} => pcalua.exe -a B:\Games\WinUAE\uninstall_winuae.exe
Task: {DB349373-3411-4FFA-B882-A735CCEC14C1} - System32\Tasks\{5B248C0F-9303-497F-9E55-A5839B45A22D} => pcalua.exe -a B:\Games\NES\NES-Emulator\nestopia.exe -d B:\Games\NES\NES-Emulator
Task: {E8799797-0243-49C2-901E-294EDD2FDB86} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F0B8028E-2A1B-4A47-BA60-FC09B9372FB1} - System32\Tasks\ASUS GPU Tweak => C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe [2014-08-06] (ASUS)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-04-06 14:37 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-17 19:11 - 2015-07-11 21:36 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-06 18:51 - 2015-07-14 21:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "HDAudDeck"
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EE5F1B2B-FD6B-4289-A443-89DD4EDBA255}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC57A823-65AB-4CF4-81A5-4397D403B0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20CFE133-858C-483B-90F6-A62848705982}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BACF746-3A0D-471C-AADB-716BAE707473}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB3DDB49-08BE-47DF-B49C-A44F45F945E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D93F1A6-8D6A-49DA-94A4-0EB300ADDF50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E28BA78-849F-4F98-8FA8-47C5580439C7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{089453E5-A325-4510-A3A7-2CE6F84BACFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0725BB5E-DE50-4768-B00B-696DC11C11E2}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5A573F04-D4B6-4533-A3B6-C022F194F63A}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [{160AD135-2725-491F-8F75-F31F6D5F6E7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8316E254-1322-4644-AC7A-308BE417D771}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{73E8FA17-A315-45EF-8F37-12BF5E58DE6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0A58A6DC-9750-486D-B607-2AC4C7B2918B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{27658D24-2566-471E-9867-7347A635178D}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8B7C616D-640A-4967-BC21-FAE5467BC892}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DF525BFE-E1E9-4AB9-96D3-2E885CB13947}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [{11465CD7-8E0F-429E-95D2-D70088B59064}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{ECD97465-167F-4EFB-AAE2-1D7D0756ECA8}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [UDP Query User{3E3B7004-3FF0-4F1D-9819-FEE379CB8D23}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [TCP Query User{5FA87220-2D09-46AE-A7A4-B54D10DBE921}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{F805E380-ECA9-4720-9287-9584A2AC7357}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [TCP Query User{8B91D930-1B30-4706-AB04-1C7DBF6ACE83}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{E092324B-8864-4C01-A5C0-1246F7994884}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [{8C2E5D3E-6D7D-44B6-AB75-84C3B86954A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{21B3B0A9-493F-4198-899C-8B8085F9F462}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7E7FB344-EACD-4165-96C4-CE1DF3D13F37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BF536E74-5595-4856-A692-7B33563F7B4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F530096-A364-41C6-A888-9909816CECBF}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{426744FF-EBAE-4783-8BD7-1766E2B2746E}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{35ED7226-2A14-4CD3-BB00-7C822861FC00}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6A404DA7-686F-455C-9C06-07664ED34573}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{96ADB231-B0B3-489C-B1F6-E852E9F9B36F}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{0AC71FD0-1443-4EFF-A590-E45D9B8F8DD2}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{C5BE6FE0-5291-4F23-B3D3-89FC26B74375}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0DD34E2B-F85F-48C1-848A-F98C13376C92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CED41C18-506F-46C2-A7F1-460DE5D8F043}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BCB9BDE-6E2C-4662-A453-CDCD9A7530F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A73CB7AC-7542-4599-B370-FF84DF51E761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EE89C9A2-3675-4B23-A7BB-51C259769F34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{345D41CF-E0DF-4744-A5AE-BF6D6C4EF563}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9434FA3B-9735-487C-AF6A-CF72A718DAFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09F4F013-244E-4DD2-A2F3-B2AFDEEC1A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{23C8F8A9-1F71-438F-AAF6-2F522929F568}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5BC8C2C5-426D-4498-A6A2-C41F74C7CFC8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8211DB9C-4AC2-4A4F-83CE-DEE2C9400D68}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/27/2015 04:11:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/27/2015 04:03:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x584
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/27/2015 12:43:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x112c
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:35:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x7bc
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:20:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0xcbc
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:18:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 07:55:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x584
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/27/2015 06:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x974
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 06:30:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0xe84
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:25:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x10ac
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Systemfehler:
=============
Error: (07/27/2015 04:03:44 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/27/2015 04:03:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/27/2015 12:45:07 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/27/2015 12:42:24 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/27/2015 12:35:04 PM) (Source: volsnap) (EventID: 27) (User: )
Description: Die Schattenkopien von Volume "M:" wurden während der Ermittlung abgebrochen, weil eine kritische Steuerungsdatei nicht geöffnet werden konnte.
Error: (07/27/2015 12:34:22 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/27/2015 12:19:02 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/27/2015 12:17:44 PM) (Source: DCOM) (EventID: 10010) (User: Mickey)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/27/2015 12:17:44 PM) (Source: DCOM) (EventID: 10010) (User: Mickey)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/27/2015 12:16:57 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Microsoft Office:
=========================
Error: (07/27/2015 04:11:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/27/2015 04:03:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058401d0c859513df21cC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll3da5b884-3468-11e5-8417-90e6babca255
Error: (07/27/2015 12:43:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a0112c01d0c85920fc50ddC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe5f1604d5-344c-11e5-8416-90e6babca255
Error: (07/27/2015 12:35:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a07bc01d0c85801f6c152C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe402b02fe-344b-11e5-8415-90e6babca255
Error: (07/27/2015 12:20:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a0cbc01d0c855ddcf4919C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe1bdd9577-3449-11e5-8414-90e6babca255
Error: (07/27/2015 12:18:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a06e801d0c85593138037C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exed1269137-3448-11e5-8413-90e6babca255
Error: (07/27/2015 07:55:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058401d0c824c2d7ec7dC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll25bcf21b-3424-11e5-8412-90e6babca255
Error: (07/27/2015 06:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a097401d0c82502a864d3C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe406cc832-3418-11e5-8412-90e6babca255
Error: (07/27/2015 06:30:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a0e8401d0c824f3d4c37dC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe31e7d46d-3418-11e5-8412-90e6babca255
Error: (07/27/2015 12:25:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a010ac01d0c7f1f306bbeeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe31b5185f-33e5-11e5-8411-90e6babca255
CodeIntegrity Fehler:
===================================
Date: 2015-07-27 07:09:13.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-24 11:16:14.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 15:04:19.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 06:41:49.428
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-22 07:01:30.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-21 06:51:55.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-20 06:32:23.155
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-19 20:49:20.560
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-18 12:54:16.692
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-17 10:24:18.472
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 12%
Total physical RAM: 16382.05 MB
Available physical RAM: 14313.17 MB
Total Virtual: 16382.05 MB
Available Virtual: 14248.99 MB
==================== Drives ================================
Drive a: (Seagate 1TB) (Fixed) (Total:931.51 GB) (Free:649.78 GB) NTFS
Drive b: (Seagate 1000 GB) (Fixed) (Total:931.17 GB) (Free:696.84 GB) NTFS
Drive c: () (Fixed) (Total:111.79 GB) (Free:50.61 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FE2675D4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 76FCC84D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3FBF5176)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== Ende von log ============================
|
|
27.07.2015, 15:24
| #4 |
| | Öffnen mancher Programme dauert 2-3 MinutenCode:
ATTFilter 16:15:06.0345 0x0408 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:15:10.0829 0x0408 ============================================================
16:15:10.0829 0x0408 Current date / time: 2015/07/27 16:15:10.0829
16:15:10.0829 0x0408 SystemInfo:
16:15:10.0829 0x0408
16:15:10.0829 0x0408 OS Version: 6.3.9600 ServicePack: 0.0
16:15:10.0829 0x0408 Product type: Workstation
16:15:10.0829 0x0408 ComputerName: MICKEY
16:15:10.0829 0x0408 UserName: m1ck3y
16:15:10.0829 0x0408 Windows directory: C:\Windows
16:15:10.0829 0x0408 System windows directory: C:\Windows
16:15:10.0829 0x0408 Running under WOW64
16:15:10.0829 0x0408 Processor architecture: Intel x64
16:15:10.0829 0x0408 Number of processors: 8
16:15:10.0829 0x0408 Page size: 0x1000
16:15:10.0829 0x0408 Boot type: Normal boot
16:15:10.0829 0x0408 ============================================================
16:15:10.0907 0x0408 KLMD registered as C:\Windows\system32\drivers\86534270.sys
16:15:11.0313 0x0408 System UUID: {08542CC2-E7DC-79F7-0B16-B571A3E09A04}
16:15:11.0751 0x0408 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:15:11.0751 0x0408 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:15:11.0751 0x0408 Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:15:11.0766 0x0408 ============================================================
16:15:11.0766 0x0408 \Device\Harddisk0\DR0:
16:15:11.0766 0x0408 MBR partitions:
16:15:11.0766 0x0408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:15:11.0766 0x0408 \Device\Harddisk1\DR1:
16:15:11.0766 0x0408 MBR partitions:
16:15:11.0766 0x0408 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
16:15:11.0766 0x0408 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74656000
16:15:11.0766 0x0408 \Device\Harddisk2\DR2:
16:15:11.0766 0x0408 MBR partitions:
16:15:11.0766 0x0408 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
16:15:11.0766 0x0408 ============================================================
16:15:11.0766 0x0408 C: <-> \Device\Harddisk2\DR2\Partition1
16:15:11.0798 0x0408 D: <-> \Device\Harddisk1\DR1\Partition1
16:15:11.0829 0x0408 A: <-> \Device\Harddisk0\DR0\Partition1
16:15:11.0829 0x0408 B: <-> \Device\Harddisk1\DR1\Partition2
16:15:11.0829 0x0408 ============================================================
16:15:11.0829 0x0408 Initialize success
16:15:11.0829 0x0408 ============================================================
16:15:15.0454 0x0b30 ============================================================
16:15:15.0454 0x0b30 Scan started
16:15:15.0454 0x0b30 Mode: Manual;
16:15:15.0454 0x0b30 ============================================================
16:15:15.0454 0x0b30 KSN ping started
16:15:17.0891 0x0b30 KSN ping finished: true
16:15:18.0610 0x0b30 ================ Scan system memory ========================
16:15:18.0610 0x0b30 System memory - ok
16:15:18.0610 0x0b30 ================ Scan services =============================
16:15:18.0688 0x0b30 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
16:15:18.0688 0x0b30 1394ohci - ok
16:15:18.0704 0x0b30 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
16:15:18.0720 0x0b30 3ware - ok
16:15:18.0735 0x0b30 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:15:18.0735 0x0b30 ACPI - ok
16:15:18.0751 0x0b30 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
16:15:18.0751 0x0b30 acpiex - ok
16:15:18.0751 0x0b30 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
16:15:18.0751 0x0b30 acpipagr - ok
16:15:18.0751 0x0b30 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
16:15:18.0751 0x0b30 AcpiPmi - ok
16:15:18.0766 0x0b30 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
16:15:18.0766 0x0b30 acpitime - ok
16:15:18.0813 0x0b30 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:15:18.0813 0x0b30 AdobeFlashPlayerUpdateSvc - ok
16:15:18.0829 0x0b30 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
16:15:18.0845 0x0b30 ADP80XX - ok
16:15:18.0845 0x0b30 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:15:18.0860 0x0b30 AeLookupSvc - ok
16:15:18.0876 0x0b30 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
16:15:18.0876 0x0b30 AFD - ok
16:15:18.0891 0x0b30 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:15:18.0891 0x0b30 agp440 - ok
16:15:18.0891 0x0b30 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
16:15:18.0891 0x0b30 ahcache - ok
16:15:18.0891 0x0b30 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
16:15:18.0907 0x0b30 ALG - ok
16:15:18.0907 0x0b30 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
16:15:18.0907 0x0b30 AmdK8 - ok
16:15:18.0907 0x0b30 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
16:15:18.0923 0x0b30 AmdPPM - ok
16:15:18.0923 0x0b30 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:15:18.0923 0x0b30 amdsata - ok
16:15:18.0923 0x0b30 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:15:18.0938 0x0b30 amdsbs - ok
16:15:18.0938 0x0b30 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:15:18.0938 0x0b30 amdxata - ok
16:15:18.0938 0x0b30 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
16:15:18.0938 0x0b30 AppID - ok
16:15:18.0954 0x0b30 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:15:18.0954 0x0b30 AppIDSvc - ok
16:15:18.0954 0x0b30 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
16:15:18.0954 0x0b30 Appinfo - ok
16:15:18.0954 0x0b30 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:15:18.0970 0x0b30 Apple Mobile Device Service - ok
16:15:18.0970 0x0b30 [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:15:18.0970 0x0b30 AppMgmt - ok
16:15:18.0985 0x0b30 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
16:15:19.0001 0x0b30 AppReadiness - ok
16:15:19.0032 0x0b30 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
16:15:19.0063 0x0b30 AppXSvc - ok
16:15:19.0063 0x0b30 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:15:19.0063 0x0b30 arcsas - ok
16:15:19.0063 0x0b30 [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
16:15:19.0063 0x0b30 ASGT - ok
16:15:19.0079 0x0b30 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
16:15:19.0079 0x0b30 atapi - ok
16:15:19.0079 0x0b30 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:15:19.0095 0x0b30 AudioEndpointBuilder - ok
16:15:19.0110 0x0b30 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:15:19.0126 0x0b30 Audiosrv - ok
16:15:19.0126 0x0b30 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:15:19.0141 0x0b30 AxInstSV - ok
16:15:19.0157 0x0b30 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:15:19.0157 0x0b30 b06bdrv - ok
16:15:19.0157 0x0b30 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
16:15:19.0157 0x0b30 BasicDisplay - ok
16:15:19.0173 0x0b30 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
16:15:19.0173 0x0b30 BasicRender - ok
16:15:19.0173 0x0b30 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
16:15:19.0173 0x0b30 bcmfn2 - ok
16:15:19.0188 0x0b30 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
16:15:19.0188 0x0b30 BDESVC - ok
16:15:19.0188 0x0b30 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
16:15:19.0188 0x0b30 Beep - ok
16:15:19.0220 0x0b30 [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\Windows\System32\bfe.dll
16:15:19.0235 0x0b30 BFE - ok
16:15:19.0251 0x0b30 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
16:15:19.0266 0x0b30 BITS - ok
16:15:19.0282 0x0b30 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:15:19.0298 0x0b30 Bonjour Service - ok
16:15:19.0298 0x0b30 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:15:19.0298 0x0b30 bowser - ok
16:15:19.0313 0x0b30 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:15:19.0313 0x0b30 BrokerInfrastructure - ok
16:15:19.0313 0x0b30 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
16:15:19.0329 0x0b30 Browser - ok
16:15:19.0329 0x0b30 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
16:15:19.0329 0x0b30 BthAvrcpTg - ok
16:15:19.0329 0x0b30 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
16:15:19.0329 0x0b30 BthHFEnum - ok
16:15:19.0329 0x0b30 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
16:15:19.0329 0x0b30 bthhfhid - ok
16:15:19.0345 0x0b30 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
16:15:19.0360 0x0b30 BthHFSrv - ok
16:15:19.0360 0x0b30 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
16:15:19.0360 0x0b30 BTHMODEM - ok
16:15:19.0376 0x0b30 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
16:15:19.0376 0x0b30 bthserv - ok
16:15:19.0376 0x0b30 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:15:19.0376 0x0b30 cdfs - ok
16:15:19.0391 0x0b30 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
16:15:19.0391 0x0b30 cdrom - ok
16:15:19.0407 0x0b30 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
16:15:19.0407 0x0b30 CertPropSvc - ok
16:15:19.0407 0x0b30 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
16:15:19.0407 0x0b30 circlass - ok
16:15:19.0423 0x0b30 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
16:15:19.0423 0x0b30 CLFS - ok
16:15:19.0438 0x0b30 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
16:15:19.0438 0x0b30 CmBatt - ok
16:15:19.0454 0x0b30 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
16:15:19.0454 0x0b30 CNG - ok
16:15:19.0470 0x0b30 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
16:15:19.0470 0x0b30 CompositeBus - ok
16:15:19.0470 0x0b30 COMSysApp - ok
16:15:19.0470 0x0b30 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
16:15:19.0470 0x0b30 condrv - ok
16:15:19.0485 0x0b30 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:15:19.0485 0x0b30 CryptSvc - ok
16:15:19.0501 0x0b30 [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\Windows\system32\drivers\csc.sys
16:15:19.0501 0x0b30 CSC - ok
16:15:19.0532 0x0b30 [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\Windows\System32\cscsvc.dll
16:15:19.0548 0x0b30 CscService - ok
16:15:19.0548 0x0b30 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
16:15:19.0548 0x0b30 dam - ok
16:15:19.0548 0x0b30 [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\Windows\System32\drivers\dc3d.sys
16:15:19.0548 0x0b30 dc3d - ok
16:15:19.0579 0x0b30 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:15:19.0595 0x0b30 DcomLaunch - ok
16:15:19.0610 0x0b30 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
16:15:19.0626 0x0b30 defragsvc - ok
16:15:19.0641 0x0b30 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
16:15:19.0641 0x0b30 DeviceAssociationService - ok
16:15:19.0657 0x0b30 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
16:15:19.0657 0x0b30 DeviceInstall - ok
16:15:19.0657 0x0b30 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
16:15:19.0657 0x0b30 Dfsc - ok
16:15:19.0673 0x0b30 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
16:15:19.0673 0x0b30 Dhcp - ok
16:15:19.0720 0x0b30 [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\Windows\system32\diagtrack.dll
16:15:19.0735 0x0b30 DiagTrack - ok
16:15:19.0751 0x0b30 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
16:15:19.0751 0x0b30 disk - ok
16:15:19.0751 0x0b30 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
16:15:19.0751 0x0b30 dmvsc - ok
16:15:19.0751 0x0b30 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:15:19.0766 0x0b30 Dnscache - ok
16:15:19.0766 0x0b30 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
16:15:19.0782 0x0b30 dot3svc - ok
16:15:19.0782 0x0b30 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
16:15:19.0782 0x0b30 DPS - ok
16:15:19.0782 0x0b30 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:15:19.0798 0x0b30 drmkaud - ok
16:15:19.0798 0x0b30 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
16:15:19.0798 0x0b30 DsmSvc - ok
16:15:19.0829 0x0b30 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:15:19.0860 0x0b30 DXGKrnl - ok
16:15:19.0860 0x0b30 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
16:15:19.0876 0x0b30 Eaphost - ok
16:15:19.0954 0x0b30 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:15:20.0001 0x0b30 ebdrv - ok
16:15:20.0001 0x0b30 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
16:15:20.0016 0x0b30 EFS - ok
16:15:20.0016 0x0b30 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
16:15:20.0016 0x0b30 EhStorClass - ok
16:15:20.0016 0x0b30 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:15:20.0016 0x0b30 EhStorTcgDrv - ok
16:15:20.0032 0x0b30 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
16:15:20.0032 0x0b30 ErrDev - ok
16:15:20.0048 0x0b30 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
16:15:20.0048 0x0b30 EventSystem - ok
16:15:20.0063 0x0b30 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
16:15:20.0063 0x0b30 exfat - ok
16:15:20.0079 0x0b30 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:15:20.0079 0x0b30 fastfat - ok
16:15:20.0095 0x0b30 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
16:15:20.0110 0x0b30 Fax - ok
16:15:20.0110 0x0b30 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
16:15:20.0110 0x0b30 fdc - ok
16:15:20.0110 0x0b30 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
16:15:20.0110 0x0b30 fdPHost - ok
16:15:20.0126 0x0b30 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
16:15:20.0126 0x0b30 FDResPub - ok
16:15:20.0126 0x0b30 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
16:15:20.0126 0x0b30 fhsvc - ok
16:15:20.0141 0x0b30 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:15:20.0141 0x0b30 FileInfo - ok
16:15:20.0141 0x0b30 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:15:20.0141 0x0b30 Filetrace - ok
16:15:20.0141 0x0b30 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
16:15:20.0141 0x0b30 flpydisk - ok
16:15:20.0157 0x0b30 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:15:20.0157 0x0b30 FltMgr - ok
16:15:20.0204 0x0b30 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\Windows\system32\FntCache.dll
16:15:20.0220 0x0b30 FontCache - ok
16:15:20.0235 0x0b30 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:15:20.0235 0x0b30 FsDepends - ok
16:15:20.0235 0x0b30 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:15:20.0235 0x0b30 Fs_Rec - ok
16:15:20.0251 0x0b30 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:15:20.0266 0x0b30 fvevol - ok
16:15:20.0266 0x0b30 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
16:15:20.0266 0x0b30 FxPPM - ok
16:15:20.0266 0x0b30 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:15:20.0266 0x0b30 gagp30kx - ok
16:15:20.0266 0x0b30 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:15:20.0282 0x0b30 GEARAspiWDM - ok
16:15:20.0282 0x0b30 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
16:15:20.0282 0x0b30 gencounter - ok
16:15:20.0313 0x0b30 [ EECE18D068A5DCE3D3EC468FC6921672, FD6D70269DFECD9A97BD97C1AFE9BAE28897489B2590F2B4BCF240376E740EBD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:15:20.0329 0x0b30 GfExperienceService - ok
16:15:20.0329 0x0b30 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
16:15:20.0329 0x0b30 GPIOClx0101 - ok
16:15:20.0360 0x0b30 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
16:15:20.0391 0x0b30 gpsvc - ok
16:15:20.0391 0x0b30 [ C06C3D6C5A0805B314E3E940632C97CB, 48D14FB139490CE79C03557DEEAC9AA1B3A095A9C517008069F2DBAB8DFE34F5 ] GUBootStartup C:\Windows\System32\drivers\GUBootStartup.sys
16:15:20.0391 0x0b30 GUBootStartup - ok
16:15:20.0407 0x0b30 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:15:20.0423 0x0b30 HdAudAddService - ok
16:15:20.0423 0x0b30 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
16:15:20.0423 0x0b30 HDAudBus - ok
16:15:20.0423 0x0b30 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
16:15:20.0423 0x0b30 HidBatt - ok
16:15:20.0438 0x0b30 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
16:15:20.0438 0x0b30 HidBth - ok
16:15:20.0438 0x0b30 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
16:15:20.0438 0x0b30 hidi2c - ok
16:15:20.0454 0x0b30 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
16:15:20.0454 0x0b30 HidIr - ok
16:15:20.0454 0x0b30 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
16:15:20.0454 0x0b30 hidserv - ok
16:15:20.0454 0x0b30 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
16:15:20.0454 0x0b30 HidUsb - ok
16:15:20.0470 0x0b30 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
16:15:20.0470 0x0b30 hkmsvc - ok
16:15:20.0470 0x0b30 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:15:20.0485 0x0b30 HomeGroupListener - ok
16:15:20.0501 0x0b30 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:15:20.0501 0x0b30 HomeGroupProvider - ok
16:15:20.0501 0x0b30 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:15:20.0501 0x0b30 HpSAMD - ok
16:15:20.0532 0x0b30 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:15:20.0548 0x0b30 HTTP - ok
16:15:20.0563 0x0b30 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:15:20.0563 0x0b30 hwpolicy - ok
16:15:20.0563 0x0b30 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
16:15:20.0563 0x0b30 hyperkbd - ok
16:15:20.0563 0x0b30 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
16:15:20.0563 0x0b30 HyperVideo - ok
16:15:20.0563 0x0b30 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
16:15:20.0579 0x0b30 i8042prt - ok
16:15:20.0579 0x0b30 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:15:20.0579 0x0b30 iaLPSSi_GPIO - ok
16:15:20.0579 0x0b30 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:15:20.0579 0x0b30 iaLPSSi_I2C - ok
16:15:20.0595 0x0b30 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
16:15:20.0610 0x0b30 iaStorAV - ok
16:15:20.0626 0x0b30 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:15:20.0626 0x0b30 iaStorV - ok
16:15:20.0641 0x0b30 IEEtwCollectorService - ok
16:15:20.0657 0x0b30 [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\Windows\System32\ikeext.dll
16:15:20.0688 0x0b30 IKEEXT - ok
16:15:20.0688 0x0b30 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
16:15:20.0688 0x0b30 intelide - ok
16:15:20.0688 0x0b30 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
16:15:20.0688 0x0b30 intelpep - ok
16:15:20.0704 0x0b30 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
16:15:20.0704 0x0b30 intelppm - ok
16:15:20.0704 0x0b30 IOMap - ok
16:15:20.0704 0x0b30 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:15:20.0720 0x0b30 IpFilterDriver - ok
16:15:20.0735 0x0b30 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:15:20.0751 0x0b30 iphlpsvc - ok
16:15:20.0766 0x0b30 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
16:15:20.0766 0x0b30 IPMIDRV - ok
16:15:20.0766 0x0b30 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:15:20.0766 0x0b30 IPNAT - ok
16:15:20.0782 0x0b30 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:15:20.0798 0x0b30 iPod Service - ok
16:15:20.0798 0x0b30 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:15:20.0798 0x0b30 IRENUM - ok
16:15:20.0813 0x0b30 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:15:20.0813 0x0b30 isapnp - ok
16:15:20.0813 0x0b30 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
16:15:20.0829 0x0b30 iScsiPrt - ok
16:15:20.0829 0x0b30 [ 86CFEF6DC6DE51AAB0C10384FE98F48F, 2E41D017B6166A0CCD2DB067AA1D677CF9E32470763B0F251EE0574FB2009D6F ] JRAID C:\Windows\system32\drivers\jraid.sys
16:15:20.0829 0x0b30 JRAID - ok
16:15:20.0829 0x0b30 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
16:15:20.0829 0x0b30 kbdclass - ok
16:15:20.0845 0x0b30 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
16:15:20.0845 0x0b30 kbdhid - ok
16:15:20.0845 0x0b30 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
16:15:20.0845 0x0b30 kbldfltr - ok
16:15:20.0845 0x0b30 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
16:15:20.0845 0x0b30 kdnic - ok
16:15:20.0845 0x0b30 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
16:15:20.0860 0x0b30 KeyIso - ok
16:15:20.0860 0x0b30 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:15:20.0860 0x0b30 KSecDD - ok
16:15:20.0860 0x0b30 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:15:20.0876 0x0b30 KSecPkg - ok
16:15:20.0876 0x0b30 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:15:20.0876 0x0b30 ksthunk - ok
16:15:20.0891 0x0b30 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:15:20.0891 0x0b30 KtmRm - ok
16:15:20.0907 0x0b30 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:15:20.0907 0x0b30 LanmanServer - ok
16:15:20.0923 0x0b30 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:15:20.0923 0x0b30 LanmanWorkstation - ok
16:15:20.0938 0x0b30 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
16:15:20.0954 0x0b30 lfsvc - ok
16:15:20.0954 0x0b30 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:15:20.0954 0x0b30 lltdio - ok
16:15:20.0970 0x0b30 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:15:20.0970 0x0b30 lltdsvc - ok
16:15:20.0970 0x0b30 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:15:20.0985 0x0b30 lmhosts - ok
16:15:20.0985 0x0b30 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:15:20.0985 0x0b30 LSI_SAS - ok
16:15:20.0985 0x0b30 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:15:20.0985 0x0b30 LSI_SAS2 - ok
16:15:21.0001 0x0b30 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
16:15:21.0001 0x0b30 LSI_SAS3 - ok
16:15:21.0001 0x0b30 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
16:15:21.0001 0x0b30 LSI_SSS - ok
16:15:21.0016 0x0b30 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
16:15:21.0048 0x0b30 LSM - ok
16:15:21.0048 0x0b30 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
16:15:21.0048 0x0b30 luafv - ok
16:15:21.0063 0x0b30 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:15:21.0063 0x0b30 MBAMProtector - ok
16:15:21.0079 0x0b30 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:15:21.0110 0x0b30 MBAMService - ok
16:15:21.0110 0x0b30 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:15:21.0110 0x0b30 MBAMWebAccessControl - ok
16:15:21.0110 0x0b30 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
16:15:21.0110 0x0b30 megasas - ok
16:15:21.0126 0x0b30 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
16:15:21.0141 0x0b30 megasr - ok
16:15:21.0141 0x0b30 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
16:15:21.0157 0x0b30 MMCSS - ok
16:15:21.0157 0x0b30 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
16:15:21.0157 0x0b30 Modem - ok
16:15:21.0157 0x0b30 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
16:15:21.0157 0x0b30 monitor - ok
16:15:21.0157 0x0b30 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
16:15:21.0157 0x0b30 mouclass - ok
16:15:21.0173 0x0b30 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
16:15:21.0173 0x0b30 mouhid - ok
16:15:21.0173 0x0b30 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:15:21.0173 0x0b30 mountmgr - ok
16:15:21.0188 0x0b30 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:15:21.0188 0x0b30 MozillaMaintenance - ok
16:15:21.0188 0x0b30 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:15:21.0188 0x0b30 mpsdrv - ok
16:15:21.0220 0x0b30 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:15:21.0235 0x0b30 MpsSvc - ok
16:15:21.0235 0x0b30 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:15:21.0235 0x0b30 MRxDAV - ok
16:15:21.0251 0x0b30 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:15:21.0266 0x0b30 mrxsmb - ok
16:15:21.0266 0x0b30 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:15:21.0266 0x0b30 mrxsmb10 - ok
16:15:21.0282 0x0b30 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:15:21.0282 0x0b30 mrxsmb20 - ok
16:15:21.0282 0x0b30 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
16:15:21.0298 0x0b30 MsBridge - ok
16:15:21.0298 0x0b30 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
16:15:21.0298 0x0b30 MSDTC - ok
16:15:21.0298 0x0b30 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:15:21.0313 0x0b30 Msfs - ok
16:15:21.0313 0x0b30 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
16:15:21.0313 0x0b30 msgpiowin32 - ok
16:15:21.0313 0x0b30 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:15:21.0313 0x0b30 mshidkmdf - ok
16:15:21.0313 0x0b30 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
16:15:21.0313 0x0b30 mshidumdf - ok
16:15:21.0313 0x0b30 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:15:21.0313 0x0b30 msisadrv - ok
16:15:21.0329 0x0b30 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:15:21.0329 0x0b30 MSiSCSI - ok
16:15:21.0329 0x0b30 msiserver - ok
16:15:21.0345 0x0b30 [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
16:15:21.0345 0x0b30 MsKeyboardFilter - ok
16:15:21.0345 0x0b30 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:15:21.0345 0x0b30 MSKSSRV - ok
16:15:21.0345 0x0b30 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
16:15:21.0345 0x0b30 MsLldp - ok
16:15:21.0345 0x0b30 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:15:21.0360 0x0b30 MSPCLOCK - ok
16:15:21.0360 0x0b30 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:15:21.0360 0x0b30 MSPQM - ok
16:15:21.0360 0x0b30 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:15:21.0376 0x0b30 MsRPC - ok
16:15:21.0376 0x0b30 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
16:15:21.0376 0x0b30 mssmbios - ok
16:15:21.0391 0x0b30 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:15:21.0391 0x0b30 MSTEE - ok
16:15:21.0391 0x0b30 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
16:15:21.0391 0x0b30 MTConfig - ok
16:15:21.0391 0x0b30 [ 640617B6E682A150C36BE39D78547F6C, 784F712E9DC3EEE81F07946BBA08AA2BEAC7B3961E430B75043645EF7ECA715C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
16:15:21.0391 0x0b30 MTsensor - ok
16:15:21.0391 0x0b30 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
16:15:21.0391 0x0b30 Mup - ok
16:15:21.0407 0x0b30 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
16:15:21.0407 0x0b30 mvumis - ok
16:15:21.0423 0x0b30 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
16:15:21.0423 0x0b30 napagent - ok
16:15:21.0438 0x0b30 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:15:21.0438 0x0b30 NativeWifiP - ok
16:15:21.0454 0x0b30 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
16:15:21.0454 0x0b30 NcaSvc - ok
16:15:21.0470 0x0b30 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
16:15:21.0470 0x0b30 NcbService - ok
16:15:21.0470 0x0b30 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
16:15:21.0485 0x0b30 NcdAutoSetup - ok
16:15:21.0501 0x0b30 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:15:21.0532 0x0b30 NDIS - ok
16:15:21.0532 0x0b30 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:15:21.0532 0x0b30 NdisCap - ok
16:15:21.0532 0x0b30 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
16:15:21.0548 0x0b30 NdisImPlatform - ok
16:15:21.0548 0x0b30 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:15:21.0548 0x0b30 NdisTapi - ok
16:15:21.0548 0x0b30 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:15:21.0548 0x0b30 Ndisuio - ok
16:15:21.0548 0x0b30 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
16:15:21.0548 0x0b30 NdisVirtualBus - ok
16:15:21.0563 0x0b30 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:15:21.0563 0x0b30 NdisWan - ok
16:15:21.0579 0x0b30 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
16:15:21.0579 0x0b30 NdisWanLegacy - ok
16:15:21.0579 0x0b30 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:15:21.0579 0x0b30 NDProxy - ok
16:15:21.0595 0x0b30 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
16:15:21.0595 0x0b30 Ndu - ok
16:15:21.0595 0x0b30 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
16:15:21.0595 0x0b30 Netaapl - ok
16:15:21.0595 0x0b30 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:15:21.0595 0x0b30 NetBIOS - ok
16:15:21.0610 0x0b30 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:15:21.0610 0x0b30 NetBT - ok
16:15:21.0610 0x0b30 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
16:15:21.0610 0x0b30 Netlogon - ok
16:15:21.0626 0x0b30 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
16:15:21.0626 0x0b30 Netman - ok
16:15:21.0641 0x0b30 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
16:15:21.0657 0x0b30 netprofm - ok
16:15:21.0673 0x0b30 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:21.0673 0x0b30 NetTcpPortSharing - ok
16:15:21.0673 0x0b30 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
16:15:21.0673 0x0b30 netvsc - ok
16:15:21.0688 0x0b30 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
16:15:21.0704 0x0b30 NlaSvc - ok
16:15:21.0704 0x0b30 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:15:21.0704 0x0b30 Npfs - ok
16:15:21.0704 0x0b30 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
16:15:21.0704 0x0b30 npsvctrig - ok
16:15:21.0704 0x0b30 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
16:15:21.0720 0x0b30 nsi - ok
16:15:21.0720 0x0b30 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:15:21.0720 0x0b30 nsiproxy - ok
16:15:21.0766 0x0b30 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:15:21.0813 0x0b30 Ntfs - ok
16:15:21.0813 0x0b30 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
16:15:21.0813 0x0b30 Null - ok
16:15:21.0829 0x0b30 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:15:21.0829 0x0b30 NVHDA - ok
16:15:22.0079 0x0b30 [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:15:22.0282 0x0b30 nvlddmkm - ok
16:15:22.0329 0x0b30 [ 0D8FD1F6DCD537D97D9072D04DFC56A7, DAB608E8AE3000B2B32DD9DCD621E44F9466D8CCAA15AAE31CC53CA747355C95 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:15:22.0360 0x0b30 NvNetworkService - ok
16:15:22.0376 0x0b30 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:15:22.0376 0x0b30 nvraid - ok
16:15:22.0376 0x0b30 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:15:22.0391 0x0b30 nvstor - ok
16:15:22.0391 0x0b30 [ B9B0A76E8AA23E7FF4645D64C0238CE2, F6D0AF1FA63285ADC984991ED989DB4EB0CED34520B3078CDD27F9C8CC02C737 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:15:22.0391 0x0b30 NvStreamKms - ok
16:15:22.0516 0x0b30 [ CFCEFB5EAB2B196A0E5E7F3D89FC13DE, FF7B031334A97F67546705B1385B6625D8BBA53E9FBB64E4A4C57DC363CDBDCF ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:15:22.0626 0x0b30 NvStreamSvc - ok
16:15:22.0657 0x0b30 [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc C:\Windows\system32\nvvsvc.exe
16:15:22.0673 0x0b30 nvsvc - ok
16:15:22.0688 0x0b30 [ 59F0BB06D4810CD24A4345E0A483A785, 9FCE7C3EAFBBFB087DD2E26CBED1F274A46CDCDEFB9012D034B1E331D5384B3C ] NVVADARM C:\Windows\system32\drivers\nvvadarm.sys
16:15:22.0688 0x0b30 NVVADARM - ok
16:15:22.0688 0x0b30 [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:15:22.0688 0x0b30 nvvad_WaveExtensible - ok
16:15:22.0688 0x0b30 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:15:22.0704 0x0b30 nv_agp - ok
16:15:22.0751 0x0b30 [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:15:22.0782 0x0b30 Origin Client Service - ok
16:15:22.0782 0x0b30 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:15:22.0782 0x0b30 ose - ok
16:15:22.0798 0x0b30 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:15:22.0813 0x0b30 p2pimsvc - ok
16:15:22.0813 0x0b30 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
16:15:22.0829 0x0b30 p2psvc - ok
16:15:22.0829 0x0b30 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
16:15:22.0829 0x0b30 Parport - ok
16:15:22.0845 0x0b30 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:15:22.0845 0x0b30 partmgr - ok
16:15:22.0860 0x0b30 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:15:22.0860 0x0b30 PcaSvc - ok
16:15:22.0876 0x0b30 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
16:15:22.0876 0x0b30 pci - ok
16:15:22.0891 0x0b30 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
16:15:22.0891 0x0b30 pciide - ok
16:15:22.0891 0x0b30 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:15:22.0891 0x0b30 pcmcia - ok
16:15:22.0891 0x0b30 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
16:15:22.0907 0x0b30 pcw - ok
16:15:22.0907 0x0b30 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
16:15:22.0907 0x0b30 pdc - ok
16:15:22.0923 0x0b30 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:15:22.0938 0x0b30 PEAUTH - ok
16:15:23.0001 0x0b30 [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:15:23.0032 0x0b30 PeerDistSvc - ok
16:15:23.0079 0x0b30 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:15:23.0079 0x0b30 PerfHost - ok
16:15:23.0126 0x0b30 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
16:15:23.0157 0x0b30 pla - ok
16:15:23.0157 0x0b30 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:15:23.0173 0x0b30 PlugPlay - ok
16:15:23.0173 0x0b30 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
16:15:23.0173 0x0b30 PnkBstrA - ok
16:15:23.0173 0x0b30 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:15:23.0173 0x0b30 PNRPAutoReg - ok
16:15:23.0188 0x0b30 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:15:23.0188 0x0b30 PNRPsvc - ok
16:15:23.0204 0x0b30 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\System32\drivers\point64.sys
16:15:23.0204 0x0b30 Point64 - ok
16:15:23.0220 0x0b30 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:15:23.0220 0x0b30 PolicyAgent - ok
16:15:23.0220 0x0b30 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
16:15:23.0235 0x0b30 Power - ok
16:15:23.0298 0x0b30 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:15:23.0345 0x0b30 PrintNotify - ok
16:15:23.0360 0x0b30 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
16:15:23.0360 0x0b30 Processor - ok
16:15:23.0360 0x0b30 [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc C:\Windows\system32\profsvc.dll
16:15:23.0376 0x0b30 ProfSvc - ok
16:15:23.0376 0x0b30 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:15:23.0376 0x0b30 Psched - ok
16:15:23.0391 0x0b30 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
16:15:23.0391 0x0b30 QWAVE - ok
16:15:23.0407 0x0b30 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:15:23.0407 0x0b30 QWAVEdrv - ok
16:15:23.0407 0x0b30 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:15:23.0407 0x0b30 RasAcd - ok
16:15:23.0407 0x0b30 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
16:15:23.0407 0x0b30 RasAuto - ok
16:15:23.0423 0x0b30 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
16:15:23.0438 0x0b30 RasMan - ok
16:15:23.0438 0x0b30 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:15:23.0454 0x0b30 RasPppoe - ok
16:15:23.0454 0x0b30 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:15:23.0470 0x0b30 rdbss - ok
16:15:23.0470 0x0b30 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
16:15:23.0470 0x0b30 rdpbus - ok
16:15:23.0485 0x0b30 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:15:23.0485 0x0b30 RDPDR - ok
16:15:23.0485 0x0b30 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:15:23.0485 0x0b30 RdpVideoMiniport - ok
16:15:23.0501 0x0b30 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:15:23.0501 0x0b30 rdyboost - ok
16:15:23.0532 0x0b30 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
16:15:23.0548 0x0b30 ReFS - ok
16:15:23.0563 0x0b30 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:15:23.0563 0x0b30 RemoteAccess - ok
16:15:23.0579 0x0b30 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:15:23.0579 0x0b30 RemoteRegistry - ok
16:15:23.0579 0x0b30 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:15:23.0579 0x0b30 RpcEptMapper - ok
16:15:23.0595 0x0b30 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
16:15:23.0595 0x0b30 RpcLocator - ok
16:15:23.0610 0x0b30 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
16:15:23.0626 0x0b30 RpcSs - ok
16:15:23.0626 0x0b30 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:15:23.0641 0x0b30 rspndr - ok
16:15:23.0657 0x0b30 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
16:15:23.0673 0x0b30 RTL8168 - ok
16:15:23.0673 0x0b30 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
16:15:23.0673 0x0b30 s3cap - ok
16:15:23.0673 0x0b30 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
16:15:23.0673 0x0b30 SamSs - ok
16:15:23.0688 0x0b30 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:15:23.0688 0x0b30 sbp2port - ok
16:15:23.0688 0x0b30 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:15:23.0688 0x0b30 SCardSvr - ok
16:15:23.0704 0x0b30 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
16:15:23.0704 0x0b30 ScDeviceEnum - ok
16:15:23.0704 0x0b30 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:15:23.0704 0x0b30 scfilter - ok
16:15:23.0735 0x0b30 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
16:15:23.0766 0x0b30 Schedule - ok
16:15:23.0766 0x0b30 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:15:23.0766 0x0b30 SCPolicySvc - ok
16:15:23.0782 0x0b30 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
16:15:23.0782 0x0b30 sdbus - ok
16:15:23.0798 0x0b30 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
16:15:23.0798 0x0b30 sdstor - ok
16:15:23.0798 0x0b30 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:15:23.0798 0x0b30 secdrv - ok
16:15:23.0798 0x0b30 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
16:15:23.0798 0x0b30 seclogon - ok
16:15:23.0813 0x0b30 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
16:15:23.0813 0x0b30 SENS - ok
16:15:23.0813 0x0b30 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:15:23.0829 0x0b30 SensrSvc - ok
16:15:23.0829 0x0b30 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
16:15:23.0829 0x0b30 SerCx - ok
16:15:23.0845 0x0b30 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
16:15:23.0845 0x0b30 SerCx2 - ok
16:15:23.0845 0x0b30 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
16:15:23.0845 0x0b30 Serenum - ok
16:15:23.0845 0x0b30 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
16:15:23.0845 0x0b30 Serial - ok
16:15:23.0860 0x0b30 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
16:15:23.0860 0x0b30 sermouse - ok
16:15:23.0860 0x0b30 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
16:15:23.0876 0x0b30 SessionEnv - ok
16:15:23.0876 0x0b30 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
16:15:23.0876 0x0b30 sfloppy - ok
16:15:23.0891 0x0b30 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:15:23.0891 0x0b30 SharedAccess - ok
16:15:23.0923 0x0b30 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:15:23.0923 0x0b30 ShellHWDetection - ok
16:15:23.0938 0x0b30 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:15:23.0938 0x0b30 SiSRaid2 - ok
16:15:23.0938 0x0b30 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:15:23.0938 0x0b30 SiSRaid4 - ok
16:15:23.0938 0x0b30 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
16:15:23.0938 0x0b30 smphost - ok
16:15:23.0954 0x0b30 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:15:23.0954 0x0b30 SNMPTRAP - ok
16:15:23.0970 0x0b30 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
16:15:23.0970 0x0b30 spaceport - ok
16:15:23.0985 0x0b30 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
16:15:23.0985 0x0b30 SpbCx - ok
16:15:24.0001 0x0b30 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
16:15:24.0016 0x0b30 Spooler - ok
16:15:24.0173 0x0b30 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\Windows\system32\sppsvc.exe
16:15:24.0282 0x0b30 sppsvc - ok
16:15:24.0298 0x0b30 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:15:24.0313 0x0b30 srv - ok
16:15:24.0329 0x0b30 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:15:24.0345 0x0b30 srv2 - ok
16:15:24.0360 0x0b30 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:15:24.0360 0x0b30 srvnet - ok
16:15:24.0360 0x0b30 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:15:24.0376 0x0b30 SSDPSRV - ok
16:15:24.0376 0x0b30 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:15:24.0376 0x0b30 SstpSvc - ok
16:15:24.0407 0x0b30 [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:15:24.0423 0x0b30 Steam Client Service - ok
16:15:24.0423 0x0b30 [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:15:24.0438 0x0b30 Stereo Service - ok
16:15:24.0438 0x0b30 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:15:24.0438 0x0b30 stexstor - ok
16:15:24.0454 0x0b30 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
16:15:24.0470 0x0b30 stisvc - ok
16:15:24.0485 0x0b30 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
16:15:24.0485 0x0b30 storahci - ok
16:15:24.0485 0x0b30 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:15:24.0485 0x0b30 storflt - ok
16:15:24.0485 0x0b30 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
16:15:24.0485 0x0b30 stornvme - ok
16:15:24.0501 0x0b30 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
16:15:24.0501 0x0b30 StorSvc - ok
16:15:24.0501 0x0b30 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:15:24.0501 0x0b30 storvsc - ok
16:15:24.0501 0x0b30 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
16:15:24.0501 0x0b30 svsvc - ok
16:15:24.0501 0x0b30 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
16:15:24.0501 0x0b30 swenum - ok
16:15:24.0532 0x0b30 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
16:15:24.0548 0x0b30 swprv - ok
16:15:24.0579 0x0b30 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\Windows\system32\sysmain.dll
16:15:24.0610 0x0b30 SysMain - ok
16:15:24.0610 0x0b30 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:15:24.0626 0x0b30 SystemEventsBroker - ok
16:15:24.0626 0x0b30 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:15:24.0641 0x0b30 TabletInputService - ok
16:15:24.0641 0x0b30 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
16:15:24.0657 0x0b30 TapiSrv - ok
16:15:24.0704 0x0b30 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:15:24.0751 0x0b30 Tcpip - ok
16:15:24.0813 0x0b30 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:15:24.0845 0x0b30 TCPIP6 - ok
16:15:24.0860 0x0b30 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:15:24.0860 0x0b30 tcpipreg - ok
16:15:24.0860 0x0b30 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:15:24.0860 0x0b30 tdx - ok
16:15:24.0860 0x0b30 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
16:15:24.0876 0x0b30 terminpt - ok
16:15:24.0891 0x0b30 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
16:15:24.0907 0x0b30 TermService - ok
16:15:24.0923 0x0b30 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
16:15:24.0923 0x0b30 Themes - ok
16:15:24.0923 0x0b30 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
16:15:24.0923 0x0b30 THREADORDER - ok
16:15:24.0938 0x0b30 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
16:15:24.0938 0x0b30 TimeBroker - ok
16:15:24.0954 0x0b30 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
16:15:24.0954 0x0b30 TPM - ok
16:15:24.0954 0x0b30 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
16:15:24.0970 0x0b30 TrkWks - ok
16:15:24.0970 0x0b30 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:15:24.0970 0x0b30 TrustedInstaller - ok
16:15:24.0970 0x0b30 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:15:24.0970 0x0b30 TsUsbFlt - ok
16:15:24.0985 0x0b30 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
16:15:24.0985 0x0b30 TsUsbGD - ok
16:15:24.0985 0x0b30 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:15:24.0985 0x0b30 tunnel - ok
16:15:25.0001 0x0b30 [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys C:\Windows\system32\DRIVERS\t_mouse.sys
16:15:25.0001 0x0b30 t_mouse.sys - ok
16:15:25.0001 0x0b30 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:15:25.0001 0x0b30 uagp35 - ok
16:15:25.0001 0x0b30 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
16:15:25.0001 0x0b30 UASPStor - ok
16:15:25.0016 0x0b30 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
16:15:25.0016 0x0b30 UCX01000 - ok
16:15:25.0032 0x0b30 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:15:25.0032 0x0b30 udfs - ok
16:15:25.0032 0x0b30 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
16:15:25.0032 0x0b30 UEFI - ok
16:15:25.0048 0x0b30 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:15:25.0048 0x0b30 UI0Detect - ok
16:15:25.0048 0x0b30 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:15:25.0048 0x0b30 uliagpkx - ok
16:15:25.0048 0x0b30 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
16:15:25.0048 0x0b30 umbus - ok
16:15:25.0063 0x0b30 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
16:15:25.0063 0x0b30 UmPass - ok
16:15:25.0063 0x0b30 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
16:15:25.0079 0x0b30 UmRdpService - ok
16:15:25.0095 0x0b30 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
16:15:25.0095 0x0b30 upnphost - ok
16:15:25.0095 0x0b30 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
16:15:25.0110 0x0b30 USBAAPL64 - ok
16:15:25.0110 0x0b30 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
16:15:25.0110 0x0b30 usbccgp - ok
16:15:25.0126 0x0b30 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
16:15:25.0126 0x0b30 usbcir - ok
16:15:25.0126 0x0b30 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
16:15:25.0126 0x0b30 usbehci - ok
16:15:25.0141 0x0b30 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
16:15:25.0157 0x0b30 usbhub - ok
16:15:25.0173 0x0b30 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
16:15:25.0173 0x0b30 USBHUB3 - ok
16:15:25.0173 0x0b30 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
16:15:25.0173 0x0b30 usbohci - ok
16:15:25.0188 0x0b30 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
16:15:25.0188 0x0b30 usbprint - ok
16:15:25.0188 0x0b30 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
16:15:25.0188 0x0b30 USBSTOR - ok
16:15:25.0204 0x0b30 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
16:15:25.0204 0x0b30 usbuhci - ok
16:15:25.0204 0x0b30 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
16:15:25.0220 0x0b30 USBXHCI - ok
16:15:25.0220 0x0b30 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
16:15:25.0220 0x0b30 VaultSvc - ok
16:15:25.0220 0x0b30 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:15:25.0220 0x0b30 vdrvroot - ok
16:15:25.0266 0x0b30 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
16:15:25.0282 0x0b30 vds - ok
16:15:25.0298 0x0b30 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
16:15:25.0298 0x0b30 VerifierExt - ok
16:15:25.0313 0x0b30 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
16:15:25.0313 0x0b30 vhdmp - ok
16:15:25.0345 0x0b30 [ 627270F2103D41086BAB9675A3315DAB, 7BBCE942FD590D7F5CA85B25459B8A69D20F481855DDDD64407ED27D146A7A36 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
16:15:25.0376 0x0b30 VIAHdAudAddService - ok
16:15:25.0376 0x0b30 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
16:15:25.0376 0x0b30 viaide - ok
16:15:25.0376 0x0b30 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:15:25.0376 0x0b30 vmbus - ok
16:15:25.0391 0x0b30 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
16:15:25.0391 0x0b30 VMBusHID - ok
16:15:25.0407 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:15:25.0407 0x0b30 vmicguestinterface - ok
16:15:25.0423 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
16:15:25.0438 0x0b30 vmicheartbeat - ok
16:15:25.0454 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:15:25.0454 0x0b30 vmickvpexchange - ok
16:15:25.0470 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
16:15:25.0485 0x0b30 vmicrdv - ok
16:15:25.0501 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
16:15:25.0501 0x0b30 vmicshutdown - ok
16:15:25.0516 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
16:15:25.0532 0x0b30 vmictimesync - ok
16:15:25.0548 0x0b30 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
16:15:25.0548 0x0b30 vmicvss - ok
16:15:25.0563 0x0b30 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:15:25.0563 0x0b30 volmgr - ok
16:15:25.0563 0x0b30 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:15:25.0579 0x0b30 volmgrx - ok
16:15:25.0595 0x0b30 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:15:25.0595 0x0b30 volsnap - ok
16:15:25.0595 0x0b30 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
16:15:25.0595 0x0b30 vpci - ok
16:15:25.0610 0x0b30 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:15:25.0610 0x0b30 vsmraid - ok
16:15:25.0641 0x0b30 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\Windows\system32\vssvc.exe
16:15:25.0673 0x0b30 VSS - ok
16:15:25.0688 0x0b30 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
16:15:25.0688 0x0b30 VSTXRAID - ok
16:15:25.0688 0x0b30 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:15:25.0688 0x0b30 vwifibus - ok
16:15:25.0704 0x0b30 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
16:15:25.0704 0x0b30 W32Time - ok
16:15:25.0720 0x0b30 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
16:15:25.0720 0x0b30 WacomPen - ok
16:15:25.0751 0x0b30 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
16:15:25.0782 0x0b30 wbengine - ok
16:15:25.0798 0x0b30 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:15:25.0813 0x0b30 WbioSrvc - ok
16:15:25.0813 0x0b30 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
16:15:25.0829 0x0b30 Wcmsvc - ok
16:15:25.0845 0x0b30 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:15:25.0860 0x0b30 wcncsvc - ok
16:15:25.0860 0x0b30 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:15:25.0860 0x0b30 WcsPlugInService - ok
16:15:25.0860 0x0b30 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
16:15:25.0860 0x0b30 WdBoot - ok
16:15:25.0891 0x0b30 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:15:25.0907 0x0b30 Wdf01000 - ok
16:15:25.0907 0x0b30 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
16:15:25.0907 0x0b30 WdFilter - ok
16:15:25.0923 0x0b30 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:15:25.0923 0x0b30 WdiServiceHost - ok
16:15:25.0923 0x0b30 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:15:25.0923 0x0b30 WdiSystemHost - ok
16:15:25.0938 0x0b30 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
16:15:25.0938 0x0b30 WdNisDrv - ok
16:15:25.0938 0x0b30 WdNisSvc - ok
16:15:25.0938 0x0b30 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\Windows\System32\webclnt.dll
16:15:25.0954 0x0b30 WebClient - ok
16:15:25.0954 0x0b30 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:15:25.0970 0x0b30 Wecsvc - ok
16:15:25.0970 0x0b30 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
16:15:25.0970 0x0b30 WEPHOSTSVC - ok
16:15:25.0970 0x0b30 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:15:25.0985 0x0b30 wercplsupport - ok
16:15:25.0985 0x0b30 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
16:15:25.0985 0x0b30 WerSvc - ok
16:15:25.0985 0x0b30 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
16:15:26.0001 0x0b30 WFPLWFS - ok
16:15:26.0001 0x0b30 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
16:15:26.0001 0x0b30 WiaRpc - ok
16:15:26.0001 0x0b30 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:15:26.0001 0x0b30 WIMMount - ok
16:15:26.0001 0x0b30 WinDefend - ok
16:15:26.0032 0x0b30 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:15:26.0048 0x0b30 WinHttpAutoProxySvc - ok
16:15:26.0063 0x0b30 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:15:26.0063 0x0b30 Winmgmt - ok
16:15:26.0126 0x0b30 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
16:15:26.0173 0x0b30 WinRM - ok
16:15:26.0173 0x0b30 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:15:26.0188 0x0b30 WinUsb - ok
16:15:26.0220 0x0b30 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
16:15:26.0251 0x0b30 WlanSvc - ok
16:15:26.0282 0x0b30 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
16:15:26.0313 0x0b30 wlidsvc - ok
16:15:26.0329 0x0b30 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
16:15:26.0329 0x0b30 WmiAcpi - ok
16:15:26.0329 0x0b30 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:15:26.0329 0x0b30 wmiApSrv - ok
16:15:26.0345 0x0b30 WMPNetworkSvc - ok
16:15:26.0345 0x0b30 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
16:15:26.0345 0x0b30 Wof - ok
16:15:26.0391 0x0b30 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
16:15:26.0423 0x0b30 workfolderssvc - ok
16:15:26.0423 0x0b30 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
16:15:26.0423 0x0b30 wpcfltr - ok
16:15:26.0423 0x0b30 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:15:26.0438 0x0b30 WPCSvc - ok
16:15:26.0438 0x0b30 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:15:26.0438 0x0b30 WPDBusEnum - ok
16:15:26.0438 0x0b30 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
16:15:26.0438 0x0b30 WpdUpFltr - ok
16:15:26.0454 0x0b30 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:15:26.0454 0x0b30 ws2ifsl - ok
16:15:26.0454 0x0b30 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
16:15:26.0454 0x0b30 wscsvc - ok
16:15:26.0454 0x0b30 WSearch - ok
16:15:26.0548 0x0b30 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
16:15:26.0595 0x0b30 WSService - ok
16:15:26.0688 0x0b30 [ 50CEC061C6D6FD2B9C89BECD08991CCB, 31EB1601426223E712C4E4AA29410EDFC81E020996A402BD3E850A2EAF127286 ] wuauserv C:\Windows\system32\wuaueng.dll
16:15:26.0766 0x0b30 wuauserv - ok
16:15:26.0766 0x0b30 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:15:26.0766 0x0b30 WudfPf - ok
16:15:26.0782 0x0b30 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
16:15:26.0782 0x0b30 WUDFRd - ok
16:15:26.0798 0x0b30 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:26.0798 0x0b30 WUDFSensorLP - ok
16:15:26.0798 0x0b30 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:15:26.0798 0x0b30 wudfsvc - ok
16:15:26.0813 0x0b30 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
16:15:26.0813 0x0b30 WUDFWpdFs - ok
16:15:26.0829 0x0b30 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:26.0829 0x0b30 WUDFWpdMtp - ok
16:15:26.0845 0x0b30 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:15:26.0860 0x0b30 WwanSvc - ok
16:15:26.0860 0x0b30 [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\Windows\System32\drivers\xusb22.sys
16:15:26.0860 0x0b30 xusb22 - ok
16:15:26.0860 0x0b30 ================ Scan global ===============================
16:15:26.0876 0x0b30 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
16:15:26.0876 0x0b30 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
16:15:26.0891 0x0b30 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
16:15:26.0891 0x0b30 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
16:15:26.0907 0x0b30 [ Global ] - ok
16:15:26.0907 0x0b30 ================ Scan MBR ==================================
16:15:26.0907 0x0b30 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:15:26.0923 0x0b30 \Device\Harddisk0\DR0 - ok
16:15:26.0938 0x0b30 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:15:27.0032 0x0b30 \Device\Harddisk1\DR1 - ok
16:15:27.0032 0x0b30 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:15:27.0548 0x0b30 \Device\Harddisk2\DR2 - ok
16:15:27.0548 0x0b30 ================ Scan VBR ==================================
16:15:27.0548 0x0b30 [ 9B36AC87CCD8DBD7266BE4802F2C548F ] \Device\Harddisk0\DR0\Partition1
16:15:27.0579 0x0b30 \Device\Harddisk0\DR0\Partition1 - ok
16:15:27.0595 0x0b30 [ 88B2F4B56CC02D9194866855BCEE54C5 ] \Device\Harddisk1\DR1\Partition1
16:15:27.0641 0x0b30 \Device\Harddisk1\DR1\Partition1 - ok
16:15:27.0641 0x0b30 [ E1C2BB64262C348D0BAFA86A5FA39C25 ] \Device\Harddisk1\DR1\Partition2
16:15:27.0673 0x0b30 \Device\Harddisk1\DR1\Partition2 - ok
16:15:27.0673 0x0b30 [ F5E94E5FBFFDF52D68AC3B5F8A2982D9 ] \Device\Harddisk2\DR2\Partition1
16:15:27.0688 0x0b30 \Device\Harddisk2\DR2\Partition1 - ok
16:15:27.0688 0x0b30 ================ Scan generic autorun ======================
16:15:27.0751 0x0b30 [ 0FD818A72C3602A8FCFD5189F1FE094C, D3D74DD361E4728B0EDA3B49F746ED6D1D22BDDDEF4739DFA97AB61ECAA3727A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:15:27.0798 0x0b30 NvBackend - ok
16:15:27.0798 0x0b30 [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\Windows\system32\TiltWheelMouse.exe
16:15:27.0813 0x0b30 MouseDriver - ok
16:15:27.0860 0x0b30 [ C7CEB24BD6231F33B2036AAF6F91C9BD, A122DBC552612E1E12340AC6D71CD03B628354DA1704AE0432CE3DA8E2D13019 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
16:15:27.0907 0x0b30 HDAudDeck - ok
16:15:27.0907 0x0b30 [ CBEE2EC017A4681FF5C3D22398A50823, 6ED9D4C1A844B362D906E9A8B3A051C8673017D0B8536460279938D8135780B7 ] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
16:15:27.0907 0x0b30 GUDelayStartup - ok
16:15:27.0923 0x0b30 Waiting for KSN requests completion. In queue: 229
16:15:28.0938 0x0b30 Waiting for KSN requests completion. In queue: 229
16:15:29.0954 0x0b30 Waiting for KSN requests completion. In queue: 229
16:15:30.0970 0x0b30 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
16:15:30.0985 0x0b30 Win FW state via NFP2: enabled ( trusted )
16:15:33.0438 0x0b30 ============================================================
16:15:33.0438 0x0b30 Scan finished
16:15:33.0438 0x0b30 ============================================================
16:15:33.0438 0x1034 Detected object count: 0
16:15:33.0438 0x1034 Actual detected object count: 0
|
|
28.07.2015, 04:44
| #5 | |
| /// TB-Ausbilder | Öffnen mancher Programme dauert 2-3 Minuten Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop (C:\users\<benutzername>\Desktop) downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. FRST bitte nochmal vom Desktop:
|
|
28.07.2015, 14:55
| #6 |
| | Öffnen mancher Programme dauert 2-3 Minuten OK, entschuldigung. Hier nochmal der Scan vom Desktop aus. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von m1ck3y an 2015-07-28 15:54:41
Gestartet von C:\Users\m1ck3y\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1474457362-1224508852-2511664465-500 - Administrator - Disabled)
Gast (S-1-5-21-1474457362-1224508852-2511664465-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1474457362-1224508852-2511664465-1003 - Limited - Enabled)
l3jlah (S-1-5-21-1474457362-1224508852-2511664465-1004 - Limited - Enabled) => C:\Users\l3jlah
m1ck3y (S-1-5-21-1474457362-1224508852-2511664465-1001 - Administrator - Enabled) => C:\Users\m1ck3y
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Glary Utilities PRO 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
Nettv+ Player 4 (HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Nettv+ Player 4) (Version: 00.04.06.01 - nettvplus)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-07-2015 16:03:14 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
22-07-2015 19:35:26 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
24-07-2015 06:24:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-07-2015 16:11:39 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-06-11 15:24 - 2015-06-11 15:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01715C8D-9566-45AD-BE02-BE7EA7478F8B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0EF61142-F08C-48BF-9D30-96DF18163B77} - System32\Tasks\CoreTemp => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {22E9B6C9-A4C0-41E2-8401-6CCCFA4668F6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2A6D6A1B-A1F8-4265-BD57-6F9255DF57DA} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-07-20] (Glarysoft Ltd)
Task: {388C38E3-CC2A-446F-8380-5B22598630DC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-20] (Glarysoft Ltd)
Task: {40C74B36-95DC-44E8-96F1-6031486BF6D3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6DC08257-9D30-439D-90D2-74DE31162F69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9A71BA07-BA9E-4841-807D-7D3E21EDCADE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A5F4E90E-A039-4713-804B-2095A05CCF17} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CAD9F925-2480-4A1A-BE8E-CBBE34CC1E5D} - System32\Tasks\{93906159-D190-4A12-89B3-99C3C7FF8853} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {CCDF18BE-AD00-4166-AF5D-B6107E56E042} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2B441F0-2A40-4026-8F6A-99B0D4317F59} - System32\Tasks\{B3BACB37-C6F1-4D0E-84D7-E73EC5F68A0A} => pcalua.exe -a B:\Games\WinUAE\uninstall_winuae.exe
Task: {DB349373-3411-4FFA-B882-A735CCEC14C1} - System32\Tasks\{5B248C0F-9303-497F-9E55-A5839B45A22D} => pcalua.exe -a B:\Games\NES\NES-Emulator\nestopia.exe -d B:\Games\NES\NES-Emulator
Task: {E103B92F-4C63-4848-9D75-8262D80E37D3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {E8799797-0243-49C2-901E-294EDD2FDB86} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F0B8028E-2A1B-4A47-BA60-FC09B9372FB1} - System32\Tasks\ASUS GPU Tweak => C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe [2014-08-06] (ASUS)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-04-06 14:37 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-17 19:11 - 2015-07-11 21:36 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-06 18:51 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "HDAudDeck"
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EE5F1B2B-FD6B-4289-A443-89DD4EDBA255}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC57A823-65AB-4CF4-81A5-4397D403B0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20CFE133-858C-483B-90F6-A62848705982}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BACF746-3A0D-471C-AADB-716BAE707473}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB3DDB49-08BE-47DF-B49C-A44F45F945E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D93F1A6-8D6A-49DA-94A4-0EB300ADDF50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E28BA78-849F-4F98-8FA8-47C5580439C7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{089453E5-A325-4510-A3A7-2CE6F84BACFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0725BB5E-DE50-4768-B00B-696DC11C11E2}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5A573F04-D4B6-4533-A3B6-C022F194F63A}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [{160AD135-2725-491F-8F75-F31F6D5F6E7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8316E254-1322-4644-AC7A-308BE417D771}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{73E8FA17-A315-45EF-8F37-12BF5E58DE6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0A58A6DC-9750-486D-B607-2AC4C7B2918B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{27658D24-2566-471E-9867-7347A635178D}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8B7C616D-640A-4967-BC21-FAE5467BC892}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DF525BFE-E1E9-4AB9-96D3-2E885CB13947}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [{11465CD7-8E0F-429E-95D2-D70088B59064}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{ECD97465-167F-4EFB-AAE2-1D7D0756ECA8}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [UDP Query User{3E3B7004-3FF0-4F1D-9819-FEE379CB8D23}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [TCP Query User{5FA87220-2D09-46AE-A7A4-B54D10DBE921}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{F805E380-ECA9-4720-9287-9584A2AC7357}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [TCP Query User{8B91D930-1B30-4706-AB04-1C7DBF6ACE83}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{E092324B-8864-4C01-A5C0-1246F7994884}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [{8C2E5D3E-6D7D-44B6-AB75-84C3B86954A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{21B3B0A9-493F-4198-899C-8B8085F9F462}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7E7FB344-EACD-4165-96C4-CE1DF3D13F37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BF536E74-5595-4856-A692-7B33563F7B4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F530096-A364-41C6-A888-9909816CECBF}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{426744FF-EBAE-4783-8BD7-1766E2B2746E}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{35ED7226-2A14-4CD3-BB00-7C822861FC00}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6A404DA7-686F-455C-9C06-07664ED34573}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{96ADB231-B0B3-489C-B1F6-E852E9F9B36F}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{0AC71FD0-1443-4EFF-A590-E45D9B8F8DD2}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{C5BE6FE0-5291-4F23-B3D3-89FC26B74375}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0DD34E2B-F85F-48C1-848A-F98C13376C92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CED41C18-506F-46C2-A7F1-460DE5D8F043}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BCB9BDE-6E2C-4662-A453-CDCD9A7530F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A73CB7AC-7542-4599-B370-FF84DF51E761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EE89C9A2-3675-4B23-A7BB-51C259769F34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{345D41CF-E0DF-4744-A5AE-BF6D6C4EF563}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9434FA3B-9735-487C-AF6A-CF72A718DAFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09F4F013-244E-4DD2-A2F3-B2AFDEEC1A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{23C8F8A9-1F71-438F-AAF6-2F522929F568}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5BC8C2C5-426D-4498-A6A2-C41F74C7CFC8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8211DB9C-4AC2-4A4F-83CE-DEE2C9400D68}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{272C0584-B76B-4734-A4A2-77C40A34623D}] => (Allow) B:\Games\BFH\BFHWebHelper.exe
FirewallRules: [{484BDD3E-353C-452D-B7D3-4D41A1B7BD8D}] => (Allow) B:\Games\BFH\BFHWebHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/27/2015 07:16:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x58c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/27/2015 04:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x588
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/27/2015 04:11:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/27/2015 04:03:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x584
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/27/2015 12:43:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x112c
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:35:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x7bc
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:20:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0xcbc
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Error: (07/27/2015 12:18:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Name des fehlerhaften Moduls: VDeck.exe, Version: 7.3.0.30, Zeitstempel: 0x4a695333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000280a0
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0xVDeck.exe0
Pfad der fehlerhaften Anwendung: VDeck.exe1
Pfad des fehlerhaften Moduls: VDeck.exe2
Berichtskennung: VDeck.exe3
Vollständiger Name des fehlerhaften Pakets: VDeck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VDeck.exe5
Systemfehler:
=============
Error: (07/28/2015 03:51:57 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/28/2015 03:23:36 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
Error: (07/28/2015 03:23:27 PM) (Source: DCOM) (EventID: 10010) (User: Mickey)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/28/2015 03:23:27 PM) (Source: DCOM) (EventID: 10010) (User: Mickey)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/28/2015 03:23:22 PM) (Source: DCOM) (EventID: 10010) (User: Mickey)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1
Error: (07/28/2015 03:23:22 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
Error: (07/28/2015 03:23:22 PM) (Source: DCOM) (EventID: 10010) (User: Mickey)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4
Error: (07/28/2015 03:23:08 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/28/2015 12:32:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{135FD325-45B7-4C30-89F8-4386961669F0}{135FD325-45B7-4C30-89F8-4386961669F0}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/28/2015 12:23:50 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Microsoft Office:
=========================
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927141
Error: (07/27/2015 07:16:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058c01d0c8893d0cf6a5C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll3ae23f08-3483-11e5-841e-90e6babca255
Error: (07/27/2015 04:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058801d0c875104074a1C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll51f8f084-346b-11e5-8418-90e6babca255
Error: (07/27/2015 04:11:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/27/2015 04:03:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058401d0c859513df21cC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll3da5b884-3468-11e5-8417-90e6babca255
Error: (07/27/2015 12:43:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a0112c01d0c85920fc50ddC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe5f1604d5-344c-11e5-8416-90e6babca255
Error: (07/27/2015 12:35:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a07bc01d0c85801f6c152C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe402b02fe-344b-11e5-8415-90e6babca255
Error: (07/27/2015 12:20:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a0cbc01d0c855ddcf4919C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe1bdd9577-3449-11e5-8414-90e6babca255
Error: (07/27/2015 12:18:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VDeck.exe7.3.0.304a695333VDeck.exe7.3.0.304a695333c000000500000000000280a06e801d0c85593138037C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exeC:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exed1269137-3448-11e5-8413-90e6babca255
CodeIntegrity Fehler:
===================================
Date: 2015-07-28 03:13:05.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-27 07:09:13.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-24 11:16:14.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 15:04:19.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 06:41:49.428
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-22 07:01:30.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-21 06:51:55.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-20 06:32:23.155
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-19 20:49:20.560
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-18 12:54:16.692
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 9%
Total physical RAM: 16382.05 MB
Available physical RAM: 14800.3 MB
Total Virtual: 16382.05 MB
Available Virtual: 14656.16 MB
==================== Drives ================================
Drive a: (Seagate 1TB) (Fixed) (Total:931.51 GB) (Free:639.39 GB) NTFS
Drive b: (Seagate 1000 GB) (Fixed) (Total:931.17 GB) (Free:694.71 GB) NTFS
Drive c: () (Fixed) (Total:111.79 GB) (Free:46.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FE2675D4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 76FCC84D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3FBF5176)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== Ende von log ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von m1ck3y (Administrator) auf MICKEY (28-07-2015 15:54:16)
Gestartet von C:\Users\m1ck3y\Desktop
Geladene Profile: m1ck3y (Verfügbare Profile: m1ck3y & l3jlah)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\m1ck3y\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-07-20] (Glarysoft Ltd)
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49484;https=127.0.0.1:49484
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1474457362-1224508852-2511664465-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C0BA8A3E-6804-48B1-93D8-098A2353C75C}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-30]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-07-11] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-04] (Glarysoft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 15:54 - 2015-07-28 15:54 - 00011301 _____ C:\Users\m1ck3y\Desktop\FRST.txt
2015-07-28 15:53 - 2015-07-28 15:54 - 00000000 ____D C:\FRST
2015-07-28 15:53 - 2015-07-28 15:53 - 02146816 _____ (Farbar) C:\Users\m1ck3y\Desktop\FRST64.exe
2015-07-28 15:12 - 2015-07-28 15:13 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\vlc
2015-07-27 21:06 - 2015-07-27 21:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-27 18:28 - 2015-07-27 18:28 - 00000346 _____ C:\Windows\PFRO.log
2015-07-27 18:26 - 2015-07-24 06:21 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-27 17:05 - 2015-07-27 17:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-27 16:39 - 2015-07-28 15:52 - 00005160 _____ C:\Windows\setupact.log
2015-07-27 16:39 - 2015-07-27 16:39 - 00000000 _____ C:\Windows\setuperr.log
2015-07-27 16:11 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:41 - 2015-07-27 16:30 - 00003002 _____ C:\Windows\System32\Tasks\ASUS GPU Tweak
2015-07-27 12:39 - 2015-07-27 16:30 - 00002986 _____ C:\Windows\System32\Tasks\CoreTemp
2015-07-27 00:26 - 2015-07-27 16:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-27 00:25 - 2015-07-27 00:25 - 00001134 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-27 00:25 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-27 00:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-27 00:23 - 2015-07-28 15:52 - 00649600 _____ C:\Windows\WindowsUpdate.log
2015-07-27 00:22 - 2015-07-27 00:22 - 00000683 _____ C:\Users\m1ck3y\Desktop\Fraps.lnk
2015-07-27 00:21 - 2015-07-27 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-07-27 00:06 - 2015-07-27 00:06 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\CEF
2015-07-27 00:01 - 2015-07-27 00:01 - 00000939 _____ C:\Users\m1ck3y\Desktop\Steam.lnk
2015-07-27 00:00 - 2015-07-27 00:00 - 00000909 _____ C:\Users\m1ck3y\Desktop\CPU-Z.lnk
2015-07-25 00:43 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-25 00:43 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-25 00:43 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-25 00:43 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-25 00:43 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iPod
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-23 23:08 - 2015-07-24 06:21 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-22 22:25 - 2015-07-22 22:25 - 00003312 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-22 22:25 - 2015-07-22 22:25 - 00002970 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-21 06:21 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 06:21 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 06:57 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 06:57 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 06:19 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 06:19 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 06:19 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 06:19 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 06:19 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 06:19 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 06:19 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 06:19 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 06:19 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 06:19 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 06:19 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 06:19 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 06:19 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 06:19 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 06:19 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 06:19 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 06:19 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 06:19 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 06:19 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 06:19 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 06:19 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 06:19 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 06:18 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 06:18 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:18 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 06:18 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 06:18 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 06:18 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 06:18 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:18 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 06:18 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 06:18 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 06:18 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 06:18 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 06:17 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 06:17 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 06:17 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 06:17 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 06:17 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 06:17 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 06:17 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 06:17 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 06:17 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 06:17 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 06:17 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 06:17 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 06:17 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 06:17 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 06:17 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 06:17 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 06:17 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 06:17 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 06:17 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 06:17 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 06:17 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 06:17 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 06:17 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 06:17 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 06:17 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 06:17 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 06:17 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 06:17 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 06:16 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 06:16 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 06:16 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 06:16 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 06:16 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 06:16 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 06:16 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 06:16 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 06:16 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 06:16 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-11 21:39 - 2015-07-11 21:39 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\ESN
2015-07-10 19:29 - 2015-07-28 14:07 - 00000000 ___HD C:\$Windows.~BT
2015-07-08 21:47 - 2015-07-08 21:47 - 00001520 _____ C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIDA64.lnk
2015-07-08 20:32 - 2015-07-08 20:32 - 00000979 _____ C:\Users\m1ck3y\Desktop\GPU-Z.lnk
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2015-07-08 12:31 - 2015-07-08 12:31 - 00007602 _____ C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
2015-07-05 10:43 - 2015-07-05 11:03 - 00000000 ____D C:\Users\l3jlah\Desktop\Flowers
2015-07-03 21:54 - 2015-07-04 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 15:52 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-28 15:52 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 15:21 - 2014-03-18 12:03 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-28 15:21 - 2014-03-18 11:25 - 00726688 _____ C:\Windows\system32\perfh007.dat
2015-07-28 15:21 - 2014-03-18 11:25 - 00151380 _____ C:\Windows\system32\perfc007.dat
2015-07-28 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-28 14:59 - 2015-04-06 18:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 13:58 - 2015-04-06 15:23 - 00000000 ____D C:\Windows\Panther
2015-07-28 12:50 - 2015-06-10 12:41 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EFE052BD-2E86-4D2D-9DC8-BC8E897EFFE8}
2015-07-28 12:32 - 2015-04-06 18:27 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\JDownloader v2.0
2015-07-28 12:30 - 2015-04-06 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-07-28 12:27 - 2015-04-06 14:59 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2E756853-EE45-40C9-9F7F-0E07554DD0BE}
2015-07-28 07:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-28 06:53 - 2015-04-06 22:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1004
2015-07-27 22:37 - 2015-04-06 14:32 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1001
2015-07-27 18:26 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-27 16:49 - 2015-04-15 21:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\JAM Software
2015-07-27 16:35 - 2015-04-15 21:45 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-07-27 16:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-27 16:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 12:46 - 2015-06-11 15:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\vlc
2015-07-27 00:15 - 2015-06-01 10:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 16:05 - 2015-04-06 21:59 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\Origin
2015-07-25 10:09 - 2015-04-06 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-24 06:21 - 2015-04-06 18:13 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2015-04-06 18:13 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 23:09 - 2015-04-06 18:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-23 13:18 - 2015-04-06 21:44 - 00000000 ___RD C:\Users\l3jlah\Desktop\NewMods
2015-07-22 22:25 - 2015-04-15 21:45 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-21 12:37 - 2015-04-15 21:43 - 00347872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 20:49 - 2015-04-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 07:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 07:00 - 2015-04-06 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-15 06:59 - 2015-04-06 18:25 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 06:57 - 2015-04-06 15:44 - 00000000 ____D C:\Windows\system32\MRT
2015-07-11 21:39 - 2015-04-17 19:11 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-11 21:36 - 2015-04-17 19:11 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-08 20:33 - 2015-04-11 12:37 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-07-07 22:08 - 2015-05-04 11:44 - 00001106 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-07-05 19:21 - 2015-04-06 14:26 - 00000000 ____D C:\Users\m1ck3y
2015-07-05 18:59 - 2015-04-06 18:36 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Origin
2015-07-05 12:08 - 2015-04-06 15:45 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 09:21 - 2015-04-06 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2015-04-06 15:44 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 20:54 - 2015-04-12 11:30 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieUserList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieSiteList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieBrowserModeList
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-08 12:31 - 2015-07-08 12:31 - 0007602 _____ () C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_1285987372563826868.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_2693695413324671472.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_4799849925856133150.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_5316211035364318025.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_6627871448769734756.dll
C:\Users\m1ck3y\AppData\Local\Temp\JNativeHook_3060682515364898488.dll
C:\Users\m1ck3y\AppData\Local\Temp\JNativeHook_4459773116705877376.dll
C:\Users\m1ck3y\AppData\Local\Temp\JNativeHook_7683950740162440602.dll
C:\Users\m1ck3y\AppData\Local\Temp\proxy_vole1336121362630580984.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-27 07:09
==================== Ende von log ============================
|
|
28.07.2015, 19:22
| #7 |
| /// TB-Ausbilder | Öffnen mancher Programme dauert 2-3 Minuten Servus, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
29.07.2015, 03:26
| #8 |
| | Öffnen mancher Programme dauert 2-3 MinutenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.29.01
rootkit: v2015.07.28.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17905
m1ck3y :: MICKEY [administrator]
29.07.2015 04:02:05
mbar-log-2015-07-29 (04-02-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 412060
Time elapsed: 9 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
29.07.2015, 04:50
| #9 |
| /// TB-Ausbilder | Öffnen mancher Programme dauert 2-3 Minuten Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
29.07.2015, 09:58
| #10 |
| | Öffnen mancher Programme dauert 2-3 MinutenCode:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 29/07/2015 um 10:43:12
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 8.1 Pro (x64)
# Benutzername : m1ck3y - MICKEY
# Gestarted von : C:\Users\m1ck3y\Desktop\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Users\m1ck3y\AppData\Local\globalUpdate
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\luckysearches.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49484;hxxps=127.0.0.1:49484
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v39.0 (x86 de)
[yhtlr7zb.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.luckysearches.com/favicon.ico");
[yhtlr7zb.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.luckysearches.com/web/?type=ds&ts=1429192102&from=smt&uid=ST1000DM003-9YN162_S1D499SSXXXXS1D499SS&q={searchTerms}");
[yhtlr7zb.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[yhtlr7zb.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
*************************
AdwCleaner[R0].txt - [2518 Bytes] - [29/07/2015 10:42:53]
AdwCleaner[S0].txt - [2189 Bytes] - [29/07/2015 10:43:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2248 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.07.2015 Suchlaufzeit: 10:45 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.29.02 Rootkit-Datenbank: v2015.07.29.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: m1ck3y Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 410060 Abgelaufene Zeit: 7 Min., 37 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 8.1 Pro x64
Ran by m1ck3y on 29.07.2015 at 10:54:45,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\m1ck3y\AppData\Roaming\mozilla\firefox\profiles\yhtlr7zb.default\prefs.js
user_pref(browser.search.searchengine.alias, luckysearches);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.name, luckysearches);
user_pref(browser.search.searchengine.ptid, smt);
user_pref(browser.search.searchengine.uid, ST1000DM003-9YN162_S1D499SSXXXXS1D499SS);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2015 at 10:56:35,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von m1ck3y an 2015-07-29 10:57:35
Gestartet von C:\Users\m1ck3y\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1474457362-1224508852-2511664465-500 - Administrator - Disabled)
Gast (S-1-5-21-1474457362-1224508852-2511664465-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1474457362-1224508852-2511664465-1003 - Limited - Enabled)
l3jlah (S-1-5-21-1474457362-1224508852-2511664465-1004 - Limited - Enabled) => C:\Users\l3jlah
m1ck3y (S-1-5-21-1474457362-1224508852-2511664465-1001 - Administrator - Enabled) => C:\Users\m1ck3y
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Glary Utilities PRO 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
Nettv+ Player 4 (HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Nettv+ Player 4) (Version: 00.04.06.01 - nettvplus)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-07-2015 19:35:26 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
24-07-2015 06:24:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-07-2015 16:11:39 Windows Update
28-07-2015 16:25:11 Windows-Sicherung
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-06-11 15:24 - 2015-06-11 15:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01715C8D-9566-45AD-BE02-BE7EA7478F8B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0EF61142-F08C-48BF-9D30-96DF18163B77} - System32\Tasks\CoreTemp => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {22E9B6C9-A4C0-41E2-8401-6CCCFA4668F6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2A6D6A1B-A1F8-4265-BD57-6F9255DF57DA} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-07-20] (Glarysoft Ltd)
Task: {388C38E3-CC2A-446F-8380-5B22598630DC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-20] (Glarysoft Ltd)
Task: {40C74B36-95DC-44E8-96F1-6031486BF6D3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6DC08257-9D30-439D-90D2-74DE31162F69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9A71BA07-BA9E-4841-807D-7D3E21EDCADE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A5F4E90E-A039-4713-804B-2095A05CCF17} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CAD9F925-2480-4A1A-BE8E-CBBE34CC1E5D} - System32\Tasks\{93906159-D190-4A12-89B3-99C3C7FF8853} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {CCDF18BE-AD00-4166-AF5D-B6107E56E042} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2B441F0-2A40-4026-8F6A-99B0D4317F59} - System32\Tasks\{B3BACB37-C6F1-4D0E-84D7-E73EC5F68A0A} => pcalua.exe -a B:\Games\WinUAE\uninstall_winuae.exe
Task: {DB349373-3411-4FFA-B882-A735CCEC14C1} - System32\Tasks\{5B248C0F-9303-497F-9E55-A5839B45A22D} => pcalua.exe -a B:\Games\NES\NES-Emulator\nestopia.exe -d B:\Games\NES\NES-Emulator
Task: {E8799797-0243-49C2-901E-294EDD2FDB86} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {E9EE6C3B-F589-4A1A-A9F6-5A289FCA7E85} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {F0B8028E-2A1B-4A47-BA60-FC09B9372FB1} - System32\Tasks\ASUS GPU Tweak => C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe [2014-08-06] (ASUS)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "HDAudDeck"
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EE5F1B2B-FD6B-4289-A443-89DD4EDBA255}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC57A823-65AB-4CF4-81A5-4397D403B0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20CFE133-858C-483B-90F6-A62848705982}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BACF746-3A0D-471C-AADB-716BAE707473}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB3DDB49-08BE-47DF-B49C-A44F45F945E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D93F1A6-8D6A-49DA-94A4-0EB300ADDF50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E28BA78-849F-4F98-8FA8-47C5580439C7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{089453E5-A325-4510-A3A7-2CE6F84BACFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0725BB5E-DE50-4768-B00B-696DC11C11E2}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5A573F04-D4B6-4533-A3B6-C022F194F63A}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [{160AD135-2725-491F-8F75-F31F6D5F6E7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8316E254-1322-4644-AC7A-308BE417D771}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{73E8FA17-A315-45EF-8F37-12BF5E58DE6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0A58A6DC-9750-486D-B607-2AC4C7B2918B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{27658D24-2566-471E-9867-7347A635178D}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8B7C616D-640A-4967-BC21-FAE5467BC892}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DF525BFE-E1E9-4AB9-96D3-2E885CB13947}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [{11465CD7-8E0F-429E-95D2-D70088B59064}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{ECD97465-167F-4EFB-AAE2-1D7D0756ECA8}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [UDP Query User{3E3B7004-3FF0-4F1D-9819-FEE379CB8D23}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [TCP Query User{5FA87220-2D09-46AE-A7A4-B54D10DBE921}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{F805E380-ECA9-4720-9287-9584A2AC7357}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [TCP Query User{8B91D930-1B30-4706-AB04-1C7DBF6ACE83}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{E092324B-8864-4C01-A5C0-1246F7994884}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [{8C2E5D3E-6D7D-44B6-AB75-84C3B86954A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{21B3B0A9-493F-4198-899C-8B8085F9F462}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7E7FB344-EACD-4165-96C4-CE1DF3D13F37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BF536E74-5595-4856-A692-7B33563F7B4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F530096-A364-41C6-A888-9909816CECBF}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{426744FF-EBAE-4783-8BD7-1766E2B2746E}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{35ED7226-2A14-4CD3-BB00-7C822861FC00}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6A404DA7-686F-455C-9C06-07664ED34573}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{96ADB231-B0B3-489C-B1F6-E852E9F9B36F}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{0AC71FD0-1443-4EFF-A590-E45D9B8F8DD2}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{C5BE6FE0-5291-4F23-B3D3-89FC26B74375}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0DD34E2B-F85F-48C1-848A-F98C13376C92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CED41C18-506F-46C2-A7F1-460DE5D8F043}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BCB9BDE-6E2C-4662-A453-CDCD9A7530F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A73CB7AC-7542-4599-B370-FF84DF51E761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EE89C9A2-3675-4B23-A7BB-51C259769F34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{345D41CF-E0DF-4744-A5AE-BF6D6C4EF563}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9434FA3B-9735-487C-AF6A-CF72A718DAFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09F4F013-244E-4DD2-A2F3-B2AFDEEC1A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{23C8F8A9-1F71-438F-AAF6-2F522929F568}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5BC8C2C5-426D-4498-A6A2-C41F74C7CFC8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8211DB9C-4AC2-4A4F-83CE-DEE2C9400D68}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{272C0584-B76B-4734-A4A2-77C40A34623D}] => (Allow) B:\Games\BFH\BFHWebHelper.exe
FirewallRules: [{484BDD3E-353C-452D-B7D3-4D41A1B7BD8D}] => (Allow) B:\Games\BFH\BFHWebHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/28/2015 11:31:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 04:25:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 04:25:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 04:25:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 04:22:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 04:19:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/27/2015 07:16:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x58c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/27/2015 04:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x588
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Systemfehler:
=============
Error: (07/29/2015 10:54:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASGT" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2015 10:54:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (07/29/2015 10:43:47 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Microsoft Office:
=========================
Error: (07/28/2015 11:31:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 04:25:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 04:25:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 04:25:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 04:22:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 04:19:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (07/28/2015 03:23:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Mickey)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927141
Error: (07/27/2015 07:16:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058c01d0c8893d0cf6a5C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll3ae23f08-3483-11e5-841e-90e6babca255
Error: (07/27/2015 04:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6058801d0c875104074a1C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll51f8f084-346b-11e5-8418-90e6babca255
CodeIntegrity Fehler:
===================================
Date: 2015-07-29 02:44:54.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-28 03:13:05.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-27 07:09:13.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-24 11:16:14.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 15:04:19.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 06:41:49.428
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-22 07:01:30.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-21 06:51:55.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-20 06:32:23.155
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-19 20:49:20.560
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 11%
Total physical RAM: 16382.05 MB
Available physical RAM: 14487.4 MB
Total Virtual: 16382.05 MB
Available Virtual: 14359.25 MB
==================== Drives ================================
Drive a: (Seagate 1TB) (Fixed) (Total:931.51 GB) (Free:639.39 GB) NTFS
Drive b: (Seagate 1000 GB) (Fixed) (Total:931.17 GB) (Free:702.29 GB) NTFS
Drive c: () (Fixed) (Total:111.79 GB) (Free:50.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FE2675D4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 76FCC84D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3FBF5176)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== Ende von log ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von m1ck3y (Administrator) auf MICKEY (29-07-2015 10:57:18)
Gestartet von C:\Users\m1ck3y\Desktop
Geladene Profile: m1ck3y (Verfügbare Profile: m1ck3y & l3jlah)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-07-20] (Glarysoft Ltd)
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C0BA8A3E-6804-48B1-93D8-098A2353C75C}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-28]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-02] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-07-11] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-04] (Glarysoft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 10:57 - 2015-07-29 10:57 - 00009807 _____ C:\Users\m1ck3y\Desktop\FRST.txt
2015-07-29 10:57 - 2015-07-29 10:57 - 00000000 ____D C:\FRST
2015-07-29 10:48 - 2015-07-29 10:48 - 00000000 ___HD C:\$Windows.~WS
2015-07-29 10:41 - 2015-07-29 10:41 - 02146816 _____ (Farbar) C:\Users\m1ck3y\Desktop\FRST64.exe
2015-07-28 16:23 - 2015-07-29 10:50 - 00014409 _____ C:\Windows\setupact.log
2015-07-28 16:23 - 2015-07-29 10:50 - 00000439 _____ C:\Windows\setuperr.log
2015-07-28 15:56 - 2015-07-29 10:50 - 00007082 _____ C:\Windows\diagwrn.xml
2015-07-28 15:56 - 2015-07-29 10:50 - 00006952 _____ C:\Windows\diagerr.xml
2015-07-28 15:12 - 2015-07-28 15:13 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\vlc
2015-07-27 21:06 - 2015-07-27 21:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-27 18:26 - 2015-07-24 06:21 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-27 17:05 - 2015-07-27 17:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-27 16:11 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:41 - 2015-07-27 16:30 - 00003002 _____ C:\Windows\System32\Tasks\ASUS GPU Tweak
2015-07-27 12:39 - 2015-07-27 16:30 - 00002986 _____ C:\Windows\System32\Tasks\CoreTemp
2015-07-27 00:26 - 2015-07-29 10:45 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-27 00:25 - 2015-07-29 04:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-27 00:25 - 2015-07-27 00:25 - 00001134 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-27 00:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-27 00:23 - 2015-07-29 10:54 - 01069498 _____ C:\Windows\WindowsUpdate.log
2015-07-27 00:22 - 2015-07-27 00:22 - 00000683 _____ C:\Users\m1ck3y\Desktop\Fraps.lnk
2015-07-27 00:21 - 2015-07-27 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-07-27 00:06 - 2015-07-27 00:06 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\CEF
2015-07-27 00:01 - 2015-07-27 00:01 - 00000939 _____ C:\Users\m1ck3y\Desktop\Steam.lnk
2015-07-27 00:00 - 2015-07-27 00:00 - 00000909 _____ C:\Users\m1ck3y\Desktop\CPU-Z.lnk
2015-07-25 00:43 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-25 00:43 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-25 00:43 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-25 00:43 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-25 00:43 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iPod
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-23 23:08 - 2015-07-24 06:21 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-22 22:25 - 2015-07-22 22:25 - 00003312 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-22 22:25 - 2015-07-22 22:25 - 00002970 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-21 06:21 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 06:21 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 06:57 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 06:57 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 06:19 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 06:19 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 06:19 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 06:19 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 06:19 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 06:19 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 06:19 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 06:19 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 06:19 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 06:19 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 06:19 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 06:19 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 06:19 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 06:19 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 06:19 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 06:19 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 06:19 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 06:19 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 06:19 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 06:19 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 06:19 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 06:19 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 06:18 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 06:18 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:18 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 06:18 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 06:18 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 06:18 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 06:18 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:18 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 06:18 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 06:18 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 06:18 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 06:18 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 06:17 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 06:17 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 06:17 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 06:17 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 06:17 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 06:17 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 06:17 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 06:17 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 06:17 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 06:17 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 06:17 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 06:17 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 06:17 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 06:17 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 06:17 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 06:17 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 06:17 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 06:17 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 06:17 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 06:17 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 06:17 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 06:17 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 06:17 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 06:17 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 06:17 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 06:17 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 06:17 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 06:17 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 06:16 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 06:16 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 06:16 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 06:16 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 06:16 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 06:16 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 06:16 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 06:16 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 06:16 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 06:16 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-11 21:39 - 2015-07-11 21:39 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\ESN
2015-07-10 19:29 - 2015-07-29 10:49 - 00000000 ___HD C:\$Windows.~BT
2015-07-08 20:32 - 2015-07-08 20:32 - 00000979 _____ C:\Users\m1ck3y\Desktop\GPU-Z.lnk
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2015-07-08 12:31 - 2015-07-08 12:31 - 00007602 _____ C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
2015-07-05 10:43 - 2015-07-05 11:03 - 00000000 ____D C:\Users\l3jlah\Desktop\Flowers
2015-07-03 21:54 - 2015-07-04 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 10:50 - 2015-04-06 15:23 - 00000000 ____D C:\Windows\Panther
2015-07-29 10:50 - 2015-04-06 14:59 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2E756853-EE45-40C9-9F7F-0E07554DD0BE}
2015-07-29 10:50 - 2014-03-18 12:03 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 10:50 - 2014-03-18 11:25 - 00726688 _____ C:\Windows\system32\perfh007.dat
2015-07-29 10:50 - 2014-03-18 11:25 - 00151380 _____ C:\Windows\system32\perfc007.dat
2015-07-29 10:48 - 2015-04-06 14:32 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1001
2015-07-29 10:43 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-29 10:43 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 10:43 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-29 10:42 - 2015-04-06 18:27 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\JDownloader v2.0
2015-07-29 10:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-29 09:59 - 2015-04-06 18:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 08:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-29 07:46 - 2015-06-10 12:41 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EFE052BD-2E86-4D2D-9DC8-BC8E897EFFE8}
2015-07-29 04:25 - 2015-06-11 16:30 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-28 22:15 - 2015-06-11 15:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\vlc
2015-07-28 16:09 - 2015-04-15 21:45 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-07-28 12:30 - 2015-04-06 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-07-28 06:53 - 2015-04-06 22:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1004
2015-07-27 18:26 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-27 16:49 - 2015-04-15 21:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\JAM Software
2015-07-27 16:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 00:15 - 2015-06-01 10:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 16:05 - 2015-04-06 21:59 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\Origin
2015-07-25 10:09 - 2015-04-06 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-24 06:21 - 2015-04-06 18:13 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2015-04-06 18:13 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 23:09 - 2015-04-06 18:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-23 13:18 - 2015-04-06 21:44 - 00000000 ___RD C:\Users\l3jlah\Desktop\NewMods
2015-07-22 22:25 - 2015-04-15 21:45 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-21 12:37 - 2015-04-15 21:43 - 00347872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 20:49 - 2015-04-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 07:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 07:00 - 2015-04-06 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-15 06:59 - 2015-04-06 18:25 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 06:57 - 2015-04-06 15:44 - 00000000 ____D C:\Windows\system32\MRT
2015-07-11 21:39 - 2015-04-17 19:11 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-11 21:36 - 2015-04-17 19:11 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-08 20:33 - 2015-04-11 12:37 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-07-07 22:08 - 2015-05-04 11:44 - 00001106 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-07-05 19:21 - 2015-04-06 14:26 - 00000000 ____D C:\Users\m1ck3y
2015-07-05 18:59 - 2015-04-06 18:36 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Origin
2015-07-05 12:08 - 2015-04-06 15:45 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 09:21 - 2015-04-06 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2015-04-06 15:44 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 20:54 - 2015-04-12 11:30 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieUserList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieSiteList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieBrowserModeList
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-08 12:31 - 2015-07-08 12:31 - 0007602 _____ () C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_1285987372563826868.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_2693695413324671472.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_4799849925856133150.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_5316211035364318025.dll
C:\Users\l3jlah\AppData\Local\Temp\JNativeHook_6627871448769734756.dll
C:\Users\m1ck3y\AppData\Local\Temp\Quarantine.exe
C:\Users\m1ck3y\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-27 07:09
==================== Ende von log ============================
|
|
29.07.2015, 13:36
| #11 |
| /// TB-Ausbilder | Öffnen mancher Programme dauert 2-3 Minuten Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
29.07.2015, 14:18
| #12 |
| | Öffnen mancher Programme dauert 2-3 Minuten Ok habs schon hier einmal der fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von m1ck3y (2015-07-29 15:37:31) Run:1
Gestartet von C:\Users\m1ck3y\Desktop
Geladene Profile: m1ck3y (Verfügbare Profile: m1ck3y & l3jlah)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
========= RemoveProxy: =========
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
EmptyTemp: => 190.5 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 15:37:34 ====
Geändert von m1ck3y (29.07.2015 um 14:40 Uhr) |
|
29.07.2015, 15:07
| #13 |
| /// TB-Ausbilder | Öffnen mancher Programme dauert 2-3 Minuten Servus, ok, fehlen nur noch 3 Schritte...  |
|
29.07.2015, 15:44
| #14 |
| | Öffnen mancher Programme dauert 2-3 Minuten Ja, bin gerade beim ESET Scanner. Der sagt aber er hat bereits einen Trojaner gefunden. OK fertig. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2c15e5f3e2fd5048a630127cdb28b0d6
# end=init
# utc_time=2015-07-29 01:40:38
# local_time=2015-07-29 03:40:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25028
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2c15e5f3e2fd5048a630127cdb28b0d6
# end=updated
# utc_time=2015-07-29 01:42:53
# local_time=2015-07-29 03:42:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2c15e5f3e2fd5048a630127cdb28b0d6
# engine=25028
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-29 02:20:39
# local_time=2015-07-29 04:20:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 56807 15262031 0 0
# scanned=320531
# found=1
# cleaned=1
# scan_time=2265
sh=68A29D5F55C90E5992E60832291BEB9EC9B7044D ft=1 fh=a49f9d176ea489f2 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="B:\Downloads\FIFA 15 Ultimate Team Edition MULTi2\F15.UTE_M2.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.006
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 18.0.0.209
Mozilla Firefox (39.0)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von m1ck3y (Administrator) auf MICKEY (29-07-2015 16:44:00)
Gestartet von C:\Users\m1ck3y\Desktop
Geladene Profile: m1ck3y (Verfügbare Profile: m1ck3y & l3jlah)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AppWork GmbH) C:\Users\m1ck3y\AppData\Local\JDownloader v2.0\JDownloader2.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-07-20] (Glarysoft Ltd)
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C0BA8A3E-6804-48B1-93D8-098A2353C75C}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\m1ck3y\AppData\Roaming\Mozilla\Firefox\Profiles\yhtlr7zb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-28]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-07-11] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-04] (Glarysoft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 16:44 - 2015-07-29 16:44 - 00011117 _____ C:\Users\m1ck3y\Desktop\FRST.txt
2015-07-29 15:37 - 2015-07-29 16:44 - 00000000 ____D C:\FRST
2015-07-29 15:32 - 2015-07-29 15:32 - 02169856 _____ (Farbar) C:\Users\m1ck3y\Desktop\FRST64.exe
2015-07-29 15:13 - 2015-07-29 15:13 - 02870984 _____ (ESET) C:\Users\m1ck3y\Desktop\esetsmartinstaller_deu.exe
2015-07-29 15:13 - 2015-07-29 15:13 - 00852684 _____ C:\Users\m1ck3y\Desktop\SecurityCheck.exe
2015-07-29 11:00 - 2015-07-29 11:00 - 00000000 ___HD C:\$Windows.~WS
2015-07-28 16:23 - 2015-07-29 15:38 - 00016347 _____ C:\Windows\setupact.log
2015-07-28 16:23 - 2015-07-29 10:50 - 00000439 _____ C:\Windows\setuperr.log
2015-07-28 15:56 - 2015-07-29 10:50 - 00007082 _____ C:\Windows\diagwrn.xml
2015-07-28 15:56 - 2015-07-29 10:50 - 00006952 _____ C:\Windows\diagerr.xml
2015-07-28 15:12 - 2015-07-28 15:13 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\vlc
2015-07-27 21:06 - 2015-07-27 21:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-27 18:26 - 2015-07-24 06:21 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-27 17:05 - 2015-07-27 17:05 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-27 16:11 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:41 - 2015-07-27 16:30 - 00003002 _____ C:\Windows\System32\Tasks\ASUS GPU Tweak
2015-07-27 12:39 - 2015-07-27 16:30 - 00002986 _____ C:\Windows\System32\Tasks\CoreTemp
2015-07-27 00:26 - 2015-07-29 10:45 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-27 00:25 - 2015-07-29 04:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-27 00:25 - 2015-07-27 00:25 - 00001134 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-07-27 00:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-27 00:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-27 00:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-27 00:23 - 2015-07-29 16:07 - 01128258 _____ C:\Windows\WindowsUpdate.log
2015-07-27 00:22 - 2015-07-27 00:22 - 00000683 _____ C:\Users\m1ck3y\Desktop\Fraps.lnk
2015-07-27 00:21 - 2015-07-27 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-07-27 00:06 - 2015-07-27 00:06 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\CEF
2015-07-27 00:01 - 2015-07-27 00:01 - 00000939 _____ C:\Users\m1ck3y\Desktop\Steam.lnk
2015-07-27 00:00 - 2015-07-27 00:00 - 00000909 _____ C:\Users\m1ck3y\Desktop\CPU-Z.lnk
2015-07-25 00:43 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-25 00:43 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-25 00:43 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-25 00:43 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-25 00:43 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-25 00:43 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-25 00:43 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iTunes
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files\iPod
2015-07-23 23:09 - 2015-07-23 23:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-23 23:08 - 2015-07-24 06:21 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-23 23:08 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-22 22:25 - 2015-07-22 22:25 - 00003312 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-22 22:25 - 2015-07-22 22:25 - 00002970 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-21 06:21 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 06:21 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 06:21 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 06:57 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-16 06:57 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 06:19 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 06:19 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 06:19 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 06:19 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 06:19 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 06:19 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 06:19 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 06:19 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 06:19 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 06:19 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 06:19 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 06:19 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 06:19 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 06:19 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 06:19 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 06:19 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 06:19 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 06:19 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 06:19 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 06:19 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 06:19 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 06:19 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 06:19 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 06:19 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 06:19 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 06:18 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 06:18 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 06:18 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 06:18 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 06:18 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 06:18 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 06:18 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 06:18 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 06:18 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 06:18 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 06:18 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 06:18 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 06:18 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 06:18 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 06:18 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 06:18 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 06:18 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 06:18 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 06:18 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 06:17 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 06:17 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 06:17 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 06:17 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 06:17 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 06:17 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 06:17 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 06:17 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 06:17 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 06:17 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 06:17 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 06:17 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 06:17 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 06:17 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 06:17 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 06:17 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 06:17 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 06:17 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 06:17 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 06:17 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 06:17 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 06:17 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 06:17 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 06:17 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 06:17 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 06:17 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 06:17 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 06:17 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 06:17 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 06:17 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 06:17 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 06:17 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 06:17 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 06:17 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 06:17 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 06:17 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 06:17 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 06:17 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 06:16 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 06:16 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 06:16 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 06:16 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 06:16 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 06:16 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 06:16 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 06:16 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 06:16 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 06:16 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 06:16 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-11 21:39 - 2015-07-11 21:39 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\ESN
2015-07-10 19:29 - 2015-07-29 10:49 - 00000000 ___HD C:\$Windows.~BT
2015-07-08 20:32 - 2015-07-08 20:32 - 00000979 _____ C:\Users\m1ck3y\Desktop\GPU-Z.lnk
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-07-08 20:32 - 2015-07-08 20:32 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2015-07-08 12:31 - 2015-07-08 12:31 - 00007602 _____ C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
2015-07-05 10:43 - 2015-07-05 11:03 - 00000000 ____D C:\Users\l3jlah\Desktop\Flowers
2015-07-03 21:54 - 2015-07-04 09:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-29 16:41 - 2015-04-06 18:27 - 00000000 ____D C:\Users\m1ck3y\AppData\Local\JDownloader v2.0
2015-07-29 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-29 15:59 - 2015-04-06 18:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 15:45 - 2014-03-18 12:03 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 15:45 - 2014-03-18 11:25 - 00726688 _____ C:\Windows\system32\perfh007.dat
2015-07-29 15:45 - 2014-03-18 11:25 - 00151380 _____ C:\Windows\system32\perfc007.dat
2015-07-29 15:38 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-29 15:38 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 14:07 - 2015-06-10 12:41 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EFE052BD-2E86-4D2D-9DC8-BC8E897EFFE8}
2015-07-29 11:40 - 2015-06-11 15:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\vlc
2015-07-29 11:39 - 2015-04-06 15:23 - 00000000 ____D C:\Windows\Panther
2015-07-29 11:16 - 2015-04-06 14:32 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1001
2015-07-29 10:50 - 2015-04-06 14:59 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2E756853-EE45-40C9-9F7F-0E07554DD0BE}
2015-07-29 10:43 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-29 08:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-29 04:25 - 2015-06-11 16:30 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-28 16:09 - 2015-04-15 21:45 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-07-28 12:30 - 2015-04-06 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-07-28 06:53 - 2015-04-06 22:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1474457362-1224508852-2511664465-1004
2015-07-27 18:26 - 2015-04-06 14:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-27 16:49 - 2015-04-15 21:56 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\JAM Software
2015-07-27 16:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 00:15 - 2015-06-01 10:55 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 16:05 - 2015-04-06 21:59 - 00000000 ____D C:\Users\l3jlah\AppData\Roaming\Origin
2015-07-25 10:09 - 2015-04-06 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-24 06:21 - 2015-04-06 18:13 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2015-04-06 18:13 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 23:09 - 2015-04-06 18:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-23 13:18 - 2015-04-06 21:44 - 00000000 ___RD C:\Users\l3jlah\Desktop\NewMods
2015-07-22 22:25 - 2015-04-15 21:45 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-21 12:37 - 2015-04-15 21:43 - 00347872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 20:49 - 2015-04-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 10:25 - 2015-06-04 15:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 07:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 08:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 07:00 - 2015-04-06 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-15 06:59 - 2015-04-06 18:25 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 06:58 - 2015-04-06 16:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 06:57 - 2015-04-06 15:44 - 00000000 ____D C:\Windows\system32\MRT
2015-07-11 21:39 - 2015-04-17 19:11 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-11 21:36 - 2015-04-17 19:11 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-08 20:33 - 2015-04-11 12:37 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-07-07 22:08 - 2015-05-04 11:44 - 00001106 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-07-05 19:21 - 2015-04-06 14:26 - 00000000 ____D C:\Users\m1ck3y
2015-07-05 18:59 - 2015-04-06 18:36 - 00000000 ____D C:\Users\m1ck3y\AppData\Roaming\Origin
2015-07-05 12:08 - 2015-04-06 15:45 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 09:21 - 2015-04-06 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2015-04-06 15:44 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 20:54 - 2015-04-12 11:30 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieUserList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieSiteList
2015-06-29 13:05 - 2015-06-10 12:41 - 00000000 __SHD C:\Users\l3jlah\AppData\Local\EmieBrowserModeList
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-08 12:31 - 2015-07-08 12:31 - 0007602 _____ () C:\Users\m1ck3y\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\m1ck3y\AppData\Local\Temp\JNativeHook_594975299761368017.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-27 07:09
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von m1ck3y (2015-07-29 16:44:18)
Gestartet von C:\Users\m1ck3y\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1474457362-1224508852-2511664465-500 - Administrator - Disabled)
Gast (S-1-5-21-1474457362-1224508852-2511664465-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1474457362-1224508852-2511664465-1003 - Limited - Enabled)
l3jlah (S-1-5-21-1474457362-1224508852-2511664465-1004 - Limited - Enabled) => C:\Users\l3jlah
m1ck3y (S-1-5-21-1474457362-1224508852-2511664465-1001 - Administrator - Enabled) => C:\Users\m1ck3y
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Glary Utilities PRO 5.30 (HKLM-x32\...\Glary Utilities 5) (Version: 5.30.0.50 - Glarysoft Ltd)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
Nettv+ Player 4 (HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\Nettv+ Player 4) (Version: 00.04.06.01 - nettvplus)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-07-2015 19:35:26 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
24-07-2015 06:24:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
27-07-2015 16:11:39 Windows Update
28-07-2015 16:25:11 Windows-Sicherung
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-06-11 15:24 - 2015-06-11 15:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01715C8D-9566-45AD-BE02-BE7EA7478F8B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0EF61142-F08C-48BF-9D30-96DF18163B77} - System32\Tasks\CoreTemp => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {22E9B6C9-A4C0-41E2-8401-6CCCFA4668F6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2A6D6A1B-A1F8-4265-BD57-6F9255DF57DA} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-07-20] (Glarysoft Ltd)
Task: {388C38E3-CC2A-446F-8380-5B22598630DC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-07-20] (Glarysoft Ltd)
Task: {40C74B36-95DC-44E8-96F1-6031486BF6D3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6DC08257-9D30-439D-90D2-74DE31162F69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9A71BA07-BA9E-4841-807D-7D3E21EDCADE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A5F4E90E-A039-4713-804B-2095A05CCF17} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {C845F99A-CD8E-49D5-B41B-C0BAA6DE04DA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {CAD9F925-2480-4A1A-BE8E-CBBE34CC1E5D} - System32\Tasks\{93906159-D190-4A12-89B3-99C3C7FF8853} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {CCDF18BE-AD00-4166-AF5D-B6107E56E042} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2B441F0-2A40-4026-8F6A-99B0D4317F59} - System32\Tasks\{B3BACB37-C6F1-4D0E-84D7-E73EC5F68A0A} => pcalua.exe -a B:\Games\WinUAE\uninstall_winuae.exe
Task: {DB349373-3411-4FFA-B882-A735CCEC14C1} - System32\Tasks\{5B248C0F-9303-497F-9E55-A5839B45A22D} => pcalua.exe -a B:\Games\NES\NES-Emulator\nestopia.exe -d B:\Games\NES\NES-Emulator
Task: {E8799797-0243-49C2-901E-294EDD2FDB86} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F0B8028E-2A1B-4A47-BA60-FC09B9372FB1} - System32\Tasks\ASUS GPU Tweak => C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe [2014-08-06] (ASUS)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-04-06 14:37 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-17 19:11 - 2015-07-11 21:36 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-29 16:41 - 2015-07-29 16:41 - 00566439 _____ () C:\Users\m1ck3y\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2015-07-29 16:41 - 2015-07-29 16:41 - 04078962 _____ () C:\Users\m1ck3y\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2015-04-06 18:51 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\m1ck3y\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "HDAudDeck"
HKU\S-1-5-21-1474457362-1224508852-2511664465-1001\...\StartupApproved\Run: => "GUDelayStartup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EE5F1B2B-FD6B-4289-A443-89DD4EDBA255}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC57A823-65AB-4CF4-81A5-4397D403B0C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20CFE133-858C-483B-90F6-A62848705982}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BACF746-3A0D-471C-AADB-716BAE707473}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB3DDB49-08BE-47DF-B49C-A44F45F945E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D93F1A6-8D6A-49DA-94A4-0EB300ADDF50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0E28BA78-849F-4F98-8FA8-47C5580439C7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{089453E5-A325-4510-A3A7-2CE6F84BACFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0725BB5E-DE50-4768-B00B-696DC11C11E2}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5A573F04-D4B6-4533-A3B6-C022F194F63A}B:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) B:\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [{160AD135-2725-491F-8F75-F31F6D5F6E7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8316E254-1322-4644-AC7A-308BE417D771}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{73E8FA17-A315-45EF-8F37-12BF5E58DE6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0A58A6DC-9750-486D-B607-2AC4C7B2918B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{27658D24-2566-471E-9867-7347A635178D}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8B7C616D-640A-4967-BC21-FAE5467BC892}] => (Allow) B:\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DF525BFE-E1E9-4AB9-96D3-2E885CB13947}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [{11465CD7-8E0F-429E-95D2-D70088B59064}] => (Allow) B:\Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{ECD97465-167F-4EFB-AAE2-1D7D0756ECA8}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [UDP Query User{3E3B7004-3FF0-4F1D-9819-FEE379CB8D23}B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe] => (Block) B:\downloads\nero 2015 platinum v16.0.03000 portable\nero 2015.exe
FirewallRules: [TCP Query User{5FA87220-2D09-46AE-A7A4-B54D10DBE921}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{F805E380-ECA9-4720-9287-9584A2AC7357}B:\games\murdered - soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered - soul suspect\binaries\win64\murdered.exe
FirewallRules: [TCP Query User{8B91D930-1B30-4706-AB04-1C7DBF6ACE83}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [UDP Query User{E092324B-8864-4C01-A5C0-1246F7994884}B:\games\murdered soul suspect\binaries\win64\murdered.exe] => (Block) B:\games\murdered soul suspect\binaries\win64\murdered.exe
FirewallRules: [{8C2E5D3E-6D7D-44B6-AB75-84C3B86954A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{21B3B0A9-493F-4198-899C-8B8085F9F462}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7E7FB344-EACD-4165-96C4-CE1DF3D13F37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BF536E74-5595-4856-A692-7B33563F7B4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F530096-A364-41C6-A888-9909816CECBF}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{426744FF-EBAE-4783-8BD7-1766E2B2746E}] => (Allow) B:\Games\Murdered Soul Suspect\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{35ED7226-2A14-4CD3-BB00-7C822861FC00}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6A404DA7-686F-455C-9C06-07664ED34573}] => (Allow) B:\Games\Payday 2\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{96ADB231-B0B3-489C-B1F6-E852E9F9B36F}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{0AC71FD0-1443-4EFF-A590-E45D9B8F8DD2}] => (Allow) B:\Games\BFH\bfh.exe
FirewallRules: [{C5BE6FE0-5291-4F23-B3D3-89FC26B74375}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0DD34E2B-F85F-48C1-848A-F98C13376C92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CED41C18-506F-46C2-A7F1-460DE5D8F043}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BCB9BDE-6E2C-4662-A453-CDCD9A7530F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A73CB7AC-7542-4599-B370-FF84DF51E761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EE89C9A2-3675-4B23-A7BB-51C259769F34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{345D41CF-E0DF-4744-A5AE-BF6D6C4EF563}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9434FA3B-9735-487C-AF6A-CF72A718DAFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09F4F013-244E-4DD2-A2F3-B2AFDEEC1A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{23C8F8A9-1F71-438F-AAF6-2F522929F568}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5BC8C2C5-426D-4498-A6A2-C41F74C7CFC8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8211DB9C-4AC2-4A4F-83CE-DEE2C9400D68}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{272C0584-B76B-4734-A4A2-77C40A34623D}] => (Allow) B:\Games\BFH\BFHWebHelper.exe
FirewallRules: [{484BDD3E-353C-452D-B7D3-4D41A1B7BD8D}] => (Allow) B:\Games\BFH\BFHWebHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/29/2015 04:38:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/29/2015 03:40:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/29/2015 03:40:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/29/2015 03:40:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/29/2015 03:40:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/29/2015 03:37:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0000000000101e60
ID des fehlerhaften Prozesses: 0x368
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_DiagTrack4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_DiagTrack5
Error: (07/29/2015 03:36:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/29/2015 03:31:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (07/28/2015 11:31:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/28/2015 04:25:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (07/29/2015 03:49:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (07/29/2015 03:41:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/29/2015 03:41:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\m1ck3y\AppData\Local\Temp\ehdrv.sys
Error: (07/29/2015 03:41:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/29/2015 03:41:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\m1ck3y\AppData\Local\Temp\ehdrv.sys
Error: (07/29/2015 03:41:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/29/2015 03:41:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\m1ck3y\AppData\Local\Temp\ehdrv.sys
Error: (07/29/2015 03:37:59 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (07/29/2015 03:37:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2015 03:37:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Microsoft Office:
=========================
Error: (07/29/2015 04:38:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/29/2015 03:40:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\m1ck3y\Desktop\esetsmartinstaller_deu.exe
Error: (07/29/2015 03:40:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\m1ck3y\Desktop\esetsmartinstaller_deu.exe
Error: (07/29/2015 03:40:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\m1ck3y\Desktop\esetsmartinstaller_deu.exe
Error: (07/29/2015 03:40:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\m1ck3y\Desktop\esetsmartinstaller_deu.exe
Error: (07/29/2015 03:37:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c000000d0000000000101e6036801d0c9e26772c6e1C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf96c1645-35f6-11e5-8425-90e6babca255
Error: (07/29/2015 03:36:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\m1ck3y\Desktop\esetsmartinstaller_deu.exe
Error: (07/29/2015 03:31:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestB:\Downloads\esetsmartinstaller_deu.exe
Error: (07/28/2015 11:31:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (07/28/2015 04:25:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
CodeIntegrity:
===================================
Date: 2015-07-29 02:44:54.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-28 03:13:05.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-27 07:09:13.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-24 11:16:14.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 15:04:19.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-23 06:41:49.428
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-22 07:01:30.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-21 06:51:55.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-20 06:32:23.155
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-19 20:49:20.560
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 20%
Total physical RAM: 16382.05 MB
Available physical RAM: 12947.74 MB
Total Virtual: 16382.05 MB
Available Virtual: 12563.44 MB
==================== Drives ================================
Drive a: (Seagate 1TB) (Fixed) (Total:931.51 GB) (Free:638.37 GB) NTFS
Drive b: (Seagate 1000 GB) (Fixed) (Total:931.17 GB) (Free:695.18 GB) NTFS
Drive c: () (Fixed) (Total:111.79 GB) (Free:43.85 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FE2675D4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 76FCC84D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3FBF5176)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== Ende von log ============================
Geändert von m1ck3y (29.07.2015 um 15:43 Uhr) |
|
30.07.2015, 13:21
| #15 | ||||||||||
| /// TB-Ausbilder | Öffnen mancher Programme dauert 2-3 Minuten Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
| Themen zu Öffnen mancher Programme dauert 2-3 Minuten |
| andere, anti, dauert, diverse, einstellungen, excel, festplatte, fraps, gecheckt, gefunde, hardware, malware, malwarebytes, minute, minuten, mozilla, nichts, platte, programme, ram, tagen, temp, verbesserung, windows, öffnen |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
