| |
| |||||||
Log-Analyse und Auswertung: Plötzliches abstürzen und sehr langsames hochfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.09.2015, 17:23
| #1 |
| |  Plötzliches abstürzen und sehr langsames hochfahren Hallo erstmal Ich habe seit geraumer Zeit ein problem, mein Computer fährt z.B. bei dem Spiel Dead Island nach ca 15 Minuten Spielzeit einfach so ohne Vorwahrnung runter und gleich wieder hoch. Dieses Problem findet aber nicht nur bei diesem Spiel statt sonder war vorher auch bei ARK Survivel Evolved ebenfalls so, aber mittlerweile nicht mehr. Mein Computer braucht zwar bis zum Benutzeranmelden nicht lange aber danach dauert es mindestens 5 Minuten und wird zunehmend langsamer. Neu aufgesetzt habe ich meinen PC ca vor 3 Monaten. Danach habe ich einen Stick eingesteckt wo von meinem Vater war und meine Bewerbungsunterlagen darauf sind, seitdem Spinnt mein PC extrem. Ich habe auch rausgefunden das auf dem Stick diverse Viren drauf sind, ich aber keine ahnung habe was genau. Ich weiss nur das diese Viren mein Anti Viren Programm auf dem PC entfernen und wenn ich es erneut dauf mache auch nicht finden. Vor 2-3 Tagen habe ich Anti Malware Malwarebytes durchlaufen lassen sogar 2 mal, den 2. Bericht werde ich hier anhängen, den 1. habe ich leider nicht mehr. Danke schonmal im Voraus Liebe Grüsse Dahaiz Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 24.09.2015 Suchlaufzeit: 19:24 Protokolldatei: ergebniss 1 malware.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.24.04 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Jana Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 360495 Abgelaufene Zeit: 13 Min., 6 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [07add063543773c39f35ac00b74b18e8], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [07add063543773c39f35ac00b74b18e8], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 5 PUP.Optional.FreeSearches, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.freesearches.info_0.localstorage, In Quarantäne, [b40049ea7f0c73c3037d1a84dc288f71], PUP.Optional.FreeSearches, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.freesearches.info_0.localstorage-journal, In Quarantäne, [f2c20b284a411026bcc4d8c6f50f3cc4], PUP.Optional.ShoppingGate, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, In Quarantäne, [f3c17fb438530a2c65f8f2cbf212c13f], PUP.Optional.ShoppingGate, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, In Quarantäne, [862ef73ce0ab79bd44195469ab59b14f], PUP.Optional.BDYahoo, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Schlecht: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"],"urls_to_restore_on_startup":["hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"},"sync":{"remaining_rollback_tries":0}}), Ersetzt,[3a7a49eabecdc96d4fd0bef81aebfb05] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
26.09.2015, 18:11
| #2 |
| /// the machine /// TB-Ausbilder    | Plötzliches abstürzen und sehr langsames hochfahren Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
26.09.2015, 20:29
| #3 |
| | Plötzliches abstürzen und sehr langsames hochfahren FRST
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Jana (Administrator) auf JANA-PC (26-09-2015 21:19:49)
Gestartet von E:\Spiele\Heartstone
Geladene Profile: Jana (Verfügbare Profile: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Spotify Ltd) C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Valve Corporation) E:\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper64.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Electronic Arts, Inc.) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
(Electronic Arts) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\Core\EACoreServer.exe
(Valve Corporation) E:\Steam\GameOverlayUI.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_encoder_server-99265.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-01] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-19] (Overwolf LTD)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify Web Helper] => C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-07-08] (Lavasoft)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Steam] => E:\Steam\steam.exe [2901184 2015-09-25] (Valve Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify] => C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\MountPoints2: {3d27645d-1b2a-11e5-a202-50e549c7b351} - H:\setup.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [342016 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [422400 2015-07-08] (Lavasoft Limited)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{77B9BB4B-F4DF-48C1-853E-CD7BA6B6E655}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> {4B9DED45-1079-4489-A15A-968B4B8257C8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/-bfr-is__alt__ddc_dsssyc_bd_com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2193431405-2545998550-1313679102-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-14] ()
FF Extension: Adblock Plus - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-02]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-25]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Night Time In New York City) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2015-07-17]
CHR Extension: (Little Alchemy) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-07-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-09-15] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-08-20] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-07-08] (Lavasoft Limited)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1740968 2015-07-01] (Micro-Star INT'L CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-30] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1006320 2015-08-19] (Overwolf LTD)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [13312 2015-07-08] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2015-02-25] (AVG Technologies)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-24] ()
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-01-13] (TuneUp Software)
S3 ALSysIO; \??\C:\Users\Jana\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-26 21:19 - 2015-09-26 21:19 - 00000000 ____D C:\FRST
2015-09-26 17:29 - 2015-09-26 17:29 - 00000561 _____ C:\Windows\wmsetup.log
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ____D C:\Users\Jana\Documents\DeadIsland
2015-09-25 04:25 - 2015-09-25 04:46 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-25 04:25 - 2015-09-25 04:25 - 00000200 _____ C:\Users\Jana\Desktop\Escape Rosecliff Island.url
2015-09-25 04:25 - 2015-09-25 04:25 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SteamPopCapv1002
2015-09-24 19:38 - 2015-09-24 19:38 - 00002946 _____ C:\Users\Jana\Documents\ergebniss 1 malware.txt
2015-09-23 22:24 - 2015-09-23 22:24 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard
2015-09-23 22:20 - 2015-09-23 22:24 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-09-23 22:20 - 2015-09-23 22:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-23 22:20 - 2015-09-23 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-09-23 22:18 - 2015-09-23 22:18 - 00001100 _____ C:\Users\Jana\Desktop\Battle.net.lnk
2015-09-23 22:17 - 2015-09-23 22:17 - 03056696 _____ (Blizzard Entertainment) C:\Users\Jana\Downloads\Hearthstone-Setup-deDE.exe
2015-09-21 12:52 - 2015-09-21 12:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-18 21:20 - 2015-09-18 21:20 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen2
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.mono
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Local\I Am Bread
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\ProgramData\.mono
2015-09-17 20:59 - 2015-09-17 20:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen
2015-09-15 16:57 - 2015-09-15 17:06 - 00000000 ____D C:\Users\Jana\Documents\DayZ
2015-09-14 20:43 - 2015-09-14 20:43 - 00000000 ____D C:\Users\Jana\Documents\The Witcher 3
2015-09-14 00:29 - 2015-09-14 20:48 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-09-13 20:13 - 2015-09-13 20:13 - 00000552 _____ C:\Windows\KB893803v2.log
2015-09-13 20:11 - 2015-09-14 20:48 - 00000000 ____D C:\Users\Public\Documents\Tauschen
2015-09-13 16:33 - 2015-09-14 23:19 - 00000000 ____D C:\Users\Jana\Documents\gothic3
2015-09-11 13:32 - 2015-09-11 13:32 - 00000000 ____D C:\ProgramData\Ubisoft
2015-09-10 20:53 - 2015-09-10 20:53 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard Entertainment
2015-09-10 20:52 - 2015-09-26 17:04 - 00000000 ____D C:\Users\Jana\AppData\Local\Battle.net
2015-09-10 20:52 - 2015-09-25 20:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-10 20:52 - 2015-09-23 22:20 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Battle.net
2015-09-10 20:52 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-10 20:51 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Battle.net
2015-09-04 20:09 - 2015-09-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-28 00:38 - 2015-08-28 00:38 - 00000000 ____D C:\Users\Jana\AppData\Local\The Witcher 2
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-26 21:20 - 2015-05-14 14:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-26 20:57 - 2015-05-14 12:54 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2015-09-26 20:55 - 2015-06-26 10:41 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-26 19:05 - 2015-05-20 16:29 - 00000000 ____D C:\Users\Jana\Documents\My Games
2015-09-26 18:55 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2015-09-26 18:54 - 2015-05-14 14:05 - 00619802 _____ C:\Windows\DirectX.log
2015-09-26 18:16 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-26 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-26 18:07 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-26 18:07 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-26 18:03 - 2015-05-13 21:39 - 02013567 _____ C:\Windows\WindowsUpdate.log
2015-09-26 18:02 - 2015-06-26 10:44 - 00000000 ___RD C:\Users\Jana\Dropbox
2015-09-26 18:02 - 2015-06-26 10:41 - 00000000 ____D C:\Users\Jana\AppData\Local\Dropbox
2015-09-26 18:01 - 2015-05-14 12:04 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Raptr
2015-09-26 17:58 - 2015-05-14 13:03 - 00000000 ____D C:\Users\Jana\AppData\Local\Overwolf
2015-09-26 17:57 - 2015-05-21 15:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Spotify
2015-09-26 17:56 - 2009-07-14 06:51 - 00059327 _____ C:\Windows\setupact.log
2015-09-26 17:55 - 2015-06-26 10:41 - 00001206 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-26 17:55 - 2015-05-21 15:02 - 00000000 ____D C:\Users\Jana\AppData\Local\Spotify
2015-09-26 17:54 - 2015-06-30 18:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-26 17:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-26 17:18 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana
2015-09-26 14:52 - 2015-05-24 16:53 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2015-09-24 19:24 - 2015-08-25 13:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 22:15 - 2015-05-24 17:44 - 00000024 _____ C:\Users\Jana\AppData\Roaming\appdataFr25.bin
2015-09-23 20:25 - 2015-08-03 13:56 - 00000000 ____D C:\Users\Jana\AppData\Local\Akamai
2015-09-23 17:27 - 2015-06-24 18:09 - 00000000 ____D C:\Users\Jana\Documents\Electronic Arts
2015-09-23 17:20 - 2015-08-11 19:20 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 17:20 - 2015-05-14 14:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 13:11 - 2015-06-03 13:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 13:10 - 2015-06-03 13:27 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-21 12:52 - 2015-05-14 12:54 - 00000000 ____D C:\ProgramData\Skype
2015-09-18 12:15 - 2015-06-30 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-18 12:15 - 2015-06-30 18:29 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-18 12:15 - 2015-06-30 18:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-14 20:47 - 2015-05-20 16:14 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-13 16:33 - 2015-07-01 10:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-11 13:41 - 2015-08-13 21:48 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Ubisoft
2015-09-10 02:33 - 2015-05-14 18:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\OBS
2015-09-09 17:50 - 2015-05-23 19:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.technic
2015-09-09 17:50 - 2015-05-23 19:46 - 04718800 _____ () C:\Users\Jana\Downloads\TechnicLauncher (2).exe
2015-09-05 05:50 - 2010-11-21 05:47 - 00946340 _____ C:\Windows\PFRO.log
2015-09-04 20:09 - 2015-06-26 10:41 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-02 10:50 - 2015-05-20 13:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2015-08-31 08:56 - 2015-05-14 13:03 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-27 19:26 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-21 14:30 - 2015-07-01 22:13 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-07-21 12:01 - 2015-08-08 13:11 - 0000020 _____ () C:\Users\Jana\AppData\Roaming\appdataFr2.bin
2015-05-24 17:44 - 2015-09-23 22:15 - 0000024 _____ () C:\Users\Jana\AppData\Roaming\appdataFr25.bin
2015-06-10 23:55 - 2015-08-25 00:55 - 0000245 _____ () C:\Users\Jana\AppData\Roaming\WB.CFG
2015-06-11 22:12 - 2015-06-11 22:12 - 0004981 _____ () C:\Users\Jana\AppData\Local\recently-used.xbel
2015-05-23 13:11 - 2015-05-23 13:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{B3CC0DD3-C94B-4AB2-8AE9-52BE8A34A777}
2015-05-22 16:10 - 2015-05-22 16:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{D4FE8BB4-D3BB-4CD1-8236-C9420B284809}
Einige Dateien in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\11623b5826b25220f93ee9b2ca33e05c.dll
C:\Users\Jana\AppData\Local\Temp\31d6e07d87ca5eaf6b2447c07a6c1365.dll
C:\Users\Jana\AppData\Local\Temp\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
C:\Users\Jana\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jana\AppData\Local\Temp\AutoWifi.exe
C:\Users\Jana\AppData\Local\Temp\bdfilters.dll
C:\Users\Jana\AppData\Local\Temp\c9193eb49b719ceb9919577892aeb67e.dll
C:\Users\Jana\AppData\Local\Temp\C974.exe
C:\Users\Jana\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\Jana\AppData\Local\Temp\devcon64.exe
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplnxeij.dll
C:\Users\Jana\AppData\Local\Temp\InstallIMVU_518.0.exe
C:\Users\Jana\AppData\Local\Temp\InstStub.exe
C:\Users\Jana\AppData\Local\Temp\OnlineBackup.exe
C:\Users\Jana\AppData\Local\Temp\raptrpatch.exe
C:\Users\Jana\AppData\Local\Temp\raptr_stub.exe
C:\Users\Jana\AppData\Local\Temp\Second_Life_3_8_1_303130_i686_Setup.exe
C:\Users\Jana\AppData\Local\Temp\setacl.exe
C:\Users\Jana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jana\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Jana\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-23 18:12
==================== Ende von FRST.txt ============================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Jana (2015-09-26 21:20:45)
Gestartet von E:\Spiele\Heartstone
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-13 19:44:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2193431405-2545998550-1313679102-500 - Administrator - Disabled)
Gast (S-1-5-21-2193431405-2545998550-1313679102-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2193431405-2545998550-1313679102-1003 - Limited - Enabled)
Jana (S-1-5-21-2193431405-2545998550-1313679102-1000 - Administrator - Enabled) => C:\Users\Jana
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
AllCheappPPrice (HKLM-x32\...\{5A1D3F9E-73B5-95EC-1233-6646E1358965}) (Version: - "") <==== ACHTUNG
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK Dev Kit (HKLM-x32\...\Steam App 376040) (Version: - )
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version: - Ubisoft Montreal)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.0.834 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - )
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.5.0 - )
CABAL2 (US) (HKLM-x32\...\CABAL2US) (Version: - ESTsoft Corp.)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: - )
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version: - )
Escape Rosecliff Island (HKLM-x32\...\Steam App 3600) (Version: - SpinTop Games)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version: - Piranha – Bytes)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
I am Bread (HKLM-x32\...\Steam App 327890) (Version: - Bossa Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Let the Cat In (HKLM-x32\...\Steam App 369400) (Version: - Eforb)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 3.0.0.12 - MSI)
MSI Kombustor 2.5.9 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.024 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.88.101.0 - Overwolf Ltd.)
PiriceaMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version: - ) <==== ACHTUNG
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
RoboSaovverr (HKLM-x32\...\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}) (Version: - "") <==== ACHTUNG
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{98C7FE3F-886C-49FA-9C02-915B0EA801A8}) (Version: 6.1.6.0 - Husdawg, LLC)
TakeTHeCoupon (HKLM-x32\...\{53B21E29-3967-C332-57EB-C02631658584}) (Version: - "") <==== ACHTUNG
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED)
The Witcher 3 Wild Hunt Collectors Edition Incl. Free DLCs and Updates MULTi2 1.08.2 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition Incl. Free DLCs and Updates MULTi2 1.08.2) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Web Companion (HKLM-x32\...\{ae2078b5-ce58-4d47-b250-faf4b0cb78ec}) (Version: 2.0.1025.2130 - Lavasoft)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 4.0.0.12911 - Blizzard Entertainment)
XSplit Gamecaster (HKLM-x32\...\{7CBDC2CD-F5C7-4DD3-91C8-1E4D68924955}) (Version: 1.9.1409.2308 - SplitmediaLabs)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
26-09-2015 16:50:18 DirectX wurde installiert
26-09-2015 17:25:38 DirectX wurde installiert
26-09-2015 18:53:04 DirectX wurde installiert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-09-03 15:00 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {25A0EAB8-D533-4E42-BE35-006FB2F26DE3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-19] (Overwolf LTD)
Task: {3101F612-F237-451F-98A9-458DD9FDAA95} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG
Task: {437C0C8E-100A-4328-A9BC-43B7D86B72E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated)
Task: {95AEECC6-3364-42DC-AA87-E1EBEB11BCFB} - \Super Optimizer Schedule -> Keine Datei <==== ACHTUNG
Task: {9FCB676D-4770-4E37-B6DA-C80B1EE0283C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {AE129BCF-2B12-4C32-9E89-496F1297E482} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-02-25] (AVG Technologies)
Task: {AEE05D79-254E-4FD4-88C3-721325ECB64D} - \Dregol mimi -> Keine Datei <==== ACHTUNG
Task: {E0341E57-D2C8-4335-8D7C-37F2A4BCBEB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-30 18:28 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 22:23 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2015-08-19 15:51 - 2015-08-19 15:51 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.88.101.0\CoreAudioApi.dll
2015-08-19 15:51 - 2015-08-19 15:51 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.88.101.0\libcef.DLL
2015-07-08 21:41 - 2015-07-08 21:41 - 00072192 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00178176 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00040448 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00026624 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00009216 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00117248 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-07-08 21:41 - 2015-07-08 21:41 - 00032768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-07-28 12:20 - 2015-09-21 22:01 - 00778240 _____ () E:\Steam\SDL2.dll
2015-07-28 12:20 - 2015-07-03 18:12 - 04962816 _____ () E:\Steam\v8.dll
2015-07-28 12:20 - 2015-07-03 18:12 - 01556992 _____ () E:\Steam\icui18n.dll
2015-07-28 12:20 - 2015-07-03 18:12 - 01187840 _____ () E:\Steam\icuuc.dll
2015-07-28 12:20 - 2015-09-25 01:36 - 02422464 _____ () E:\Steam\video.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 02549248 _____ () E:\Steam\libavcodec-56.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00442880 _____ () E:\Steam\libavutil-54.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00491008 _____ () E:\Steam\libavformat-56.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00332800 _____ () E:\Steam\libavresample-2.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 00485888 _____ () E:\Steam\libswscale-3.dll
2015-07-28 12:20 - 2015-09-25 01:36 - 00704192 _____ () E:\Steam\bin\chromehtml.DLL
2015-07-28 12:19 - 2015-09-14 22:20 - 00193536 _____ () E:\Steam\bin\openvr_api.dll
2015-09-26 18:01 - 2015-09-26 18:01 - 00071168 _____ () c:\users\jana\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplnxeij.dll
2015-06-26 10:42 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-26 10:42 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 02:25 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-26 10:42 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-07-28 12:19 - 2015-09-24 02:33 - 44931464 _____ () E:\Steam\bin\libcef.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2015-07-27 21:32 - 2015-07-27 21:32 - 02551040 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2014-08-14 02:37 - 2014-08-14 02:37 - 00027667 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libdirectsound_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00031251 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libwaveout_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00066579 _____ () C:\Program Files (x86)\Raptr\plugins\video_output\libdirectdraw_plugin.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-07-28 12:19 - 2015-09-25 01:56 - 00119208 _____ () E:\Steam\winh264.dll
2015-08-19 15:51 - 2015-08-19 15:51 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.88.101.0\ffmpegsumo.dll
2015-09-23 17:20 - 2015-09-23 17:20 - 17592008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8488A973-F327-46B3-AE83-296FEF9D5C20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD97A397-D4A7-4B2F-B72E-472CF50487E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECF711A8-A6D5-4E2D-AB3A-CD33A3569D3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6B3AECC0-5C83-4ADE-BB3C-5FA32E66E039}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BAE0F400-ACDC-484D-BB73-960132C999DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6C4CFF03-0F38-455A-BD2F-DB1A8B9D9255}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F69BC31-C8FA-44D9-BB0C-FF381624F5F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{B9FF4890-4943-4E08-9E02-C4A1C4756580}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{01167885-7FD9-43B7-8B75-01ACA8A7F318}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{247B46F5-C2EC-431C-A4A5-F5A86E20CAB8}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{CC3FA7D3-6B9B-4C6D-A025-7DB49058DC0E}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{D71EBBEE-203C-4334-962C-984725CA0758}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{CF47FEFA-151B-4E05-A262-01851BE2735E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 3\tropico3.exe
FirewallRules: [{161D38A3-74A8-467D-BFB0-47132AB77D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 3\tropico3.exe
FirewallRules: [{2FB96A09-864B-44C8-A6D6-0CA890DA85D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{EB6B0B3A-2371-4E47-B866-B1397EE1E7C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [TCP Query User{A4AE4492-34B8-4431-B054-6320F1E0F3DA}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2300C7B1-82C0-44BC-9BD3-172CCF0475FD}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{F10322C8-BA1D-475E-8B06-C1EB845F9B62}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{F2311507-7BE3-45EF-BF71-E870B070B36A}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{D8BB5BA7-1BF6-480F-995A-CD52729C6B16}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{99D4B6C0-CD45-467B-8C8D-EC04A0C23075}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BE4B09A4-8A88-406F-9509-6BE474E67A32}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{6810985C-6B95-44C9-80CB-17CEE67F257D}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{81E4A913-0343-4CD6-8431-2B13AD739D35}] => (Allow) C:\Users\Jana\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{C1E81C9E-C745-46BC-B12D-E3571FC2104A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{CEB4B246-0461-4915-AA39-CFFAF2664660}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\I am Alive\src\SYSTEM\IAmAlive_game.exe
FirewallRules: [{DDE24903-ADD7-4FB2-BEE0-12214968708E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{9DA7C4F2-E2BA-4EF4-8906-123BD2529E62}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4061F835-7C0B-46EF-9951-47ADDC83EC3F}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{20836AF1-54D7-4228-8A49-B45081A3DD34}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DF1D83D-D8CD-4AEA-9ADA-DC79A39E99DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{51FF9908-CDB0-41FB-8B8B-6D271A50BE0A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E5CDE8C7-B5A3-4518-B38B-EEE4E7F76E1B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{63390C09-E196-4A45-A716-BC53CEA7EAC0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C984F52-36F5-4364-A029-F61810B0B21F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C9A8F0F9-3C0F-4E61-B6D7-8173233C3D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{04DA3E49-C184-4A0E-98D3-793D8A56B827}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DCDCE570-86B8-4F32-8D05-51A67B439E38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9C392E3B-2BB3-4F86-A139-4224FAF3AD54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{349F5141-A798-4960-BE18-CDD2EE10A415}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{8CE5416A-8ACF-4299-ADDC-E50300B41799}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{F29084E8-83EB-4026-BEC1-6F2EC78A2AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{AA5DFA12-F9DF-489A-9F6C-E2AE384AF9F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{77FD7116-9F42-4A02-8EFB-D79A6A6B86DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{24D2F823-8373-43D5-9925-E1E333ABD1E3}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{847BF85F-457F-473F-96C8-18E080CF9F51}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{0DD6C5B6-26DE-4931-984A-990E671FB57B}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CBB37F2B-26C4-49A2-8340-6433524944F9}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CC7FDBC0-6C80-4B2C-B5F3-E164E544890E}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{26E5918E-FF5B-4278-BA72-44B37656DB06}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{C78193C2-58BB-45F6-A7E1-88BBA4454A06}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A92CE14A-932D-4CDE-B6BA-F8A0F28E90AC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{960A6807-B3BE-45CE-9BCB-EFE05C0F6967}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F33B44C7-E0D5-49E3-837C-2B1CACF05CA4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{60FF84CC-FDFB-420E-8CDF-69944F8040D5}] => (Allow) E:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{4F867B56-435A-4A05-A7CB-3B2FC4F7BB19}] => (Allow) E:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{9B4E4EC2-1058-471E-82A9-0DA7C4BA2D98}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3B2C8059-AB49-4046-8FEB-8656841448BD}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [{26F7D56C-22AF-4C56-A8C8-8EB6E269D832}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{3EFE8283-1007-4C96-8268-1052689D40BA}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{CDEFF3B3-1957-42BA-9788-83BA3CAA41E3}E:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{A9E7DB70-3642-43B9-9628-C97A607E6340}E:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) E:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{6F8C118E-95AA-4955-B248-D54513BC1B84}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{6D72F81C-9AC0-44A8-8211-D9EE53EBF694}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{8381A7F0-F668-46ED-8F97-D60AE664AA4E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{76FF1BD1-8D94-418E-BF7B-1F57FF3E9B4B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{FF444B21-EB65-47E0-92D0-1F6347209303}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{A1BB3872-6EDE-4DCA-A2A6-ED680C25E4D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{79753295-1DC4-48E7-8C1D-E168C094C1FF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{76C4464E-456E-4389-8894-CEEC64D68DA5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{5D845B3E-3984-4FAC-9A6D-C11B63590F10}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{ADCEAAD1-68C9-4780-BF76-8433DC733CDF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{86B4022C-CA53-4476-8EA7-129C355C9E02}] => (Allow) E:\Spiele\FarCry 4\bin\FarCry4.exe
FirewallRules: [{DEE9FE1E-10A7-448E-BB33-BF30A47C6177}] => (Allow) E:\Spiele\FarCry 4\bin\FarCry4.exe
FirewallRules: [{4C48AC4F-28E4-4B58-8686-7A9ECC69EE90}] => (Allow) E:\Spiele\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{07BA8CC6-C3BF-458E-AAB8-498776D0B853}] => (Allow) E:\Spiele\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{BF25CB90-38DE-4A0E-908B-0ADB8A9B5146}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{40E94111-45E9-48C1-837C-5B810AA7A72A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{34A42307-CA4D-4DAE-81C2-816598F71B71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AA293453-93A2-4DD9-A80D-E3E43A5BE11F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B5E33E4A-CC0A-4C2E-B350-55BFFFCEC688}] => (Allow) E:\Spiele\World of Warcraft\Launcher.exe
FirewallRules: [{AF460A19-4C0D-4005-9D04-DCFFF3B51DF8}] => (Allow) E:\Spiele\World of Warcraft\Launcher.exe
FirewallRules: [{0364FC8E-F191-4BFB-8D56-6C2F34CC3B88}] => (Allow) E:\Spiele\World of Warcraft\Launcher.patch.exe
FirewallRules: [{3B6FCA10-795D-4225-9F57-FBE66E8596D8}] => (Allow) E:\Spiele\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{4085BFDA-A0FB-449E-AD16-3CEEBC63B349}E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Block) E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [UDP Query User{921AA088-D935-4680-9222-060537D6627A}E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Block) E:\spiele\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [TCP Query User{EDAF84A6-8E50-44B1-A084-8B1A36296398}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{66E777C5-A3BC-4CFF-8BC8-CDA34F6A7FC1}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{2DA351B0-938B-43DD-9A68-C75A9071D275}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D8D9F315-30C3-43B5-B721-7CF0ED1203D4}C:\users\jana\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jana\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5DF8E7D1-87D4-41A5-B9BB-A91024E78CF6}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B2D2E91B-B442-4908-A80E-CA5B70BF434B}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{92B63195-6AE6-4B90-B823-E37F6DA29509}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9A8F5DE4-8297-4B33-92F4-E60A6AA5B881}] => (Allow) E:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [TCP Query User{20DB8347-1E9C-4525-96C9-F95C434A937B}E:\spiele\cabal2 (us)\c2launcher.exe] => (Allow) E:\spiele\cabal2 (us)\c2launcher.exe
FirewallRules: [UDP Query User{4F15F78E-1873-4AEA-859A-573836E3538F}E:\spiele\cabal2 (us)\c2launcher.exe] => (Allow) E:\spiele\cabal2 (us)\c2launcher.exe
FirewallRules: [TCP Query User{111B6D20-3A57-402B-9BF8-83B783AB0698}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DA4D875B-6944-45C1-9327-1B8BE37A6FF0}C:\users\jana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{77095D7C-A256-49D6-B9E0-EB203FEF5D6C}] => (Allow) E:\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{17E6E3A0-F04C-48BE-89AD-4B9A6434BEB0}] => (Allow) E:\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{FE34345F-0C2C-4A86-818A-5BC167128A15}] => (Allow) E:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{8F128984-286C-45A6-A150-28696E0E3A78}] => (Allow) E:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{95AEACB0-363F-4D77-A4B0-B6ECA8B1471F}E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{5B142AA5-B930-459B-81C4-95E2C544A945}E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F72F6A48-72E7-4A5C-A688-EEEEA415ED74}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C8F7DDBC-15FB-43B6-A084-5BCF8E31BBAB}C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jana\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{50C5A1C6-F871-4352-B278-D291CF05DB4B}C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe
FirewallRules: [UDP Query User{7FFB03F7-C0E8-4C9B-91AE-E6AF34B271A4}C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe
FirewallRules: [{36318557-453B-43CC-B50B-1E703A5F1F48}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{BFBBD722-9E1C-4B87-BB8C-BCCB5E7ED152}] => (Allow) E:\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{C2F199C9-3C6F-4772-AA5A-685BD084DD20}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A86A1DB7-BF6F-44DB-9508-5F7D1E1EE0FF}] => (Allow) E:\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{345BFB72-74C5-4C2C-B7B1-A795D351CE5C}] => (Allow) E:\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{C6E699CE-8139-46EC-B0DE-4A6118C3DFE1}] => (Allow) E:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{0A577E64-ECC9-4A57-8214-FCF507B98DEE}] => (Allow) E:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{B51D46EF-2335-46C7-867D-14DCC86E9C2A}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{C06128B5-0874-438F-B244-5ABD571E0569}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{64ED7D3E-5C54-4954-9D20-EEE76C57D992}] => (Allow) E:\Steam\steamapps\common\Let the Cat In\ltci_win.exe
FirewallRules: [{ACD1621F-8291-4E4C-93B4-FD660E9BE969}] => (Allow) E:\Steam\steamapps\common\Let the Cat In\ltci_win.exe
FirewallRules: [{5B3D1398-6EFB-4276-8957-F2FBBC5BD2B5}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{05ECEC53-88AD-4B65-A181-B07518236CFF}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{AEA64247-B303-4E47-9047-D33EEC62C08B}E:\steam\steamapps\common\dayz\dayz.exe] => (Block) E:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{2FD5F955-5BDD-4AC4-8C91-4210CF575FD9}E:\steam\steamapps\common\dayz\dayz.exe] => (Block) E:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{316B83AA-0633-4E99-8BF5-CE8F8B2B7F82}] => (Allow) E:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{9703F0EC-4492-4653-B37A-537E96F3FBD0}] => (Allow) E:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{55DCE7D0-E61A-4639-B848-BC1AD793D545}] => (Allow) E:\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{157500BC-8EE0-4C43-BBC2-6770DEBEE014}] => (Allow) E:\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{5F1CA52C-FE84-4B4E-AC73-6E29ECDEBDDA}] => (Allow) E:\Steam\steamapps\common\iambread\IamBread.exe
FirewallRules: [{59580046-B670-46CF-B176-FF3F9882E736}] => (Allow) E:\Steam\steamapps\common\iambread\IamBread.exe
FirewallRules: [{D935034A-7458-432D-9C46-0C2CD3198771}] => (Allow) E:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{90148E15-26BD-470F-8A1B-4B7571A7B9F3}] => (Allow) E:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{6443E3F4-2E78-472B-98BF-52B8CFE44AD6}E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{86E96FC5-F070-4026-8B73-A6203B80FD5E}E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) E:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{DF253B4C-4F3B-4DD0-A8C9-9F6EB925E5C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D523A3BB-8AB7-4C09-A4BE-4E606FF48E1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FEC042B1-A2F0-4C5D-933D-9E2E1C791335}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0837DE15-B060-4137-942C-4AA52AD10752}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CFB311C1-029A-40AB-8340-BE049658886E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{94B5C72C-881F-46F9-AF5A-D8B0C703E88A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E7BD7A2A-1E47-4518-A55F-430543480C10}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{79FDA872-F3E9-4ECF-BF1C-517B9CE8E6E0}] => (Allow) E:\Steam\steamapps\common\Escape Rosecliff Island\EscapeRosecliffIsland.exe
FirewallRules: [{930F4E29-D5FD-4242-8890-20970C44AE41}] => (Allow) E:\Steam\steamapps\common\Escape Rosecliff Island\EscapeRosecliffIsland.exe
FirewallRules: [{47436092-66B6-4C8A-AFEB-FB73B96BEA6A}] => (Allow) E:\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{7B10BBF8-7B3A-4F88-9F5B-FE6B70071D1E}] => (Allow) E:\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{7A5FDE66-FFF3-4C50-B899-93BCC4901690}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{00E016C8-683D-422F-A602-CAE497AE6E5C}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{BBD9DB68-2487-4384-BD40-E2C940D48DAB}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{9A433AA4-CE33-48CE-883C-C30B007FC8A4}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{12524152-A7CD-4BD3-8DC0-DC6BD63FADF2}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{C32C1267-5A6C-4191-8729-311B6A929FC7}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{3B035A69-0703-494D-AD54-804D79A86927}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{D7051E2F-4264-4F79-AAE7-417240FEF685}] => (Allow) E:\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: WAN-Miniport (PPPOE)
Description: WAN-Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: WAN-Miniport (PPTP)
Description: WAN-Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/26/2015 06:03:56 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (09/26/2015 06:03:56 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (09/26/2015 06:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/26/2015 05:28:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (09/26/2015 05:28:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (09/26/2015 05:24:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/26/2015 02:51:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Crysis2.exe, Version: 1.9.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556363bc
Ausnahmecode: 0x40010006
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x209c
Startzeit der fehlerhaften Anwendung: 0xCrysis2.exe0
Pfad der fehlerhaften Anwendung: Crysis2.exe1
Pfad des fehlerhaften Moduls: Crysis2.exe2
Berichtskennung: Crysis2.exe3
Error: (09/26/2015 02:05:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (09/26/2015 01:34:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (09/26/2015 01:34:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Systemfehler:
=============
Error: (09/26/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/26/2015 05:57:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG PC TuneUp Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/26/2015 05:57:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG PC TuneUp Service erreicht.
Error: (09/26/2015 05:56:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IE Search Set" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/26/2015 05:56:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IE Search Set erreicht.
Error: (09/26/2015 05:55:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA Network Service erreicht.
Error: (09/26/2015 05:54:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.09.2015 um 17:52:31 unerwartet heruntergefahren.
Error: (09/26/2015 05:25:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (09/26/2015 05:22:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/26/2015 05:20:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AVG PC TuneUp Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16301.12 MB
Verfügbarer physikalischer RAM: 11544.63 MB
Summe virtueller Speicher: 32600.44 MB
Verfügbarer virtueller Speicher: 26508.39 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:227.1 GB) (Free:50.06 GB) NTFS
Drive d: () (Fixed) (Total:232.88 GB) (Free:232.52 GB) NTFS
Drive e: () (Fixed) (Total:698.63 GB) (Free:419 GB) NTFS
Drive f: (BOOTCAMP) (Fixed) (Total:5.68 GB) (Free:2.04 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EF84348A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=227.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5.7 GB) - (Type=0B)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 64069762)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F20F790F)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
27.09.2015, 13:52
| #4 |
| /// the machine /// TB-Ausbilder | Plötzliches abstürzen und sehr langsames hochfahren Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.09.2015, 16:38
| #5 |
| | Plötzliches abstürzen und sehr langsames hochfahrenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.27.04
rootkit: v2015.09.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Jana :: JANA-PC [administrator]
27.09.2015 16:59:11
mbar-log-2015-09-27 (16-59-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 362384
Time elapsed: 23 minute(s), 5 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 17:30:15.0122 0x2104 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:30:26.0505 0x2104 ============================================================
17:30:26.0505 0x2104 Current date / time: 2015/09/27 17:30:26.0505
17:30:26.0505 0x2104 SystemInfo:
17:30:26.0505 0x2104
17:30:26.0505 0x2104 OS Version: 6.1.7601 ServicePack: 1.0
17:30:26.0505 0x2104 Product type: Workstation
17:30:26.0505 0x2104 ComputerName: JANA-PC
17:30:26.0505 0x2104 UserName: Jana
17:30:26.0505 0x2104 Windows directory: C:\Windows
17:30:26.0505 0x2104 System windows directory: C:\Windows
17:30:26.0505 0x2104 Running under WOW64
17:30:26.0505 0x2104 Processor architecture: Intel x64
17:30:26.0505 0x2104 Number of processors: 4
17:30:26.0505 0x2104 Page size: 0x1000
17:30:26.0505 0x2104 Boot type: Normal boot
17:30:26.0505 0x2104 ============================================================
17:30:28.0275 0x2104 KLMD registered as C:\Windows\system32\drivers\54904134.sys
17:30:28.0515 0x2104 System UUID: {AEF82811-9F6E-920C-E243-F6DB6F898275}
17:30:28.0865 0x2104 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:30:29.0153 0x2104 Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:30:29.0172 0x2104 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:30:29.0185 0x2104 ============================================================
17:30:29.0185 0x2104 \Device\Harddisk0\DR0:
17:30:29.0185 0x2104 MBR partitions:
17:30:29.0185 0x2104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:30:29.0185 0x2104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1C632000
17:30:29.0186 0x2104 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x1C664800, BlocksNum 0xB61000
17:30:29.0186 0x2104 \Device\Harddisk2\DR2:
17:30:29.0186 0x2104 MBR partitions:
17:30:29.0186 0x2104 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
17:30:29.0186 0x2104 \Device\Harddisk1\DR1:
17:30:29.0186 0x2104 MBR partitions:
17:30:29.0186 0x2104 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
17:30:29.0186 0x2104 ============================================================
17:30:29.0209 0x2104 C: <-> \Device\Harddisk0\DR0\Partition2
17:30:29.0214 0x2104 D: <-> \Device\Harddisk1\DR1\Partition1
17:30:29.0245 0x2104 E: <-> \Device\Harddisk2\DR2\Partition1
17:30:29.0276 0x2104 F: <-> \Device\Harddisk0\DR0\Partition3
17:30:29.0276 0x2104 ============================================================
17:30:29.0276 0x2104 Initialize success
17:30:29.0276 0x2104 ============================================================
17:30:41.0248 0x23a8 ============================================================
17:30:41.0248 0x23a8 Scan started
17:30:41.0248 0x23a8 Mode: Manual; SigCheck; TDLFS;
17:30:41.0248 0x23a8 ============================================================
17:30:41.0248 0x23a8 KSN ping started
17:30:43.0605 0x23a8 KSN ping finished: true
17:30:44.0757 0x23a8 ================ Scan system memory ========================
17:30:44.0757 0x23a8 System memory - ok
17:30:44.0758 0x23a8 ================ Scan services =============================
17:30:44.0928 0x23a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:30:44.0985 0x23a8 1394ohci - ok
17:30:45.0012 0x23a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:30:45.0023 0x23a8 ACPI - ok
17:30:45.0039 0x23a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:30:45.0065 0x23a8 AcpiPmi - ok
17:30:45.0198 0x23a8 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:45.0214 0x23a8 AdobeFlashPlayerUpdateSvc - ok
17:30:45.0282 0x23a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:30:45.0306 0x23a8 adp94xx - ok
17:30:45.0339 0x23a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:30:45.0354 0x23a8 adpahci - ok
17:30:45.0383 0x23a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:30:45.0394 0x23a8 adpu320 - ok
17:30:45.0418 0x23a8 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:30:45.0451 0x23a8 AeLookupSvc - ok
17:30:45.0538 0x23a8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:30:45.0591 0x23a8 AFD - ok
17:30:45.0638 0x23a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:30:45.0650 0x23a8 agp440 - ok
17:30:45.0679 0x23a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:30:45.0696 0x23a8 ALG - ok
17:30:45.0718 0x23a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:30:45.0728 0x23a8 aliide - ok
17:30:45.0847 0x23a8 ALSysIO - ok
17:30:45.0911 0x23a8 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:30:45.0957 0x23a8 AMD External Events Utility - ok
17:30:45.0985 0x23a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:30:45.0993 0x23a8 amdide - ok
17:30:46.0049 0x23a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:30:46.0086 0x23a8 AmdK8 - ok
17:30:46.0745 0x23a8 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:30:47.0135 0x23a8 amdkmdag - ok
17:30:47.0238 0x23a8 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:30:47.0288 0x23a8 amdkmdap - ok
17:30:47.0292 0x23a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:30:47.0300 0x23a8 AmdPPM - ok
17:30:47.0353 0x23a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:30:47.0366 0x23a8 amdsata - ok
17:30:47.0426 0x23a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:30:47.0444 0x23a8 amdsbs - ok
17:30:47.0469 0x23a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:30:47.0475 0x23a8 amdxata - ok
17:30:47.0536 0x23a8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
17:30:47.0572 0x23a8 AppID - ok
17:30:47.0602 0x23a8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:30:47.0639 0x23a8 AppIDSvc - ok
17:30:47.0691 0x23a8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:30:47.0724 0x23a8 Appinfo - ok
17:30:47.0763 0x23a8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:30:47.0775 0x23a8 arc - ok
17:30:47.0792 0x23a8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:30:47.0803 0x23a8 arcsas - ok
17:30:47.0927 0x23a8 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:30:47.0943 0x23a8 aspnet_state - ok
17:30:47.0982 0x23a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:48.0042 0x23a8 AsyncMac - ok
17:30:48.0082 0x23a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:30:48.0094 0x23a8 atapi - ok
17:30:48.0152 0x23a8 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:30:48.0194 0x23a8 AtiHDAudioService - ok
17:30:48.0274 0x23a8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:48.0343 0x23a8 AudioEndpointBuilder - ok
17:30:48.0402 0x23a8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:30:48.0423 0x23a8 AudioSrv - ok
17:30:48.0489 0x23a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:30:48.0529 0x23a8 AxInstSV - ok
17:30:48.0604 0x23a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:30:48.0630 0x23a8 b06bdrv - ok
17:30:48.0696 0x23a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:48.0737 0x23a8 b57nd60a - ok
17:30:48.0787 0x23a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:30:48.0821 0x23a8 BDESVC - ok
17:30:48.0851 0x23a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:30:48.0913 0x23a8 Beep - ok
17:30:49.0040 0x23a8 [ 2EE42E7539BBF4252F7F47B288E61CEA, 2113A7C825AE2D222FD80D092BAA254AB3EFA8A2F58EC8325837A6BC611BC715 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:30:49.0064 0x23a8 BEService - ok
17:30:49.0145 0x23a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:30:49.0192 0x23a8 BFE - ok
17:30:49.0259 0x23a8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:30:49.0343 0x23a8 BITS - ok
17:30:49.0389 0x23a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:49.0426 0x23a8 blbdrive - ok
17:30:49.0483 0x23a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:30:49.0515 0x23a8 bowser - ok
17:30:49.0557 0x23a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:30:49.0597 0x23a8 BrFiltLo - ok
17:30:49.0618 0x23a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:30:49.0640 0x23a8 BrFiltUp - ok
17:30:49.0689 0x23a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:30:49.0701 0x23a8 Browser - ok
17:30:49.0726 0x23a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:30:49.0764 0x23a8 Brserid - ok
17:30:49.0793 0x23a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:49.0832 0x23a8 BrSerWdm - ok
17:30:49.0847 0x23a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:49.0871 0x23a8 BrUsbMdm - ok
17:30:49.0891 0x23a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:49.0900 0x23a8 BrUsbSer - ok
17:30:49.0930 0x23a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:30:49.0964 0x23a8 BTHMODEM - ok
17:30:50.0029 0x23a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:30:50.0066 0x23a8 bthserv - ok
17:30:50.0117 0x23a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:30:50.0174 0x23a8 cdfs - ok
17:30:50.0223 0x23a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:30:50.0263 0x23a8 cdrom - ok
17:30:50.0303 0x23a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:30:50.0337 0x23a8 CertPropSvc - ok
17:30:50.0382 0x23a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:30:50.0421 0x23a8 circlass - ok
17:30:50.0486 0x23a8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
17:30:50.0509 0x23a8 CLFS - ok
17:30:50.0566 0x23a8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:50.0580 0x23a8 clr_optimization_v2.0.50727_32 - ok
17:30:50.0627 0x23a8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:50.0640 0x23a8 clr_optimization_v2.0.50727_64 - ok
17:30:50.0727 0x23a8 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:50.0745 0x23a8 clr_optimization_v4.0.30319_32 - ok
17:30:50.0758 0x23a8 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:50.0767 0x23a8 clr_optimization_v4.0.30319_64 - ok
17:30:50.0818 0x23a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:30:50.0850 0x23a8 CmBatt - ok
17:30:50.0880 0x23a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:30:50.0887 0x23a8 cmdide - ok
17:30:50.0952 0x23a8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
17:30:50.0969 0x23a8 CNG - ok
17:30:51.0010 0x23a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:30:51.0016 0x23a8 Compbatt - ok
17:30:51.0064 0x23a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:30:51.0072 0x23a8 CompositeBus - ok
17:30:51.0094 0x23a8 COMSysApp - ok
17:30:51.0198 0x23a8 [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:30:51.0218 0x23a8 cphs - ok
17:30:51.0254 0x23a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:30:51.0260 0x23a8 crcdisk - ok
17:30:51.0330 0x23a8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:30:51.0371 0x23a8 CryptSvc - ok
17:30:51.0462 0x23a8 dbupdate - ok
17:30:51.0481 0x23a8 dbupdatem - ok
17:30:51.0543 0x23a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:30:51.0623 0x23a8 DcomLaunch - ok
17:30:51.0710 0x23a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:30:51.0769 0x23a8 defragsvc - ok
17:30:51.0816 0x23a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:30:51.0837 0x23a8 DfsC - ok
17:30:51.0897 0x23a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:30:51.0941 0x23a8 Dhcp - ok
17:30:52.0056 0x23a8 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
17:30:52.0110 0x23a8 DiagTrack - ok
17:30:52.0114 0x23a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:30:52.0140 0x23a8 discache - ok
17:30:52.0196 0x23a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:30:52.0209 0x23a8 Disk - ok
17:30:52.0249 0x23a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:30:52.0288 0x23a8 Dnscache - ok
17:30:52.0330 0x23a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:30:52.0386 0x23a8 dot3svc - ok
17:30:52.0414 0x23a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:30:52.0463 0x23a8 DPS - ok
17:30:52.0516 0x23a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:30:52.0549 0x23a8 drmkaud - ok
17:30:52.0625 0x23a8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:30:52.0658 0x23a8 DXGKrnl - ok
17:30:52.0674 0x23a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:30:52.0702 0x23a8 EapHost - ok
17:30:52.0741 0x23a8 EasyAntiCheat - ok
17:30:52.0895 0x23a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:30:52.0957 0x23a8 ebdrv - ok
17:30:52.0982 0x23a8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
17:30:52.0989 0x23a8 EFS - ok
17:30:53.0069 0x23a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:30:53.0097 0x23a8 ehRecvr - ok
17:30:53.0103 0x23a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:30:53.0133 0x23a8 ehSched - ok
17:30:53.0178 0x23a8 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
17:30:53.0185 0x23a8 ElbyCDIO - ok
17:30:53.0226 0x23a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:30:53.0243 0x23a8 elxstor - ok
17:30:53.0272 0x23a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:30:53.0295 0x23a8 ErrDev - ok
17:30:53.0348 0x23a8 [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
17:30:53.0361 0x23a8 EtronHub3 - ok
17:30:53.0416 0x23a8 [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
17:30:53.0454 0x23a8 EtronXHCI - ok
17:30:53.0506 0x23a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:30:53.0573 0x23a8 EventSystem - ok
17:30:53.0635 0x23a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:30:53.0695 0x23a8 exfat - ok
17:30:53.0743 0x23a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:30:53.0779 0x23a8 fastfat - ok
17:30:53.0843 0x23a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:30:53.0893 0x23a8 Fax - ok
17:30:53.0896 0x23a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:30:53.0903 0x23a8 fdc - ok
17:30:53.0927 0x23a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:30:53.0970 0x23a8 fdPHost - ok
17:30:54.0000 0x23a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:30:54.0022 0x23a8 FDResPub - ok
17:30:54.0042 0x23a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:30:54.0048 0x23a8 FileInfo - ok
17:30:54.0051 0x23a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:30:54.0095 0x23a8 Filetrace - ok
17:30:54.0097 0x23a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:30:54.0104 0x23a8 flpydisk - ok
17:30:54.0113 0x23a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:30:54.0122 0x23a8 FltMgr - ok
17:30:54.0203 0x23a8 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
17:30:54.0251 0x23a8 FontCache - ok
17:30:54.0294 0x23a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:54.0306 0x23a8 FontCache3.0.0.0 - ok
17:30:54.0313 0x23a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:30:54.0324 0x23a8 FsDepends - ok
17:30:54.0346 0x23a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:30:54.0354 0x23a8 Fs_Rec - ok
17:30:54.0421 0x23a8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:30:54.0441 0x23a8 fvevol - ok
17:30:54.0453 0x23a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:30:54.0460 0x23a8 gagp30kx - ok
17:30:54.0508 0x23a8 [ 3EB903DA33CB9E11BDCD62F38430DB40, 14CA13E79FBB4EF8CCA530B7AD8F5B579C59F9589B86CABEFDA152359E3D52B6 ] GamingApp_Service C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
17:30:54.0518 0x23a8 GamingApp_Service - ok
17:30:54.0621 0x23a8 [ 024299B2B0E1C11320A4592570D8DE20, 16FB3982E718F2834D1272D400F92AD6319A0C197227C5D61AF87B3C8D2D4759 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:30:54.0645 0x23a8 GfExperienceService - ok
17:30:54.0704 0x23a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:30:54.0762 0x23a8 gpsvc - ok
17:30:54.0817 0x23a8 gupdate - ok
17:30:54.0848 0x23a8 gupdatem - ok
17:30:54.0883 0x23a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:30:54.0921 0x23a8 hcw85cir - ok
17:30:55.0026 0x23a8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:55.0052 0x23a8 HdAudAddService - ok
17:30:55.0107 0x23a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:30:55.0128 0x23a8 HDAudBus - ok
17:30:55.0146 0x23a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:30:55.0157 0x23a8 HidBatt - ok
17:30:55.0163 0x23a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:30:55.0198 0x23a8 HidBth - ok
17:30:55.0216 0x23a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:30:55.0247 0x23a8 HidIr - ok
17:30:55.0288 0x23a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:30:55.0328 0x23a8 hidserv - ok
17:30:55.0393 0x23a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:30:55.0404 0x23a8 HidUsb - ok
17:30:55.0417 0x23a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:30:55.0474 0x23a8 hkmsvc - ok
17:30:55.0529 0x23a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:55.0563 0x23a8 HomeGroupListener - ok
17:30:55.0607 0x23a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:55.0644 0x23a8 HomeGroupProvider - ok
17:30:55.0683 0x23a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:30:55.0691 0x23a8 HpSAMD - ok
17:30:55.0769 0x23a8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:30:55.0791 0x23a8 HTTP - ok
17:30:55.0801 0x23a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:30:55.0806 0x23a8 hwpolicy - ok
17:30:55.0849 0x23a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:30:55.0865 0x23a8 i8042prt - ok
17:30:55.0940 0x23a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:30:55.0960 0x23a8 iaStorV - ok
17:30:55.0994 0x23a8 [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:30:56.0003 0x23a8 ICCS - ok
17:30:56.0074 0x23a8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:56.0102 0x23a8 idsvc - ok
17:30:56.0121 0x23a8 IEEtwCollectorService - ok
17:30:56.0325 0x23a8 [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:56.0458 0x23a8 igfx - ok
17:30:56.0480 0x23a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:30:56.0486 0x23a8 iirsp - ok
17:30:56.0521 0x23a8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:30:56.0543 0x23a8 IKEEXT - ok
17:30:56.0565 0x23a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:30:56.0570 0x23a8 intelide - ok
17:30:56.0583 0x23a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:30:56.0590 0x23a8 intelppm - ok
17:30:56.0617 0x23a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:30:56.0662 0x23a8 IPBusEnum - ok
17:30:56.0693 0x23a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:56.0756 0x23a8 IpFilterDriver - ok
17:30:56.0839 0x23a8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:30:56.0883 0x23a8 iphlpsvc - ok
17:30:56.0887 0x23a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:30:56.0899 0x23a8 IPMIDRV - ok
17:30:56.0927 0x23a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:30:56.0965 0x23a8 IPNAT - ok
17:30:56.0989 0x23a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:30:57.0030 0x23a8 IRENUM - ok
17:30:57.0079 0x23a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:30:57.0090 0x23a8 isapnp - ok
17:30:57.0135 0x23a8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:30:57.0151 0x23a8 iScsiPrt - ok
17:30:57.0176 0x23a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:57.0186 0x23a8 kbdclass - ok
17:30:57.0230 0x23a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:57.0271 0x23a8 kbdhid - ok
17:30:57.0339 0x23a8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
17:30:57.0352 0x23a8 KeyIso - ok
17:30:57.0417 0x23a8 [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:30:57.0431 0x23a8 KSecDD - ok
17:30:57.0481 0x23a8 [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:30:57.0498 0x23a8 KSecPkg - ok
17:30:57.0538 0x23a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:30:57.0576 0x23a8 ksthunk - ok
17:30:57.0610 0x23a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:30:57.0667 0x23a8 KtmRm - ok
17:30:57.0734 0x23a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:30:57.0774 0x23a8 LanmanServer - ok
17:30:57.0801 0x23a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:57.0849 0x23a8 LanmanWorkstation - ok
17:30:58.0027 0x23a8 [ FF7B65801373BEDD5A1530F6616CBF39, 80AD36DC0D12A7393E97576DE2012CD3E9C17231228862566CA1C9EEFB445667 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
17:30:58.0078 0x23a8 LavasoftTcpService - ok
17:30:58.0132 0x23a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:30:58.0196 0x23a8 lltdio - ok
17:30:58.0262 0x23a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:30:58.0318 0x23a8 lltdsvc - ok
17:30:58.0371 0x23a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:30:58.0407 0x23a8 lmhosts - ok
17:30:58.0467 0x23a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:30:58.0482 0x23a8 LSI_FC - ok
17:30:58.0525 0x23a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:30:58.0534 0x23a8 LSI_SAS - ok
17:30:58.0543 0x23a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:30:58.0551 0x23a8 LSI_SAS2 - ok
17:30:58.0563 0x23a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:30:58.0570 0x23a8 LSI_SCSI - ok
17:30:58.0590 0x23a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:30:58.0612 0x23a8 luafv - ok
17:30:58.0832 0x23a8 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
17:30:58.0918 0x23a8 LVUVC64 - ok
17:30:58.0972 0x23a8 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:30:58.0982 0x23a8 MBAMProtector - ok
17:30:59.0066 0x23a8 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:30:59.0091 0x23a8 MBAMService - ok
17:30:59.0133 0x23a8 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:30:59.0144 0x23a8 MBAMWebAccessControl - ok
17:30:59.0294 0x23a8 [ D8DBCF7C20F3D39AA0037C64118A5FC4, B29CD8F9C3AFED9C55716A331496FC98F563BBB895BF7D36A5C54DCEA37A7366 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
17:30:59.0312 0x23a8 McComponentHostService - ok
17:30:59.0343 0x23a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:30:59.0357 0x23a8 Mcx2Svc - ok
17:30:59.0372 0x23a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:30:59.0381 0x23a8 megasas - ok
17:30:59.0454 0x23a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:30:59.0475 0x23a8 MegaSR - ok
17:30:59.0524 0x23a8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:30:59.0534 0x23a8 MEIx64 - ok
17:30:59.0561 0x23a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:30:59.0621 0x23a8 MMCSS - ok
17:30:59.0646 0x23a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:30:59.0709 0x23a8 Modem - ok
17:30:59.0745 0x23a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:30:59.0762 0x23a8 monitor - ok
17:30:59.0812 0x23a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:30:59.0822 0x23a8 mouclass - ok
17:30:59.0866 0x23a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:30:59.0905 0x23a8 mouhid - ok
17:30:59.0955 0x23a8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:30:59.0967 0x23a8 mountmgr - ok
17:31:00.0045 0x23a8 [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:00.0057 0x23a8 MozillaMaintenance - ok
17:31:00.0080 0x23a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:31:00.0091 0x23a8 mpio - ok
17:31:00.0097 0x23a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:31:00.0121 0x23a8 mpsdrv - ok
17:31:00.0175 0x23a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:31:00.0209 0x23a8 MpsSvc - ok
17:31:00.0242 0x23a8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:31:00.0277 0x23a8 MRxDAV - ok
17:31:00.0315 0x23a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:00.0349 0x23a8 mrxsmb - ok
17:31:00.0381 0x23a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:00.0439 0x23a8 mrxsmb10 - ok
17:31:00.0479 0x23a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:00.0492 0x23a8 mrxsmb20 - ok
17:31:00.0518 0x23a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:31:00.0527 0x23a8 msahci - ok
17:31:00.0553 0x23a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:31:00.0563 0x23a8 msdsm - ok
17:31:00.0575 0x23a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:31:00.0612 0x23a8 MSDTC - ok
17:31:00.0642 0x23a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:31:00.0679 0x23a8 Msfs - ok
17:31:00.0719 0x23a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:31:00.0753 0x23a8 mshidkmdf - ok
17:31:00.0771 0x23a8 MSICDSetup - ok
17:31:00.0797 0x23a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:31:00.0808 0x23a8 msisadrv - ok
17:31:00.0851 0x23a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:31:00.0905 0x23a8 MSiSCSI - ok
17:31:00.0908 0x23a8 msiserver - ok
17:31:01.0028 0x23a8 [ 2095C98556A250D573B76C808AD2DA4B, FFF2E69BC05F57A0445373B058B632702365C196D4AB9DD01971636C717A4F72 ] MSI_LiveUpdate_Service C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
17:31:01.0065 0x23a8 MSI_LiveUpdate_Service - ok
17:31:01.0106 0x23a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:31:01.0138 0x23a8 MSKSSRV - ok
17:31:01.0200 0x23a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:01.0255 0x23a8 MSPCLOCK - ok
17:31:01.0289 0x23a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:31:01.0325 0x23a8 MSPQM - ok
17:31:01.0361 0x23a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:31:01.0372 0x23a8 MsRPC - ok
17:31:01.0382 0x23a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:31:01.0388 0x23a8 mssmbios - ok
17:31:01.0419 0x23a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:31:01.0440 0x23a8 MSTEE - ok
17:31:01.0462 0x23a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:31:01.0487 0x23a8 MTConfig - ok
17:31:01.0491 0x23a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:31:01.0497 0x23a8 Mup - ok
17:31:01.0552 0x23a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:31:01.0594 0x23a8 napagent - ok
17:31:01.0650 0x23a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:31:01.0674 0x23a8 NativeWifiP - ok
17:31:01.0774 0x23a8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:31:01.0801 0x23a8 NDIS - ok
17:31:01.0840 0x23a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:01.0905 0x23a8 NdisCap - ok
17:31:01.0948 0x23a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:01.0985 0x23a8 NdisTapi - ok
17:31:02.0010 0x23a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:02.0055 0x23a8 Ndisuio - ok
17:31:02.0062 0x23a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:02.0093 0x23a8 NdisWan - ok
17:31:02.0096 0x23a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:31:02.0128 0x23a8 NDProxy - ok
17:31:02.0152 0x23a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:31:02.0173 0x23a8 NetBIOS - ok
17:31:02.0181 0x23a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:31:02.0220 0x23a8 NetBT - ok
17:31:02.0243 0x23a8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
17:31:02.0250 0x23a8 Netlogon - ok
17:31:02.0314 0x23a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:31:02.0363 0x23a8 Netman - ok
17:31:02.0480 0x23a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0498 0x23a8 NetMsmqActivator - ok
17:31:02.0537 0x23a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0553 0x23a8 NetPipeActivator - ok
17:31:02.0583 0x23a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:31:02.0641 0x23a8 netprofm - ok
17:31:02.0646 0x23a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0654 0x23a8 NetTcpActivator - ok
17:31:02.0659 0x23a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:02.0668 0x23a8 NetTcpPortSharing - ok
17:31:02.0741 0x23a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:31:02.0753 0x23a8 nfrd960 - ok
17:31:02.0783 0x23a8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:31:02.0852 0x23a8 NlaSvc - ok
17:31:02.0894 0x23a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:31:02.0929 0x23a8 Npfs - ok
17:31:02.0954 0x23a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:31:02.0992 0x23a8 nsi - ok
17:31:03.0005 0x23a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:31:03.0025 0x23a8 nsiproxy - ok
17:31:03.0113 0x23a8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:31:03.0146 0x23a8 Ntfs - ok
17:31:03.0149 0x23a8 NTIOLib_1_0_C - ok
17:31:03.0162 0x23a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:31:03.0182 0x23a8 Null - ok
17:31:03.0246 0x23a8 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:31:03.0261 0x23a8 NVHDA - ok
17:31:03.0643 0x23a8 [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:31:03.0819 0x23a8 nvlddmkm - ok
17:31:03.0976 0x23a8 [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:31:04.0012 0x23a8 NvNetworkService - ok
17:31:04.0063 0x23a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:31:04.0076 0x23a8 nvraid - ok
17:31:04.0120 0x23a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:31:04.0132 0x23a8 nvstor - ok
17:31:04.0151 0x23a8 [ D6E22C63F1F2B2B5B5E95F70BEBDB2BC, 5BE351CB15218EBC7F0C9B5919A8949BD61FEC6182123B589DF50B44C8A3CA9E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:31:04.0158 0x23a8 NvStreamKms - ok
17:31:04.0790 0x23a8 [ C982FE172EA1C7B840C4243C5AB3F8BE, 7CC5BC1F9817E8E0910775FB1EC943345900829D4702538CA7A6138FDF0FAA7F ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:31:05.0213 0x23a8 NvStreamSvc - ok
17:31:05.0309 0x23a8 [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc C:\Windows\system32\nvvsvc.exe
17:31:05.0333 0x23a8 nvsvc - ok
17:31:05.0342 0x23a8 [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:31:05.0348 0x23a8 nvvad_WaveExtensible - ok
17:31:05.0398 0x23a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:31:05.0413 0x23a8 nv_agp - ok
17:31:05.0419 0x23a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:31:05.0454 0x23a8 ohci1394 - ok
17:31:05.0613 0x23a8 [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:31:05.0661 0x23a8 Origin Client Service - ok
17:31:05.0752 0x23a8 [ 5DA721914AB0FA95177C088D6EE788AF, EBF3C3587DB6FA49ABB14C4FCC9E6BE2D43D7F068B1F32E2DC7C4F75467AA5B7 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
17:31:05.0773 0x23a8 OverwolfUpdater - ok
17:31:05.0808 0x23a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:31:05.0833 0x23a8 p2pimsvc - ok
17:31:05.0857 0x23a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:31:05.0896 0x23a8 p2psvc - ok
17:31:05.0935 0x23a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:31:05.0978 0x23a8 Parport - ok
17:31:06.0023 0x23a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:31:06.0036 0x23a8 partmgr - ok
17:31:06.0064 0x23a8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:31:06.0108 0x23a8 PcaSvc - ok
17:31:06.0142 0x23a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:31:06.0159 0x23a8 pci - ok
17:31:06.0182 0x23a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:31:06.0188 0x23a8 pciide - ok
17:31:06.0203 0x23a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:31:06.0212 0x23a8 pcmcia - ok
17:31:06.0225 0x23a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:31:06.0231 0x23a8 pcw - ok
17:31:06.0276 0x23a8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:31:06.0335 0x23a8 PEAUTH - ok
17:31:06.0422 0x23a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:31:06.0437 0x23a8 PerfHost - ok
17:31:06.0512 0x23a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:31:06.0560 0x23a8 pla - ok
17:31:06.0632 0x23a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:31:06.0680 0x23a8 PlugPlay - ok
17:31:06.0741 0x23a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:31:06.0780 0x23a8 PNRPAutoReg - ok
17:31:06.0821 0x23a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:31:06.0843 0x23a8 PNRPsvc - ok
17:31:06.0890 0x23a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:31:06.0952 0x23a8 PolicyAgent - ok
17:31:06.0992 0x23a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:31:07.0057 0x23a8 Power - ok
17:31:07.0118 0x23a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:31:07.0156 0x23a8 PptpMiniport - ok
17:31:07.0179 0x23a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:31:07.0187 0x23a8 Processor - ok
17:31:07.0214 0x23a8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:31:07.0245 0x23a8 ProfSvc - ok
17:31:07.0274 0x23a8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:07.0287 0x23a8 ProtectedStorage - ok
17:31:07.0333 0x23a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:31:07.0363 0x23a8 Psched - ok
17:31:07.0464 0x23a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:31:07.0495 0x23a8 ql2300 - ok
17:31:07.0515 0x23a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:31:07.0523 0x23a8 ql40xx - ok
17:31:07.0559 0x23a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:31:07.0583 0x23a8 QWAVE - ok
17:31:07.0586 0x23a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:31:07.0619 0x23a8 QWAVEdrv - ok
17:31:07.0642 0x23a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:31:07.0688 0x23a8 RasAcd - ok
17:31:07.0734 0x23a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:07.0768 0x23a8 RasAgileVpn - ok
17:31:07.0782 0x23a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:31:07.0805 0x23a8 RasAuto - ok
17:31:07.0813 0x23a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:07.0834 0x23a8 Rasl2tp - ok
17:31:07.0888 0x23a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:31:07.0946 0x23a8 RasMan - ok
17:31:07.0951 0x23a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:07.0983 0x23a8 RasPppoe - ok
17:31:08.0027 0x23a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:31:08.0085 0x23a8 RasSstp - ok
17:31:08.0116 0x23a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:31:08.0141 0x23a8 rdbss - ok
17:31:08.0154 0x23a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:31:08.0186 0x23a8 rdpbus - ok
17:31:08.0229 0x23a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:08.0289 0x23a8 RDPCDD - ok
17:31:08.0373 0x23a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:31:08.0406 0x23a8 RDPENCDD - ok
17:31:08.0411 0x23a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:31:08.0434 0x23a8 RDPREFMP - ok
17:31:08.0459 0x23a8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:31:08.0489 0x23a8 RDPWD - ok
17:31:08.0496 0x23a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:31:08.0505 0x23a8 rdyboost - ok
17:31:08.0576 0x23a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:31:08.0630 0x23a8 RemoteAccess - ok
17:31:08.0676 0x23a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:31:08.0743 0x23a8 RemoteRegistry - ok
17:31:08.0771 0x23a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:31:08.0836 0x23a8 RpcEptMapper - ok
17:31:08.0873 0x23a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:31:08.0887 0x23a8 RpcLocator - ok
17:31:08.0917 0x23a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:31:08.0952 0x23a8 RpcSs - ok
17:31:09.0001 0x23a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:31:09.0066 0x23a8 rspndr - ok
17:31:09.0151 0x23a8 [ 439F755B450CF66B139742CA32AACF9F, DB047454CE026E71F7F5A0B4158D667D7E439A2B5A4F3CC008649FCDBA22A727 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:31:09.0179 0x23a8 RTL8167 - ok
17:31:09.0189 0x23a8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
17:31:09.0196 0x23a8 SamSs - ok
17:31:09.0208 0x23a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:31:09.0214 0x23a8 sbp2port - ok
17:31:09.0229 0x23a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:31:09.0254 0x23a8 SCardSvr - ok
17:31:09.0263 0x23a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:31:09.0324 0x23a8 scfilter - ok
17:31:09.0392 0x23a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:31:09.0435 0x23a8 Schedule - ok
17:31:09.0457 0x23a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:31:09.0478 0x23a8 SCPolicySvc - ok
17:31:09.0493 0x23a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:31:09.0502 0x23a8 SDRSVC - ok
17:31:09.0583 0x23a8 [ 284996D7CDD2AFDD4AD37EE58ADCB076, F5129DEAAF1AB479B0F16D35E6D1F974A73AFE1DDDEAE7A45F28917C72A1AD3A ] SearchProtectionService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
17:31:09.0613 0x23a8 SearchProtectionService - detected UnsignedFile.Multi.Generic ( 1 )
17:31:11.0972 0x23a8 Detect skipped due to KSN trusted
17:31:11.0972 0x23a8 SearchProtectionService - ok
17:31:12.0027 0x23a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:31:12.0086 0x23a8 secdrv - ok
17:31:12.0114 0x23a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:31:12.0171 0x23a8 seclogon - ok
17:31:12.0217 0x23a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:31:12.0274 0x23a8 SENS - ok
17:31:12.0304 0x23a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:31:12.0315 0x23a8 SensrSvc - ok
17:31:12.0355 0x23a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:31:12.0368 0x23a8 Serenum - ok
17:31:12.0437 0x23a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:31:12.0469 0x23a8 Serial - ok
17:31:12.0512 0x23a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:31:12.0548 0x23a8 sermouse - ok
17:31:12.0579 0x23a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:31:12.0610 0x23a8 SessionEnv - ok
17:31:12.0640 0x23a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:31:12.0670 0x23a8 sffdisk - ok
17:31:12.0689 0x23a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:31:12.0716 0x23a8 sffp_mmc - ok
17:31:12.0730 0x23a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:31:12.0739 0x23a8 sffp_sd - ok
17:31:12.0766 0x23a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:31:12.0773 0x23a8 sfloppy - ok
17:31:12.0839 0x23a8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:31:12.0899 0x23a8 SharedAccess - ok
17:31:12.0936 0x23a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:12.0963 0x23a8 ShellHWDetection - ok
17:31:12.0980 0x23a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:31:12.0986 0x23a8 SiSRaid2 - ok
17:31:13.0002 0x23a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:31:13.0008 0x23a8 SiSRaid4 - ok
17:31:13.0051 0x23a8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:31:13.0072 0x23a8 SkypeUpdate - ok
17:31:13.0115 0x23a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:31:13.0137 0x23a8 Smb - ok
17:31:13.0154 0x23a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:31:13.0188 0x23a8 SNMPTRAP - ok
17:31:13.0216 0x23a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:31:13.0225 0x23a8 spldr - ok
17:31:13.0273 0x23a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:31:13.0320 0x23a8 Spooler - ok
17:31:13.0464 0x23a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:31:13.0563 0x23a8 sppsvc - ok
17:31:13.0595 0x23a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:31:13.0651 0x23a8 sppuinotify - ok
17:31:13.0711 0x23a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:31:13.0734 0x23a8 srv - ok
17:31:13.0752 0x23a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:31:13.0787 0x23a8 srv2 - ok
17:31:13.0828 0x23a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:31:13.0836 0x23a8 srvnet - ok
17:31:13.0888 0x23a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:31:13.0961 0x23a8 SSDPSRV - ok
17:31:13.0992 0x23a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:31:14.0015 0x23a8 SstpSvc - ok
17:31:14.0235 0x23a8 [ CE21C361EAA587AC778AD7422FFC3E84, AE8DB90661E67BDAB1A6E75341DEF27DF0FDA1765576D1260EC1384419628CE5 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:31:14.0255 0x23a8 Steam Client Service - ok
17:31:14.0327 0x23a8 [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:31:14.0347 0x23a8 Stereo Service - ok
17:31:14.0364 0x23a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:31:14.0373 0x23a8 stexstor - ok
17:31:14.0442 0x23a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:31:14.0464 0x23a8 stisvc - ok
17:31:14.0469 0x23a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:31:14.0475 0x23a8 swenum - ok
17:31:14.0510 0x23a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:31:14.0541 0x23a8 swprv - ok
17:31:14.0611 0x23a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:31:14.0651 0x23a8 SysMain - ok
17:31:14.0656 0x23a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:14.0668 0x23a8 TabletInputService - ok
17:31:14.0677 0x23a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:31:14.0726 0x23a8 TapiSrv - ok
17:31:14.0751 0x23a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:31:14.0797 0x23a8 TBS - ok
17:31:14.0900 0x23a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:31:14.0938 0x23a8 Tcpip - ok
17:31:15.0052 0x23a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:31:15.0090 0x23a8 TCPIP6 - ok
17:31:15.0115 0x23a8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:31:15.0153 0x23a8 tcpipreg - ok
17:31:15.0196 0x23a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:31:15.0208 0x23a8 TDPIPE - ok
17:31:15.0242 0x23a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:31:15.0255 0x23a8 TDTCP - ok
17:31:15.0297 0x23a8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:31:15.0309 0x23a8 tdx - ok
17:31:15.0564 0x23a8 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:31:15.0666 0x23a8 TeamViewer - ok
17:31:15.0720 0x23a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:31:15.0733 0x23a8 TermDD - ok
17:31:15.0789 0x23a8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
17:31:15.0837 0x23a8 TermService - ok
17:31:15.0872 0x23a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:31:15.0918 0x23a8 Themes - ok
17:31:15.0947 0x23a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:31:15.0985 0x23a8 THREADORDER - ok
17:31:15.0998 0x23a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:31:16.0043 0x23a8 TrkWks - ok
17:31:16.0106 0x23a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:16.0142 0x23a8 TrustedInstaller - ok
17:31:16.0166 0x23a8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:16.0199 0x23a8 tssecsrv - ok
17:31:16.0251 0x23a8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:31:16.0259 0x23a8 TsUsbFlt - ok
17:31:16.0263 0x23a8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:31:16.0291 0x23a8 TsUsbGD - ok
17:31:16.0429 0x23a8 [ DF07EC9240A4B7008D6C5E65C8ABB584, 80F430996F0A513773600E20F4EF915B5D98A7C58D52CDF672B6AEF5A001E1CD ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
17:31:16.0479 0x23a8 TuneUp.UtilitiesSvc - ok
17:31:16.0522 0x23a8 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
17:31:16.0527 0x23a8 TuneUpUtilitiesDrv - ok
17:31:16.0581 0x23a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:31:16.0603 0x23a8 tunnel - ok
17:31:16.0607 0x23a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:31:16.0614 0x23a8 uagp35 - ok
17:31:16.0636 0x23a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:31:16.0680 0x23a8 udfs - ok
17:31:16.0723 0x23a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:31:16.0731 0x23a8 UI0Detect - ok
17:31:16.0770 0x23a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:31:16.0776 0x23a8 uliagpkx - ok
17:31:16.0802 0x23a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:31:16.0809 0x23a8 umbus - ok
17:31:16.0836 0x23a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:31:16.0870 0x23a8 UmPass - ok
17:31:16.0941 0x23a8 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:31:16.0956 0x23a8 UMVPFSrv - ok
17:31:16.0989 0x23a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:31:17.0017 0x23a8 upnphost - ok
17:31:17.0066 0x23a8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:31:17.0074 0x23a8 usbaudio - ok
17:31:17.0098 0x23a8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:17.0105 0x23a8 usbccgp - ok
17:31:17.0137 0x23a8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:31:17.0164 0x23a8 usbcir - ok
17:31:17.0220 0x23a8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:31:17.0254 0x23a8 usbehci - ok
17:31:17.0306 0x23a8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:31:17.0349 0x23a8 usbhub - ok
17:31:17.0381 0x23a8 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:31:17.0392 0x23a8 usbohci - ok
17:31:17.0407 0x23a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:31:17.0419 0x23a8 usbprint - ok
17:31:17.0449 0x23a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:17.0465 0x23a8 USBSTOR - ok
17:31:17.0470 0x23a8 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:31:17.0503 0x23a8 usbuhci - ok
17:31:17.0563 0x23a8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:31:17.0604 0x23a8 usbvideo - ok
17:31:17.0643 0x23a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:31:17.0700 0x23a8 UxSms - ok
17:31:17.0726 0x23a8 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
17:31:17.0735 0x23a8 VaultSvc - ok
17:31:17.0780 0x23a8 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:31:17.0792 0x23a8 VClone - ok
17:31:17.0824 0x23a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:31:17.0836 0x23a8 vdrvroot - ok
17:31:17.0865 0x23a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:31:17.0933 0x23a8 vds - ok
17:31:17.0973 0x23a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:17.0981 0x23a8 vga - ok
17:31:17.0998 0x23a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:31:18.0023 0x23a8 VgaSave - ok
17:31:18.0030 0x23a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:31:18.0040 0x23a8 vhdmp - ok
17:31:18.0073 0x23a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:31:18.0079 0x23a8 viaide - ok
17:31:18.0127 0x23a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:31:18.0133 0x23a8 volmgr - ok
17:31:18.0144 0x23a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:31:18.0155 0x23a8 volmgrx - ok
17:31:18.0173 0x23a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:31:18.0184 0x23a8 volsnap - ok
17:31:18.0203 0x23a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:31:18.0212 0x23a8 vsmraid - ok
17:31:18.0280 0x23a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:31:18.0330 0x23a8 VSS - ok
17:31:18.0338 0x23a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:31:18.0346 0x23a8 vwifibus - ok
17:31:18.0401 0x23a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:31:18.0434 0x23a8 W32Time - ok
17:31:18.0447 0x23a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:31:18.0454 0x23a8 WacomPen - ok
17:31:18.0485 0x23a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0507 0x23a8 WANARP - ok
17:31:18.0517 0x23a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0538 0x23a8 Wanarpv6 - ok
17:31:18.0603 0x23a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:31:18.0654 0x23a8 wbengine - ok
17:31:18.0703 0x23a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:31:18.0716 0x23a8 WbioSrvc - ok
17:31:18.0737 0x23a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:31:18.0774 0x23a8 wcncsvc - ok
17:31:18.0797 0x23a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:18.0831 0x23a8 WcsPlugInService - ok
17:31:18.0856 0x23a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:31:18.0866 0x23a8 Wd - ok
17:31:18.0918 0x23a8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:31:18.0938 0x23a8 Wdf01000 - ok
17:31:18.0965 0x23a8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:31:18.0973 0x23a8 WdiServiceHost - ok
17:31:18.0977 0x23a8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:31:18.0985 0x23a8 WdiSystemHost - ok
17:31:19.0012 0x23a8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
17:31:19.0048 0x23a8 WebClient - ok
17:31:19.0083 0x23a8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:31:19.0133 0x23a8 Wecsvc - ok
17:31:19.0165 0x23a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:31:19.0228 0x23a8 wercplsupport - ok
17:31:19.0269 0x23a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:31:19.0306 0x23a8 WerSvc - ok
17:31:19.0356 0x23a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:19.0382 0x23a8 WfpLwf - ok
17:31:19.0396 0x23a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:31:19.0403 0x23a8 WIMMount - ok
17:31:19.0429 0x23a8 WinHttpAutoProxySvc - ok
17:31:19.0498 0x23a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:31:19.0567 0x23a8 Winmgmt - ok
17:31:19.0681 0x23a8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
17:31:19.0722 0x23a8 WinRM - ok
17:31:19.0788 0x23a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:31:19.0814 0x23a8 Wlansvc - ok
17:31:19.0857 0x23a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:31:19.0894 0x23a8 WmiAcpi - ok
17:31:19.0937 0x23a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:31:19.0954 0x23a8 wmiApSrv - ok
17:31:20.0001 0x23a8 WMPNetworkSvc - ok
17:31:20.0009 0x23a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:31:20.0043 0x23a8 WPCSvc - ok
17:31:20.0080 0x23a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:31:20.0098 0x23a8 WPDBusEnum - ok
17:31:20.0126 0x23a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:31:20.0189 0x23a8 ws2ifsl - ok
17:31:20.0217 0x23a8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:31:20.0232 0x23a8 wscsvc - ok
17:31:20.0235 0x23a8 WSearch - ok
17:31:20.0347 0x23a8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
17:31:20.0398 0x23a8 wuauserv - ok
17:31:20.0432 0x23a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:31:20.0455 0x23a8 WudfPf - ok
17:31:20.0583 0x23a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:20.0663 0x23a8 WUDFRd - ok
17:31:20.0706 0x23a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:31:20.0723 0x23a8 wudfsvc - ok
17:31:20.0758 0x23a8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:31:20.0800 0x23a8 WwanSvc - ok
17:31:20.0828 0x23a8 xhunter1 - ok
17:31:20.0876 0x23a8 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
17:31:20.0889 0x23a8 xusb21 - ok
17:31:20.0892 0x23a8 ================ Scan global ===============================
17:31:20.0914 0x23a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:31:20.0948 0x23a8 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
17:31:20.0973 0x23a8 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
17:31:21.0000 0x23a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:31:21.0037 0x23a8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:31:21.0045 0x23a8 [ Global ] - ok
17:31:21.0045 0x23a8 ================ Scan MBR ==================================
17:31:21.0052 0x23a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:21.0370 0x23a8 \Device\Harddisk0\DR0 - ok
17:31:21.0656 0x23a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:31:21.0867 0x23a8 \Device\Harddisk2\DR2 - ok
17:31:21.0891 0x23a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:31:21.0956 0x23a8 \Device\Harddisk1\DR1 - ok
17:31:21.0957 0x23a8 ================ Scan VBR ==================================
17:31:21.0960 0x23a8 [ 25A88FBFF7C46D2F389F9A39FB74A834 ] \Device\Harddisk0\DR0\Partition1
17:31:21.0961 0x23a8 \Device\Harddisk0\DR0\Partition1 - ok
17:31:21.0964 0x23a8 [ 493DBA0C0E1CD7CA7F7E3EC3090381D5 ] \Device\Harddisk0\DR0\Partition2
17:31:21.0966 0x23a8 \Device\Harddisk0\DR0\Partition2 - ok
17:31:21.0969 0x23a8 [ AE3E311AC12FEB6A621C13092EA47941 ] \Device\Harddisk0\DR0\Partition3
17:31:21.0970 0x23a8 \Device\Harddisk0\DR0\Partition3 - ok
17:31:21.0974 0x23a8 [ 395EF6F243FE19AF52B7995256146097 ] \Device\Harddisk2\DR2\Partition1
17:31:22.0010 0x23a8 \Device\Harddisk2\DR2\Partition1 - ok
17:31:22.0013 0x23a8 [ 9060DD9DED8A26E4829820C9152D093D ] \Device\Harddisk1\DR1\Partition1
17:31:22.0015 0x23a8 \Device\Harddisk1\DR1\Partition1 - ok
17:31:22.0016 0x23a8 ================ Scan generic autorun ======================
17:31:22.0159 0x23a8 [ 381474F8A4477CF4951553EF530B0ED5, 6C2CB69E072EC2BF8C4EBB93DB400CF9358CC7C4FDA24E3B9B422FFAD089462F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:31:22.0206 0x23a8 NvBackend - ok
17:31:22.0227 0x23a8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:31:22.0262 0x23a8 ShadowPlay - ok
17:31:22.0306 0x23a8 [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\Windows\system32\igfxtray.exe
17:31:22.0319 0x23a8 IgfxTray - ok
17:31:22.0342 0x23a8 [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\Windows\system32\hkcmd.exe
17:31:22.0357 0x23a8 HotKeysCmds - ok
17:31:22.0380 0x23a8 [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\Windows\system32\igfxpers.exe
17:31:22.0394 0x23a8 Persistence - ok
17:31:22.0485 0x23a8 [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:31:22.0508 0x23a8 StartCCC - ok
17:31:22.0557 0x23a8 [ 299EDE8BBC229B7FA0BC0369BAE8CA2E, 788C06C7EDDDC0687A4137BDA00D320146425768960066FCBE0391BE7DBC2280 ] C:\Program Files (x86)\Raptr\raptrstub.exe
17:31:22.0568 0x23a8 Raptr - ok
17:31:22.0633 0x23a8 Dropbox - ok
17:31:22.0675 0x23a8 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
17:31:22.0687 0x23a8 VirtualCloneDrive - ok
17:31:22.0720 0x23a8 [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:22.0735 0x23a8 SunJavaUpdateSched - ok
17:31:22.0896 0x23a8 [ 05FB3EEC0F9AF4C4ACD949F57A631ED7, C543CF9C5B03D7B3172A2EB9E6A14B22524F0EF9478E646E2A8537E2CAB4B5B3 ] C:\Program Files (x86)\MSI\Live Update\Live Update.exe
17:31:22.0958 0x23a8 Live Update - ok
17:31:23.0062 0x23a8 [ 80086ED442941DE2CA18CB6DAE8C1422, F7BE958F2E8E17970C238E3806F4A742B12DA09EB21093BD6371CF4B580C5BE4 ] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
17:31:23.0098 0x23a8 Aeria Ignite - ok
17:31:23.0183 0x23a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:31:23.0230 0x23a8 Sidebar - ok
17:31:23.0272 0x23a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:31:23.0318 0x23a8 mctadmin - ok
17:31:23.0392 0x23a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:31:23.0418 0x23a8 Sidebar - ok
17:31:23.0423 0x23a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:31:23.0434 0x23a8 mctadmin - ok
17:31:23.0481 0x23a8 [ C7040C9D5D38A420DD8787523FAD48E6, 524BF82A91E1F41A4BBC995F36F575DEE23B55933E90AB874FB014BFF6EE716F ] C:\Program Files (x86)\Overwolf\Overwolf.exe
17:31:23.0490 0x23a8 Overwolf - ok
17:31:23.0665 0x23a8 [ DC6BA936E1DE11E648FB85A817C5182F, F1C27C08F84EEAC9DC5C26E57B9559F6006870E540CB2968494A3D34BAD109A7 ] C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
17:31:23.0703 0x23a8 Spotify Web Helper - ok
17:31:23.0788 0x23a8 [ E6CF06D33D41DE759EF3A3D9BB9DE716, C022D059E0FE7F882E33CB3054E31AA8ACA9277D7D455C10ADB8AC5898C1DD10 ] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
17:31:23.0823 0x23a8 Web Companion - ok
17:31:24.0302 0x23a8 [ F955139D76E71B8604E927A854C58489, 24B8B6D6DEDB7CB128644EC2558C172B9F68FB1AF541E5C2F4FE6DB9D100E721 ] E:\Steam\steam.exe
17:31:24.0353 0x23a8 Steam - ok
17:31:24.0549 0x23a8 [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
17:31:24.0631 0x23a8 Akamai NetSession Interface - ok
17:31:24.0884 0x23a8 [ 5E6E816F8F5B454329F8C013A70391B9, E7A9121EFA89FB5DF6EFCEDA9418B49511036DB40D6E631032665F80929FC3A0 ] C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe
17:31:25.0012 0x23a8 Spotify - ok
17:31:25.0031 0x23a8 Skype - ok
17:31:25.0032 0x23a8 Waiting for KSN requests completion. In queue: 94
17:31:26.0032 0x23a8 Waiting for KSN requests completion. In queue: 94
17:31:27.0032 0x23a8 Waiting for KSN requests completion. In queue: 94
17:31:28.0046 0x23a8 Win FW state via NFP2: enabled ( trusted )
17:31:30.0425 0x23a8 ============================================================
17:31:30.0425 0x23a8 Scan finished
17:31:30.0425 0x23a8 ============================================================
17:31:30.0436 0x1e1c Detected object count: 0
17:31:30.0436 0x1e1c Actual detected object count: 0
Code:
ATTFilter 17:28:43.0700 0x258c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:28:47.0764 0x258c ============================================================
17:28:47.0764 0x258c Current date / time: 2015/09/27 17:28:47.0764
17:28:47.0764 0x258c SystemInfo:
17:28:47.0764 0x258c
17:28:47.0764 0x258c OS Version: 6.1.7601 ServicePack: 1.0
17:28:47.0764 0x258c Product type: Workstation
17:28:47.0764 0x258c ComputerName: JANA-PC
17:28:47.0764 0x258c UserName: Jana
17:28:47.0764 0x258c Windows directory: C:\Windows
17:28:47.0764 0x258c System windows directory: C:\Windows
17:28:47.0764 0x258c Running under WOW64
17:28:47.0765 0x258c Processor architecture: Intel x64
17:28:47.0765 0x258c Number of processors: 4
17:28:47.0765 0x258c Page size: 0x1000
17:28:47.0765 0x258c Boot type: Normal boot
17:28:47.0765 0x258c ============================================================
17:28:49.0948 0x258c KLMD registered as C:\Windows\system32\drivers\02591482.sys
17:28:50.0193 0x258c System UUID: {AEF82811-9F6E-920C-E243-F6DB6F898275}
17:28:50.0589 0x258c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:28:50.0626 0x258c Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:28:54.0250 0x258c Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:28:54.0263 0x258c ============================================================
17:28:54.0263 0x258c \Device\Harddisk0\DR0:
17:28:54.0263 0x258c MBR partitions:
17:28:54.0263 0x258c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:28:54.0263 0x258c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1C632000
17:28:54.0263 0x258c \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x1C664800, BlocksNum 0xB61000
17:28:54.0263 0x258c \Device\Harddisk2\DR2:
17:28:54.0264 0x258c MBR partitions:
17:28:54.0264 0x258c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
17:28:54.0264 0x258c \Device\Harddisk1\DR1:
17:28:54.0264 0x258c MBR partitions:
17:28:54.0264 0x258c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
17:28:54.0264 0x258c ============================================================
17:28:54.0300 0x258c C: <-> \Device\Harddisk0\DR0\Partition2
17:28:54.0334 0x258c D: <-> \Device\Harddisk1\DR1\Partition1
17:28:54.0385 0x258c E: <-> \Device\Harddisk2\DR2\Partition1
17:28:54.0407 0x258c F: <-> \Device\Harddisk0\DR0\Partition3
17:28:54.0407 0x258c ============================================================
17:28:54.0407 0x258c Initialize success
17:28:54.0407 0x258c ============================================================
17:29:51.0537 0x20a4 Deinitialize success
|
|
28.09.2015, 14:35
| #6 |
| /// the machine /// TB-Ausbilder | Plötzliches abstürzen und sehr langsames hochfahren hi, Scan mit Combofix
__________________ --> Plötzliches abstürzen und sehr langsames hochfahren |
|
28.09.2015, 17:48
| #7 |
| | Plötzliches abstürzen und sehr langsames hochfahren ich kann die datei nicht finden, auch kann ich kaum noch etwas an meinem computer machen(bzw in dem ordner der rest geht). nach jedem mausklick friert alles ein (mausbewegen geht immer, aber klicken nichts mehr). Somit kann ich auch meinen computer kaum nach dem Logfile durchsuchen. habe es mit viel zeit und viel geduld gefunden Code:
ATTFilter ComboFix 15-09-25.01 - Jana 28.09.2015 17:06:10.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.16301.11997 [GMT 2:00]
ausgeführt von:: C:\Users\Jana\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
C:\ProgramData\ntuser.pol
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile0.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile1.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile2.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile3.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile4.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile5.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile6.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile7.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile8.txt
C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\tempfile9.txt
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9cloz3.dll
C:\Windows\SysWow64\X86
E:\install.exe
((((((((((((((((((((((( Dateien erstellt von 2015-08-28 bis 2015-09-28 ))))))))))))))))))))))))))))))
2015-09-28 15:11:53 . 2015-09-28 15:11:53 -------- d-----w- C:\Users\Default\AppData\Local\temp
2015-09-27 21:59:46 . 2015-09-27 21:59:46 -------- d-----w- C:\Users\Jana\AppData\Local\Apple Computer
2015-09-27 21:59:44 . 2015-09-27 22:00:24 -------- d-----w- C:\Users\Jana\AppData\Roaming\Apple Computer
2015-09-27 21:59:36 . 2015-09-27 21:59:36 -------- d-----w- C:\ProgramData\Apple Computer
2015-09-27 21:59:36 . 2015-09-27 21:59:36 -------- d-----w- C:\Program Files\iPod
2015-09-27 21:58:56 . 2015-09-27 21:58:56 -------- d-----w- C:\Users\Jana\AppData\Local\Apple
2015-09-27 21:58:56 . 2015-09-27 21:58:56 -------- d-----w- C:\Program Files (x86)\Apple Software Update
2015-09-27 21:58:41 . 2015-09-27 21:58:42 -------- d-----w- C:\Program Files\Bonjour
2015-09-27 21:58:41 . 2015-09-27 21:58:42 -------- d-----w- C:\Program Files (x86)\Bonjour
2015-09-27 21:58:13 . 2015-09-27 21:59:36 -------- d-----w- C:\Program Files\Common Files\Apple
2015-09-27 21:58:03 . 2015-09-27 21:58:54 -------- d-----w- C:\ProgramData\Apple
2015-09-27 21:58:03 . 2015-09-27 21:58:48 -------- d-----w- C:\Program Files (x86)\Common Files\Apple
2015-09-27 14:59:03 . 2015-09-27 15:27:43 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-26 19:19:32 . 2015-09-26 19:21:09 -------- d-----w- C:\FRST
2015-09-23 20:24:13 . 2015-09-23 20:24:13 -------- d-----w- C:\Users\Jana\AppData\Local\Blizzard
2015-09-23 20:20:28 . 2015-09-23 20:24:14 -------- d-----w- C:\Program Files (x86)\Hearthstone
2015-09-21 10:52:21 . 2015-09-21 10:52:21 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2015-09-18 12:16:48 . 2015-09-18 12:16:48 -------- d-----w- C:\Users\Jana\AppData\Roaming\.mono
2015-09-18 12:16:48 . 2015-09-18 12:16:48 -------- d-----w- C:\ProgramData\.mono
2015-09-18 12:16:45 . 2015-09-18 12:16:45 -------- d-----w- C:\Users\Jana\AppData\Local\I Am Bread
2015-09-17 18:59:33 . 2015-09-17 18:59:51 -------- d-----w- C:\Users\Jana\AppData\Local\Risen
2015-09-11 11:30:08 . 2015-09-11 11:30:08 -------- d-----w- C:\Users\Jana\AppData\Local\Diagnostics
2015-09-10 18:53:06 . 2015-09-10 18:53:06 -------- d-----w- C:\Users\Jana\AppData\Local\Blizzard Entertainment
2015-09-10 18:52:59 . 2015-09-28 15:04:03 -------- d-----w- C:\Users\Jana\AppData\Local\Battle.net
2015-09-10 18:52:41 . 2015-09-25 18:34:40 -------- d-----w- C:\Program Files (x86)\Battle.net
2015-09-10 18:51:54 . 2015-09-10 18:52:01 -------- d-----w- C:\ProgramData\Battle.net
2015-09-03 13:00:39 . 2015-09-03 13:00:39 -------- d-----w- C:\Program Files\McAfee Security Scan
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
|
|
29.09.2015, 14:07
| #8 |
| /// the machine /// TB-Ausbilder | Plötzliches abstürzen und sehr langsames hochfahren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.09.2015, 18:54
| #9 |
| | Plötzliches abstürzen und sehr langsames hochfahrenCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.09.2015 Suchlaufzeit: 18:43 Protokolldatei: 2.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.29.05 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Jana Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 366011 Abgelaufene Zeit: 13 Min., 36 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.BDYahoo, C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Schlecht: ("session":{"restore_on_startup":4,"startup_urls":["hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"]},"sync":{"remaining_rollback_tries":0}}), ,[29806acbfc8f64d2b8de2b91fa0b58a8] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.009 - Bericht erstellt am 29/09/2015 um 19:25:19
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Jana - JANA-PC
# Gestartet von : E:\Programme\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\afterguard
[-] Ordner Gelöscht : C:\Program Files (x86)\CouPEXteinssIon
[-] Ordner Gelöscht : C:\Program Files (x86)\FindBeesTDeaal
[-] Ordner Gelöscht : C:\Program Files (x86)\PrriiceMinus
[-] Ordner Gelöscht : C:\Program Files (x86)\RoboSaovverr
[-] Ordner Gelöscht : C:\Program Files (x86)\TakeeTheCoUUpoon
[-] Ordner Gelöscht : C:\ProgramData\{261ce825-af4c-01ec-261c-ce825af4a096}
[-] Ordner Gelöscht : C:\ProgramData\{41410481-bb56-3ee1-4141-10481bb51206}
[-] Ordner Gelöscht : C:\ProgramData\{5ab7f8cf-9c81-3cdd-5ab7-7f8cf9c8e33e}
[-] Ordner Gelöscht : C:\ProgramData\{b9f69079-958e-3afd-b9f6-6907995841e6}
[-] Ordner Gelöscht : C:\ProgramData\{bd4f358c-cbaa-2204-bd4f-f358ccbad633}
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Ordner Gelöscht : C:\Users\Jana\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Jana\AppData\Roaming\RPEng
[-] Ordner Gelöscht : C:\Users\Jana\AppData\Roaming\Browser-Security
[-] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_ihokndmjeombjojnfkmapfnjeghjohim_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_websearch.goodforsearch.info_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_websearch.goodforsearch.info_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.dregol.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bandicam.en.softonic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bandicam.en.softonic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.bitchcrawler.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.bitchcrawler.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : Adobe Flash Player Updater
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P56695B2F_9AFD_4ED7_9927_777CAC1F766B_.P56695B2F_9AFD_4ED7_9927_777CAC1F766B_
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P56695B2F_9AFD_4ED7_9927_777CAC1F766B_.P56695B2F_9AFD_4ED7_9927_777CAC1F766B_.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\2715156d-e566-3a58-0771-624f23a7b8c5
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{56695B2F-9AFD-4ED7-9927-777CAC1F766B}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56695B2F-9AFD-4ED7-9927-777CAC1F766B}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\WEBAPP
***** [ Internetbrowser ] *****
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jana on 29.09.2015 at 19:48:24,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Users\Jana\AppData\Roaming\appdataFr2.bin
Successfully deleted: [File] C:\Users\Jana\AppData\Roaming\appdataFr25.bin
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\lavasoft\web companion
Successfully deleted: [Folder] C:\ProgramData\lavasoft\web companion
Successfully deleted: [Folder] C:\Users\Jana\AppData\Roaming\lavasoft\web companion
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Windows\SysWOW64\amd64
~~~ FireFox
Successfully deleted the following from C:\Users\Jana\AppData\Roaming\mozilla\firefox\profiles\meut138p.default\prefs.js
user_pref(extensions.QWYG1qQFK1RSZTm9.url, hxxp://secure-school.net/sync2/?q=hfZ9oeZ4AchEAen0rTw9qihTB6lKDzt4okmxtNtVh7n0rjkEqjsFrTaGqTa9tMFHhd9Fqja8rTwGrdrHrdnMDMlGojUMAe4
Emptied folder: C:\Users\Jana\AppData\Roaming\mozilla\firefox\profiles\meut138p.default\minidumps [12 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Jana\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.09.2015 at 19:50:57,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
30.09.2015, 19:20
| #10 |
| /// the machine /// TB-Ausbilder | Plötzliches abstürzen und sehr langsames hochfahrenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.10.2015, 11:53
| #11 |
| | Plötzliches abstürzen und sehr langsames hochfahrenCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6b225b7528f10469a05f9bc8df7155b
# end=init
# utc_time=2015-10-01 08:47:55
# local_time=2015-10-01 10:47:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26027
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6b225b7528f10469a05f9bc8df7155b
# end=updated
# utc_time=2015-10-01 08:50:23
# local_time=2015-10-01 10:50:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a6b225b7528f10469a05f9bc8df7155b
# engine=26027
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-01 10:34:30
# local_time=2015-10-01 12:34:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 87253 195325520 0 0
# scanned=317069
# found=5
# cleaned=5
# scan_time=6246
sh=DD13D71018AFFA929F44BA5E31E82F06394CE855 ft=1 fh=eb7ac0f2de57af61 vn="Variante von Win32/ExtenBro.BK Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Google\Chrome\Application\GoogleCrashHandler.dll"
sh=D68AAD901279D2AA90E6CAD0E5BC26A378122315 ft=1 fh=4a398636e8a58b00 vn="Variante von Win32/ExtenBro.BK Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Google\Chrome\Application\GoogleUpdateHelper.dll"
sh=2659F8EEAFCB7FC6E69F3294EBED4E6E3BCFFC5E ft=1 fh=0b1950bd3b944403 vn="Variante von Win32/Adware.AdInstaller.F Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Jana\Desktop\Desktop\light_image_resizer4_setup_CB-DL-Manager.exe"
sh=9F18A3C6BDD28757B18B7EDFF284AA2542F1634C ft=1 fh=9814a936ce365e8b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Jana\Downloads\CPU Control - CHIP-Installer.exe"
sh=AFF4B41C48C27A18E689E249EBA7C8D60C3E38B8 ft=1 fh=40d0cd7a4899b2c7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Jana\Downloads\Virtual CloneDrive - CHIP-Installer.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
AVG PC TuneUp 2015
AVG PC TuneUp 2015 (de-DE)
AVG PC TuneUp 2015
Java 8 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.185
Mozilla Firefox 38.0.1 Firefox out of Date!
Google Chrome (43.0.2357.134)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Jana (Administrator) auf JANA-PC (01-10-2015 12:49:45)
Gestartet von E:\Spiele\Heartstone
Geladene Profile: Jana (Verfügbare Profile: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) E:\Programme\ITunes\iTunesHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\old_Overwolf.exe
(Spotify Ltd) C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Akamai Technologies, Inc.) C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.101.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.101.0\OverwolfBrowser.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Related Designs) E:\Steam\steamapps\common\Anno 1404\Addon.exe
() E:\Steam\steamapps\common\Anno 1404\tools\AddonWeb.exe
(Valve Corporation) E:\Steam\GameOverlayUI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => E:\Programme\ITunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-01] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [43760 2015-09-16] (Overwolf LTD)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify Web Helper] => C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Steam] => E:\Steam\steam.exe [2901184 2015-09-30] (Valve Corporation)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Spotify] => C:\Users\Jana\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{77B9BB4B-F4DF-48C1-853E-CD7BA6B6E655}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2193431405-2545998550-1313679102-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2193431405-2545998550-1313679102-1000 -> {4B9DED45-1079-4489-A15A-968B4B8257C8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
FireFox:
========
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/-bfr-is__alt__ddc_dsssyc_bd_com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2193431405-2545998550-1313679102-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-14] ()
FF Extension: Adblock Plus - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\meut138p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-02]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com","chrome://apps/"
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?newwindow=1&site=&source=hp&q=hearthstone&oq=hear&gs_l=hp.3.0.0i131l4j0l6.15460.16334.0.18111.5.5.0.0.0.0.258.610.3j1j1.5.0....0...1c.1.64.hp..1.4.351.0.5tLQIti7Q4g
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]
CHR Extension: (Adblock Plus) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-25]
CHR Extension: (Google-Suche) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]
CHR Extension: (Google Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]
CHR Extension: (Night Time In New York City) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2015-07-17]
CHR Extension: (Little Alchemy) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-07-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-09-15] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-08-20] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1740968 2015-07-01] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1006320 2015-09-16] (Overwolf LTD)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2015-02-25] (AVG Technologies)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [X]
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-24] ()
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-01-13] (TuneUp Software)
S3 ALSysIO; \??\C:\Users\Jana\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\Users\Jana\Documents\Shiner
2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\Users\Jana\Documents\Robot Entertainment
2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Robot Entertainment
2015-09-29 22:15 - 2015-09-29 22:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Day 1 Studios
2015-09-29 19:50 - 2015-09-29 19:50 - 00002450 _____ C:\Users\Jana\Desktop\JRT.txt
2015-09-29 19:48 - 2015-09-22 19:06 - 01800512 _____ (Malwarebytes) C:\Users\Jana\Desktop\JRT.exe
2015-09-29 19:24 - 2015-09-29 19:25 - 00000000 ____D C:\AdwCleaner
2015-09-29 19:18 - 2015-09-29 19:18 - 00000000 ____D C:\Users\Jana\Documents\Malware Logfile
2015-09-29 00:02 - 2015-09-29 00:02 - 00000202 _____ C:\Users\Jana\Desktop\Scribblenauts Unlimited.url
2015-09-28 17:04 - 2015-09-28 17:42 - 00000000 ____D C:\ComboFix
2015-09-28 17:04 - 2015-09-28 17:12 - 00000000 ____D C:\Windows\erdnt
2015-09-28 17:04 - 2015-09-28 17:11 - 00000000 ____D C:\Qoobox
2015-09-28 17:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-28 17:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-28 17:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-28 17:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-28 16:59 - 2015-09-28 16:59 - 05636489 ____R (Swearware) C:\Users\Jana\Desktop\ComboFix.exe
2015-09-28 16:00 - 2015-09-28 16:00 - 00000000 ____D C:\Users\Jana\Desktop\Hearth Ranger
2015-09-28 15:59 - 2015-09-28 15:59 - 08491264 ____R C:\Users\Jana\Desktop\Hearthranger_v.4.0.0.rar
2015-09-27 23:59 - 2015-09-28 00:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Apple Computer
2015-09-27 23:59 - 2015-09-27 23:59 - 00001538 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Apple Computer
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\Program Files\iPod
2015-09-27 23:59 - 2015-09-27 23:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-27 23:58 - 2015-09-27 23:59 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Users\Jana\AppData\Local\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\ProgramData\Apple
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Program Files\Bonjour
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-27 23:58 - 2015-09-27 23:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-27 16:59 - 2015-09-27 17:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-27 16:58 - 2015-09-27 17:27 - 00000000 ____D C:\Users\Jana\Desktop\mbar
2015-09-27 16:57 - 2015-09-27 16:57 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Jana\Downloads\mbar-1.09.3.1001.exe
2015-09-27 16:31 - 2015-09-27 16:31 - 00001268 _____ C:\Users\Jana\Desktop\Revo Uninstaller.lnk
2015-09-27 16:31 - 2015-09-27 16:31 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-27 16:30 - 2015-09-27 16:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jana\Downloads\revosetup95.exe
2015-09-27 02:15 - 2015-09-27 02:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Steam
2015-09-26 22:47 - 2015-09-26 22:47 - 00000636 _____ C:\Users\Public\Desktop\CPU-Control.lnk
2015-09-26 22:47 - 2015-09-26 22:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\CPUControl
2015-09-26 22:47 - 2015-09-26 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Control
2015-09-26 22:44 - 2015-09-26 22:44 - 00000000 ____D C:\Users\Jana\Downloads\CPU_Control21
2015-09-26 22:41 - 2015-09-26 22:41 - 00674184 _____ C:\Users\Jana\Downloads\CPU_Control21.zip
2015-09-26 21:19 - 2015-10-01 12:49 - 00000000 ____D C:\FRST
2015-09-26 17:29 - 2015-09-26 17:29 - 00000561 _____ C:\Windows\wmsetup.log
2015-09-26 16:52 - 2015-09-26 16:52 - 00000000 ____D C:\Users\Jana\Documents\DeadIsland
2015-09-25 04:25 - 2015-09-25 04:46 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-25 04:25 - 2015-09-25 04:25 - 00000200 _____ C:\Users\Jana\Desktop\Escape Rosecliff Island.url
2015-09-25 04:25 - 2015-09-25 04:25 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SteamPopCapv1002
2015-09-24 19:38 - 2015-09-24 19:38 - 00002946 _____ C:\Users\Jana\Documents\ergebniss 1 malware.txt
2015-09-23 22:24 - 2015-09-23 22:24 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard
2015-09-23 22:20 - 2015-09-23 22:24 - 00001159 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-09-23 22:20 - 2015-09-23 22:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-23 22:20 - 2015-09-23 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-09-23 22:18 - 2015-09-23 22:18 - 00001100 _____ C:\Users\Jana\Desktop\Battle.net.lnk
2015-09-23 22:17 - 2015-09-23 22:17 - 03056696 _____ (Blizzard Entertainment) C:\Users\Jana\Downloads\Hearthstone-Setup-deDE.exe
2015-09-21 12:52 - 2015-09-21 12:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-21 12:52 - 2015-09-21 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-18 21:20 - 2015-09-18 21:20 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen2
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.mono
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\Users\Jana\AppData\Local\I Am Bread
2015-09-18 14:16 - 2015-09-18 14:16 - 00000000 ____D C:\ProgramData\.mono
2015-09-17 20:59 - 2015-09-17 20:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Risen
2015-09-15 16:57 - 2015-09-15 17:06 - 00000000 ____D C:\Users\Jana\Documents\DayZ
2015-09-14 20:43 - 2015-09-14 20:43 - 00000000 ____D C:\Users\Jana\Documents\The Witcher 3
2015-09-14 00:29 - 2015-09-14 20:48 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-09-13 20:13 - 2015-09-13 20:13 - 00000552 _____ C:\Windows\KB893803v2.log
2015-09-13 20:11 - 2015-09-27 16:31 - 00000000 ____D C:\Users\Public\Documents\Tauschen
2015-09-13 16:33 - 2015-09-14 23:19 - 00000000 ____D C:\Users\Jana\Documents\gothic3
2015-09-11 13:32 - 2015-09-11 13:32 - 00000000 ____D C:\ProgramData\Ubisoft
2015-09-10 20:53 - 2015-09-10 20:53 - 00000000 ____D C:\Users\Jana\AppData\Local\Blizzard Entertainment
2015-09-10 20:52 - 2015-09-29 19:24 - 00000000 ____D C:\Users\Jana\AppData\Local\Battle.net
2015-09-10 20:52 - 2015-09-29 11:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-10 20:52 - 2015-09-23 22:20 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Battle.net
2015-09-10 20:52 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-10 20:51 - 2015-09-10 20:52 - 00000000 ____D C:\ProgramData\Battle.net
2015-09-04 20:09 - 2015-09-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-03 15:00 - 2015-09-03 15:00 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-01 12:44 - 2015-08-13 21:48 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Ubisoft
2015-10-01 12:09 - 2015-05-14 13:03 - 00000000 ____D C:\Users\Jana\AppData\Local\Overwolf
2015-10-01 12:05 - 2015-05-14 12:04 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Raptr
2015-10-01 12:03 - 2015-05-14 12:54 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2015-10-01 11:56 - 2015-06-26 10:41 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-01 10:34 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-01 10:34 - 2009-07-14 06:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-30 23:28 - 2015-06-26 10:41 - 00001206 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-30 18:12 - 2015-05-14 13:03 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-09-30 16:42 - 2015-05-13 21:39 - 02080205 _____ C:\Windows\WindowsUpdate.log
2015-09-30 14:00 - 2009-07-14 06:51 - 00062575 _____ C:\Windows\setupact.log
2015-09-30 12:10 - 2015-05-21 15:02 - 00000000 ____D C:\Users\Jana\AppData\Local\Spotify
2015-09-30 12:05 - 2015-06-26 10:44 - 00000000 ___RD C:\Users\Jana\Dropbox
2015-09-30 12:05 - 2015-06-26 10:41 - 00000000 ____D C:\Users\Jana\AppData\Local\Dropbox
2015-09-30 12:05 - 2015-05-21 15:01 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Spotify
2015-09-30 11:59 - 2015-05-14 12:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Steam
2015-09-30 11:57 - 2015-06-30 18:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-30 11:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-29 23:18 - 2015-05-14 14:05 - 00637277 _____ C:\Windows\DirectX.log
2015-09-29 21:57 - 2015-05-14 12:57 - 00000000 ____D C:\ProgramData\Origin
2015-09-29 21:57 - 2015-05-14 12:56 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-29 19:49 - 2015-07-08 21:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Lavasoft
2015-09-29 19:49 - 2015-07-08 21:41 - 00000000 ____D C:\ProgramData\Lavasoft
2015-09-29 19:49 - 2015-07-08 21:41 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-09-29 18:43 - 2015-08-25 13:09 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-29 14:38 - 2015-05-20 13:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2015-09-29 11:27 - 2015-06-03 13:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-28 17:17 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-28 17:13 - 2010-11-21 05:47 - 00946892 _____ C:\Windows\PFRO.log
2015-09-27 22:24 - 2015-05-24 16:53 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2015-09-27 16:58 - 2015-08-25 13:09 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-27 02:15 - 2015-05-20 16:29 - 00000000 ____D C:\Users\Jana\Documents\My Games
2015-09-26 18:55 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2015-09-26 18:16 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-26 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-26 17:18 - 2015-05-13 21:44 - 00000000 ____D C:\Users\Jana
2015-09-23 20:25 - 2015-08-03 13:56 - 00000000 ____D C:\Users\Jana\AppData\Local\Akamai
2015-09-23 17:27 - 2015-06-24 18:09 - 00000000 ____D C:\Users\Jana\Documents\Electronic Arts
2015-09-23 17:20 - 2015-08-11 19:20 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 17:20 - 2015-05-14 14:16 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 13:10 - 2015-06-03 13:27 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-21 12:52 - 2015-05-14 12:54 - 00000000 ____D C:\ProgramData\Skype
2015-09-18 12:15 - 2015-06-30 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-18 12:15 - 2015-06-30 18:29 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-18 12:15 - 2015-06-30 18:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-14 20:47 - 2015-05-20 16:14 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-13 16:33 - 2015-07-01 10:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-10 02:33 - 2015-05-14 18:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\OBS
2015-09-09 17:50 - 2015-05-23 19:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.technic
2015-09-09 17:50 - 2015-05-23 19:46 - 04718800 _____ () C:\Users\Jana\Downloads\TechnicLauncher (2).exe
2015-09-04 20:09 - 2015-06-26 10:41 - 00000000 ____D C:\Program Files (x86)\Dropbox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-21 14:30 - 2015-07-01 22:13 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-06-10 23:55 - 2015-08-25 00:55 - 0000245 _____ () C:\Users\Jana\AppData\Roaming\WB.CFG
2015-06-11 22:12 - 2015-06-11 22:12 - 0004981 _____ () C:\Users\Jana\AppData\Local\recently-used.xbel
2015-05-23 13:11 - 2015-05-23 13:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{B3CC0DD3-C94B-4AB2-8AE9-52BE8A34A777}
2015-05-22 16:10 - 2015-05-22 16:12 - 0000000 _____ () C:\Users\Jana\AppData\Local\{D4FE8BB4-D3BB-4CD1-8236-C9420B284809}
Einige Dateien in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5boifi.dll
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-23 18:12
==================== Ende von FRST.txt ============================
|
|
02.10.2015, 07:13
| #12 |
| /// the machine /// TB-Ausbilder | Plötzliches abstürzen und sehr langsames hochfahren Java und Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files (x86)\Google\Chrome\Application\GoogleCrashHandler.dll
C:\Program Files (x86)\Google\Chrome\Application\GoogleUpdateHelper.dll
C:\Users\Jana\Desktop\Desktop\light_image_resizer4_setup_CB-DL-Manager.exe
C:\Users\Jana\Downloads\CPU Control - CHIP-Installer.exe
C:\Users\Jana\Downloads\Virtual CloneDrive - CHIP-Installer.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Plötzliches abstürzen und sehr langsames hochfahren |
| abstürze, abstürzen, anti, appdata, bericht, computer, diverse, entfernen, erkannt, google, hochfahren, hängen, langsames hochfahren, malware, malwarebytes, problem, programm, quarantäne, rollback, secure, software, spinnt, stick, viren, websites, windows |
dann auf 
und dann auf 
. 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
