PC infiziert?

Dummie · 18.12.2015, 16:15

Hallo,
meine Online-Banking Software sagt mir, dass auf meinen Rechner ein schadhaftes Programm ist. Daraufhin habe ich ein Malware-Programm laufen lassen und meinen Virenscanner. Beides zeigt aber nichts an, darum frage ich hier mal nach Hilfe.
Beste Grüße

deeprybka · 18.12.2015, 20:24

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Dummie · 20.12.2015, 12:47

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015
durchgeführt von Peter (Administrator) auf PC (20-12-2015 10:07:04)
Gestartet von C:\Users\Peter\Desktop
Geladene Profile: Peter &  (Verfügbare Profile: Peter)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(RapidSolution Software AG) C:\Program Files (x86)\Audials\Audials 12\VCDWriter\64\VCDAudioService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Users\Peter\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIMBE.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIMBE.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSpeed.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed9.32.10] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSpeed.EXE [125248 2013-09-26] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-01] (Overwolf LTD)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2412440 2015-09-18] ()
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [Dropbox Update] => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-3501281241-138803316-725630430-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-01] (Overwolf LTD)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2412440 2015-09-18] ()
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fd940e4a-dbbc-4f82-b980-3f0c256955ee}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3501281241-138803316-725630430-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3501281241-138803316-725630430-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3501281241-138803316-725630430-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-31] (Oracle Corporation)
BHO: Kein Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-31] (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kein Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lymaashi.default
FF Homepage: hxxps://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: FoxyProxy Standard - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lymaashi.default\extensions\foxyproxy@eric.h.jung [2015-09-10]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lymaashi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-08-29] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x64\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Avira Browserschutz) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Google Mail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Peter\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-15] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-10-12] (BitRaider, LLC)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-01] (Overwolf LTD)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Virtual CDAudio Service; C:\Program Files (x86)\Audials\Audials 12\VCDWriter\64\VCDAudioService.exe [179608 2015-09-18] (RapidSolution Software AG)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-05] (BitRaider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-06-17] (Audials AG)
R3 rsvcdwdr; C:\Windows\System32\drivers\rsvcdwdr.sys [45192 2015-06-17] (RapidSolution Software AG)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-20 10:07 - 2015-12-20 10:07 - 00026108 _____ C:\Users\Peter\Desktop\FRST.txt
2015-12-20 10:06 - 2015-12-20 10:07 - 00000000 ____D C:\FRST
2015-12-20 10:06 - 2015-12-20 10:06 - 02370048 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2015-12-20 10:02 - 2015-12-20 10:02 - 00000000 ___HD C:\OneDriveTemp
2015-12-20 10:01 - 2015-12-20 10:01 - 00016148 _____ C:\WINDOWS\system32\PC_Peter_HistoryPrediction.bin
2015-12-15 18:00 - 2015-12-18 14:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 18:00 - 2015-12-15 18:00 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 18:00 - 2015-12-15 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 18:00 - 2015-12-15 18:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 18:00 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 18:00 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 18:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 17:58 - 2015-12-15 17:59 - 22908888 _____ (Malwarebytes ) C:\Users\Peter\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 06:35 - 2015-12-15 06:35 - 00118455 _____ C:\Users\Peter\Downloads\Kundennummer_9100706440.pdf
2015-12-14 23:10 - 2015-12-14 23:10 - 00045071 _____ C:\Users\Peter\Downloads\Lennart Horn.pdf
2015-12-13 20:11 - 2015-12-13 20:11 - 00000690 _____ C:\Users\Peter\Desktop\Ina - Verknüpfung.lnk
2015-12-13 19:15 - 2015-12-13 19:15 - 00446513 _____ C:\Users\Peter\Downloads\Carpesol_18.pdf
2015-12-11 19:10 - 2015-12-11 19:10 - 00066193 _____ C:\Users\Peter\Downloads\2015-12-13 Pfarrnachrichten-homepage.pdf
2015-12-11 06:43 - 2015-12-11 06:43 - 05468955 _____ C:\Users\Peter\Downloads\2016-01 Partykarneval A2 - 002.pdf
2015-12-10 19:22 - 2015-12-10 19:22 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-12-10 01:36 - 2015-12-10 01:36 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 13:57 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-09 10:31 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 10:31 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 10:31 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 10:31 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 10:31 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 10:31 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 10:31 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 10:31 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 10:31 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 10:31 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 10:31 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 10:31 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 10:31 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 10:31 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 10:31 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 10:31 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 10:31 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 10:31 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 10:31 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 10:31 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 10:31 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 10:31 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 10:31 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 10:31 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 10:31 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 10:31 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 10:31 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 10:31 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 10:31 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 10:31 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 10:31 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 10:31 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 10:31 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 10:31 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 10:31 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 10:31 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 10:31 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 10:31 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 10:31 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 10:31 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 10:31 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 10:31 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 10:31 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 10:31 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 10:31 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 10:31 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 10:31 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 10:31 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 10:31 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 10:31 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 10:31 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 10:31 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 10:31 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 10:31 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 10:31 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 10:31 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 06:43 - 2015-12-09 06:43 - 00264643 _____ C:\Users\Peter\Downloads\VV-Protokoll vom 26.11.2015.pdf
2015-12-08 19:54 - 2015-12-08 19:54 - 03228561 _____ C:\Users\Peter\Downloads\Rose Vorlagen 2.pdf
2015-12-08 19:53 - 2015-12-08 19:54 - 03272578 _____ C:\Users\Peter\Downloads\Rose Vorlagen 1.pdf
2015-12-08 16:34 - 2015-12-15 22:36 - 00000000 ____D C:\Users\Peter\Documents\FIFA 16
2015-12-08 16:26 - 2015-12-08 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-12-04 17:52 - 2015-12-04 17:52 - 00198318 _____ C:\Users\Peter\Downloads\2015-12-06 Pfarrnachrichten Homepage.pdf
2015-12-03 19:57 - 2015-12-03 19:57 - 00070149 _____ C:\Users\Peter\Downloads\2015.12.03_TK001_Site 501_TRNG.pdf
2015-12-01 06:43 - 2015-12-01 06:43 - 00214141 _____ C:\Users\Peter\Downloads\18725-022-20151130-44915-6.pdf
2015-11-28 13:53 - 2015-11-28 13:53 - 00193887 _____ C:\Users\Peter\Downloads\2015-11-29 Pfarrnachrichten - Homepage.pdf
2015-11-26 13:01 - 2015-11-26 13:01 - 00000000 ____D C:\Users\Peter\AppData\LocalLow\SKS
2015-11-26 12:39 - 2015-11-26 12:39 - 00000222 _____ C:\Users\Peter\Desktop\The Forest.url
2015-11-26 12:39 - 2015-11-26 12:39 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-26 00:05 - 2015-11-26 00:05 - 00000000 ____D C:\Users\Peter\AppData\Local\Steam
2015-11-26 00:03 - 2015-11-26 00:03 - 01476720 _____ C:\Users\Peter\Downloads\SteamSetup (1).exe
2015-11-26 00:01 - 2015-12-20 10:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-26 00:01 - 2015-11-26 00:01 - 01476720 _____ C:\Users\Peter\Downloads\SteamSetup.exe
2015-11-26 00:01 - 2015-11-26 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Peter\Documents\samsung
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Samsung
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Peter\AppData\Local\Samsung
2015-11-24 18:49 - 2015-05-21 07:02 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-11-24 18:49 - 2015-05-21 07:02 - 00110720 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-11-24 18:47 - 2015-11-24 18:49 - 00000000 ____D C:\ProgramData\Samsung
2015-11-24 18:47 - 2015-11-24 18:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-11-24 18:47 - 2015-11-24 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-24 18:47 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2015-11-24 18:47 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2015-11-24 18:45 - 2015-11-24 18:46 - 78749536 _____ (Samsung Electronics Co., Ltd.) C:\Users\Peter\Downloads\KiesSetup.exe
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\Users\Peter\AppData\Roaming\EAC
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\Users\Peter\AppData\Roaming\AccurateRip
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-11-24 15:41 - 2015-11-24 15:41 - 01466656 _____ C:\Users\Peter\Downloads\Exact Audio Copy - CHIP-Installer.exe
2015-11-23 08:10 - 2015-11-23 08:11 - 20137572 _____ C:\Users\Peter\Downloads\Silverlight40728.zip
2015-11-20 21:23 - 2015-11-20 21:23 - 00193451 _____ C:\Users\Peter\Downloads\2015-11-22 Pfarrnachrichten - Homepage.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-20 10:06 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-20 10:04 - 2014-09-27 11:34 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1D7D91BD-122C-44C1-BFE7-AB33EA8F8A70}
2015-12-20 10:02 - 2015-08-28 19:31 - 00000000 ____D C:\Users\Peter\AppData\Roaming\.oit
2015-12-20 10:02 - 2014-11-05 21:43 - 00000000 ___RD C:\Users\Peter\Dropbox
2015-12-20 10:02 - 2014-11-05 21:33 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2015-12-20 10:02 - 2014-09-30 21:32 - 00000000 ___RD C:\Users\Peter\OneDrive
2015-12-20 10:01 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-20 10:01 - 2014-09-27 17:26 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-19 09:17 - 2015-05-02 07:32 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Coronic
2015-12-19 09:17 - 2014-09-27 17:26 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-19 09:14 - 2015-05-02 07:30 - 22134048 _____ (Fiducia & GAD IT AG, Münster) C:\Users\Peter\Desktop\VB-Greven.exe
2015-12-19 09:10 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-18 18:36 - 2015-09-13 18:36 - 00000925 _____ C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {A8225B49-B2EF-46DA-9489-E1768911EA1F}.job
2015-12-18 18:36 - 2015-09-13 18:36 - 00000925 _____ C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {337FE276-AC21-4B52-8359-CAF96D1767B8}.job
2015-12-18 18:35 - 2015-06-13 07:24 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001UA.job
2015-12-18 18:00 - 2015-09-06 15:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-18 16:34 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-18 14:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-18 06:56 - 2015-10-12 13:34 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-18 06:56 - 2015-09-10 06:10 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-18 06:56 - 2015-09-10 06:10 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-18 01:16 - 2015-10-12 13:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-18 01:16 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-18 01:16 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-18 01:16 - 2014-11-05 21:24 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2015-12-18 01:15 - 2015-03-31 10:17 - 00000000 ____D C:\ProgramData\Origin
2015-12-17 23:21 - 2015-03-31 10:17 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-17 23:18 - 2014-09-29 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-17 23:18 - 2014-09-29 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-15 21:03 - 2015-10-12 14:25 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-15 21:01 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-15 18:22 - 2014-09-27 17:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-15 18:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-15 17:06 - 2015-03-31 10:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Origin
2015-12-14 16:15 - 2015-10-12 13:41 - 00002415 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-13 20:13 - 2014-11-28 00:27 - 00000000 ____D C:\Users\Peter\AppData\Roaming\TS3Client
2015-12-13 11:35 - 2015-06-13 07:24 - 00001178 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001Core.job
2015-12-11 06:40 - 2014-09-25 18:06 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2015-12-10 19:23 - 2014-10-01 20:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 19:22 - 2014-09-27 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 19:22 - 2014-09-27 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 19:21 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-10 19:20 - 2014-09-25 18:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 19:17 - 2014-09-25 18:26 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 20:01 - 2015-10-12 13:30 - 00000000 ____D C:\Users\Peter
2015-12-09 13:57 - 2015-01-22 19:46 - 00000000 ____D C:\Users\Peter\AppData\Local\NVIDIA Corporation
2015-12-08 16:34 - 2015-03-31 10:19 - 00000000 ____D C:\Users\Peter\AppData\Local\Origin
2015-12-08 16:04 - 2015-03-31 10:20 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-07 00:28 - 2014-11-28 00:28 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-04 16:12 - 2014-09-27 17:26 - 00004182 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 16:12 - 2014-09-27 17:26 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 22:51 - 2015-08-14 10:33 - 22127272 _____ (Fiducia & GAD IT AG, Münster) C:\Users\Peter\Desktop\VB-Münster.exe
2015-12-01 16:21 - 2014-09-29 17:33 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-01 16:21 - 2014-09-29 17:33 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-01 16:21 - 2014-09-29 17:33 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-01 16:21 - 2014-09-29 17:33 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-30 19:30 - 2015-10-15 14:05 - 00000000 ____D C:\Users\Peter\AppData\Local\Battle.net
2015-11-30 19:29 - 2015-10-15 14:04 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-25 17:58 - 2015-11-09 16:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-25 11:58 - 2014-10-01 20:47 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2015-11-24 18:47 - 2015-04-12 02:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-24 18:46 - 2014-10-21 21:48 - 00000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2015-11-23 11:10 - 2014-12-07 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 12
2015-11-23 08:04 - 2014-10-01 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-26 23:35 - 2015-01-26 23:35 - 0002101 _____ () C:\Users\Peter\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-09 20:42

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-12-2015
durchgeführt von Peter (2015-12-20 10:07:29)
Gestartet von C:\Users\Peter\Desktop
Windows 10 Home (X64) (2015-10-12 12:39:30)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3501281241-138803316-725630430-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3501281241-138803316-725630430-503 - Limited - Disabled)
Gast (S-1-5-21-3501281241-138803316-725630430-501 - Limited - Disabled)
Peter (S-1-5-21-3501281241-138803316-725630430-1001 - Administrator - Enabled) => C:\Users\Peter

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Audials (HKLM-x32\...\{BC9B1130-6992-4C49-A166-A2220E220815}) (Version: 12.1.10000.0 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.60.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-2650 Series Printer Uninstall (HKLM\...\EPSON WF-2650 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.64673.4 - Electronic Arts)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearts of Iron III (HKLM-x32\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version:  - )
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.91.22.0 - Overwolf Ltd.)
PDF Experte Ultimate Testversion (HKLM-x32\...\{1B9D9CB3-A817-4f3e-B018-5C0967D5B425}) (Version: 9.00 - Avanquest)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Presto! PageManager 9.32  (HKLM-x32\...\{378DD150-B73B-42A2-954C-B27B70167B66}) (Version: 9.32.10 - Newsoft Technology Corporation)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Quick View (HKLM-x32\...\{847C1E81-8A3F-49BF-8FF0-189E56634656}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{E8DDC6BB-0080-4E70-840B-58B74FBCDE11}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-12-2015 13:27:14 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E5CF0B5-D4C4-4B32-BC3F-495DE9575B61} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001Core => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {1CED51D8-AB26-4C71-97F5-47C2EB00F350} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {23071AFD-CFC5-44EF-88A8-8D652A485BBD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001UA => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {321D1D4B-21EE-4CB9-B6B5-84C0FE93F2DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {45A996AA-6B80-4EB5-A5AB-3BE0FF094D11} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4712EAA2-51BF-4FA3-BF29-1617206FFFF5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {4A56A051-0042-4806-B80F-EB0B438F87A6} - System32\Tasks\EPSON WF-2650 Series Update {A8225B49-B2EF-46DA-9489-E1768911EA1F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {66DD019A-3D93-442B-A0B3-4E4946B90BBA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {68901BCC-6754-496E-B5FA-06AFF3122143} - System32\Tasks\Western Digital\SmartWare\____Volume_bdd31606_8c82_4952_8c43_741caf3c7ab7______Volume_eda84e6f_5f9f_11e4_be74_d43d7e2df5c8__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2015-07-20] (Western Digital Technologies, Inc.)
Task: {6AB7F735-E47B-4DFE-B98A-D7B96FBB876F} - System32\Tasks\{A102B7EC-6F71-491B-A389-07B9692B878D} => pcalua.exe -a E:\FileRgn.exe -d E:\
Task: {6E1E8CAD-648A-4AA8-B6DD-94C6119D4954} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6F2CF347-8A61-4DA5-919B-8FB73EB55EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8D5FBBB8-BA3D-434E-88F0-DFC23CD3A66A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {A0AF6F1F-33D0-4FC6-A6C3-8B35ADD7FF32} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-01] (Overwolf LTD)
Task: {A57B56CD-F9EB-4CB4-9F4E-21C0F545B615} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {ABA169B1-03AC-4D35-8430-E46A8D792F04} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CBE54687-5094-4C7F-8B76-420CC8F86294} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {CE5758C1-CFCB-437B-9FCE-925BC279EF5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D453DC91-ED9D-448C-9BCD-12191E7A6E9D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D49BBBAE-2376-4419-A290-59BE381914D5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D64BF529-A81A-4064-AC40-F6CBBF12EAEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {D7AE71F5-7A79-4A40-9F48-49649A177F18} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D8B9282E-2C34-4487-9B41-1055917A1A2B} - System32\Tasks\EPSON WF-2650 Series Update {337FE276-AC21-4B52-8359-CAF96D1767B8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DD3D12FA-E587-418B-9163-A2110E4ED6CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FC5594D9-8403-4C18-BEDE-A15C81260C91} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001Core.job => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001UA.job => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {337FE276-AC21-4B52-8359-CAF96D1767B8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{337FE276-AC21-4B52-8359-CAF96D1767B8} /F:UpdateWORKGROUP\PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {74829AD9-5596-4597-BA80-2352C2DC6D16}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{74829AD9-5596-4597-BA80-2352C2DC6D16} /F:UpdateWORKGROUP\PC$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {A8225B49-B2EF-46DA-9489-E1768911EA1F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{A8225B49-B2EF-46DA-9489-E1768911EA1F} /F:UpdateWORKGROUP\PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-12 13:27 - 2015-11-05 16:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 10:31 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 10:31 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 10:31 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-16 23:18 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:18 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-31 09:46 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-26 00:04 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-26 00:04 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-26 00:04 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-26 00:04 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-26 00:04 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-26 00:04 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-26 00:04 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-11-26 00:04 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-10 01:36 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 01:36 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 01:36 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-10 01:36 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00031568 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2015-10-05 17:16 - 2015-11-05 01:04 - 00293392 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-10 01:36 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-10 01:36 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 05:28 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-08-28 19:30 - 2008-11-17 13:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\nsSign.dll
2015-08-28 19:30 - 2014-02-28 09:25 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PerformOcr.dll
2015-08-28 19:30 - 2014-01-23 13:02 - 00172032 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMCommon.dll
2015-08-28 19:30 - 2014-01-23 13:03 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMISM.dll
2015-08-28 19:30 - 2013-07-22 10:08 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PHooKDlg.dll
2015-08-28 19:30 - 2013-10-25 15:21 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSet.dll
2015-08-28 19:29 - 2011-12-22 12:36 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\Qem.dll
2015-08-28 19:29 - 2014-02-17 09:42 - 00135168 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\ComClass.dll
2015-08-28 19:29 - 2014-01-05 14:03 - 01494528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\cairo.dll
2015-08-28 19:29 - 2014-02-17 09:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\CloudManager.dll
2015-08-28 19:30 - 2014-02-17 09:45 - 00118784 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSave.dll
2015-08-28 19:30 - 2014-02-17 09:43 - 00667648 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMDB_N.dll
2015-08-28 19:30 - 2013-11-27 09:28 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMINSO.dll
2015-08-28 19:30 - 2014-01-23 19:13 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMANO.dll
2015-08-28 19:30 - 2013-04-26 13:06 - 00053248 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMOffice.dll
2015-08-28 19:30 - 2007-03-30 10:08 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\NSWinZip.dll
2015-08-28 19:30 - 2014-03-13 20:22 - 00208896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\ScanModule.dll
2015-08-28 19:30 - 2014-02-17 09:43 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMTree.dll
2015-08-28 19:30 - 2013-12-25 09:22 - 00110592 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMProp.dll
2015-08-28 19:30 - 2013-07-22 10:12 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMVoice.dll
2015-08-28 19:30 - 2013-06-22 10:10 - 00077824 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\OutlookVBA.dll
2015-08-28 19:30 - 2013-07-31 08:20 - 00344064 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMAppBar.dll
2015-08-28 19:30 - 2014-02-25 08:20 - 04669440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMView.dll
2015-08-28 19:30 - 2007-03-30 09:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\NsOEMKey.dll
2015-08-28 19:30 - 2014-01-26 14:09 - 00442368 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMPageVW.dll
2015-08-28 19:30 - 2014-02-17 09:45 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMDocVW.dll
2015-08-28 19:30 - 2014-01-23 13:03 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\SlideBarDLL.dll
2015-08-28 19:30 - 2014-02-17 09:45 - 00188416 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMImgVW.dll
2015-08-28 19:30 - 2013-07-22 10:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMIEVW.dll
2015-08-28 19:30 - 2013-12-25 09:20 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMPDFView.dll
2015-08-28 19:30 - 2013-07-22 10:08 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMAnoSet.dll
2015-08-28 19:30 - 2013-07-22 10:09 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMApSet.dll
2015-08-28 19:30 - 2013-06-22 10:12 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMStatus.dll
2015-08-28 19:30 - 2014-02-28 09:25 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMScnSet.dll
2015-08-28 19:29 - 2013-07-22 10:15 - 00028672 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\Import.dll
2015-08-28 19:30 - 2013-07-22 10:14 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMImageSplitter.dll
2015-08-28 19:30 - 2013-06-22 10:09 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\NetFun2K.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3501281241-138803316-725630430-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\Urlaub\Südafrika 16 - 27.03.2015\Kap der Guten Hoffnung, Seal Island, Pinguine 18.03.2015\P1000981.JPG
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> D:\Bilder\Urlaub\Südafrika 16 - 27.03.2015\Kap der Guten Hoffnung, Seal Island, Pinguine 18.03.2015\P1000981.JPG
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Overwolf"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{76835413-10D4-4D68-8A9B-8CFAE2FD7ADC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{CB104195-5115-450B-805B-2381B891F183}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{89DB49D5-D5F8-49B0-9061-7A4E64F37EFE}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\LicenseCheck.exe
FirewallRules: [{6AD9DA3D-3A05-4261-A49F-762F97813E2F}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\LicenseCheck.exe
FirewallRules: [{43D7D801-579E-407F-9CE8-B3A3E332A677}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{496BC6E5-9436-4504-8FA7-6FA92A1853A5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{F152A80D-07F2-460F-B8B9-DDDC51B84E8C}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{C03F89BF-7E62-4E28-B502-01B3ED780E49}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7847209A-CA4B-48CA-BB22-DA601BAE1969}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A7E16A21-3F72-4DFC-9B49-FE50AD0D3248}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A9B7B5E-FFE9-4921-8D64-2C2811944E3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3E0BB217-95BE-4955-A6E4-87A271834A58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{15CD9402-6023-4609-9845-9376F50C4047}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{48E0A04C-A7F4-4A42-B47E-E6066AEE65A6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{870D1668-914E-49FE-8054-522FB4AC4D69}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{F85C94B1-F6AE-427A-96E5-434FF23C7280}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4CDBC95A-4266-4CC7-BFA6-48E9FC3EE688}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{439874E3-D455-4F90-B1F4-DB4DBC1580A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{916FAFB0-AD94-4CE6-827A-25EE6DA5D242}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E348E6D-2C9E-4AA0-9DA1-2C20C55EE636}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9C3F099-F863-4712-8824-39DA03F1E86D}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{66CFF4F2-84BA-4064-A084-1AC6BEAFD22E}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8178D6FE-A07E-42A2-9447-B36AD2EE411B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BEEF8375-1077-46E0-AF0A-6F3D4319A1A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{6509715D-4FFF-48E5-9F85-47711C242DC2}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3EA41D90-239E-43D4-8030-F98B09D2568E}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CD1A029E-EB15-4B9A-BDF5-8447D414ABDB}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7AE06CD8-751F-4ECB-86D0-071153E6F4DD}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C42F6C0D-13C1-414C-A9BC-EC45375615C7}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D6B9505C-B75F-415D-BE17-B243B6C805D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{019DFA42-03C1-4F4A-A449-8087439D8869}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{78F0CAB7-2674-4A08-AD2C-2C76B654C1E7}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [UDP Query User{A0D92CAA-BE09-4716-BD13-D91C498E45C9}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{E52D8FE8-08C2-4363-9469-E745C9FDD86B}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{43B1D521-EAFB-4477-B4AE-27A8F416C32F}] => (Allow) LPort=1900
FirewallRules: [{BB1A74E9-53DB-4113-9760-8D6A5C30AD70}] => (Allow) LPort=2869
FirewallRules: [{CD60E7AF-72D9-4CAC-943D-222D53D9C00C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{ECFF6F2F-7B98-4CD4-B5DA-46F0120BC4F0}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F818BFCA-AE71-4B5F-B696-B13697F4A476}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6F89C87F-9D59-4991-893D-93FF5F23B268}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{23C73837-8E9F-44E5-82D7-6C29B9326DA0}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{35CF2B60-8187-4B16-9395-FA385E20F028}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{5D469EAF-B52D-468D-902F-30C7A128E1A0}] => (Allow) LPort=12972
FirewallRules: [{82764839-16E8-46A5-B75F-DA6866DB5D5C}] => (Allow) LPort=14714
FirewallRules: [{33F0770F-4BDC-4816-B0C5-06CA2DB722BA}] => (Allow) LPort=31931
FirewallRules: [{3239B938-D8F3-45A1-88C4-8F26663EBDF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CCEE1EDD-176E-44F9-8C55-56ABA68DABA4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B91D27A-3AEA-4232-8E48-3D3134803DF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2642E890-0D58-4CDC-98C2-DE7C49087125}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7ED73168-D91D-44B2-98E0-589B7C36990C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{F59AD314-C545-433C-BE11-BCD9281E900E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{2B8323F0-B8B6-47F9-A7FC-6D3FAD015FFE}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{0865BB69-2E4D-4266-9488-437C8B97CE1E}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{C173D498-7B5B-4513-B83E-F6A7E69095BC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{B09B3E1A-2148-4E4F-9243-170777EC31C2}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{CB9D9A15-E67D-47EF-929B-3A01189213EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/19/2015 12:48:24 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: PC)
Description: C:\Users\Peter\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCacheMicrosoft.WindowsStore_8wekyb3d8bbwe-2147024894

Error: (12/19/2015 12:48:24 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: PC)
Description: C:\Users\Peter\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCacheMicrosoft.WindowsStore_8wekyb3d8bbwe-2147024894

Error: (12/19/2015 12:48:23 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: PC)
Description: C:\Users\Peter\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCacheMicrosoft.WindowsStore_8wekyb3d8bbwe-2147024894

Error: (12/18/2015 02:49:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/18/2015 01:16:54 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/18/2015 01:16:54 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (12/18/2015 01:16:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/17/2015 02:19:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/16/2015 09:29:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/16/2015 01:27:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (12/20/2015 10:04:47 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/19/2015 04:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/19/2015 04:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/19/2015 04:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/19/2015 04:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/19/2015 04:04:25 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/19/2015 04:01:11 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/19/2015 12:48:24 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/19/2015 12:48:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _Session5 erreicht.

Error: (12/19/2015 12:48:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _Session5 erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8155.5 MB
Verfügbarer physikalischer RAM: 5726.4 MB
Summe virtueller Speicher: 9435.5 MB
Verfügbarer virtueller Speicher: 6768.82 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.08 GB) (Free:85.94 GB) NTFS
Drive d: (My Book) (Fixed) (Total:2794.49 GB) (Free:2672.17 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 15.12.2015
Suchlaufzeit: 18:02
Protokolldatei: Anti-Malware.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.15.04
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Peter

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 383508
Abgelaufene Zeit: 5 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.DownloaderGuide, C:\Users\Peter\Downloads\jetzt_installieren.exe, In Quarantäne, [c39d5154206b72c4ba3a9e0811f349b7], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Ich weiß nicht ob das wichtig ist aber ich poste es mal mit.

deeprybka · 20.12.2015, 16:10

Zitat:

Zitat von Dummie

Hallo,
meine Online-Banking Software sagt mir, dass auf meinen Rechner ein schadhaftes Programm ist.

Poste bitte mal einen Screenshot und entferne vorher persönliche Daten.

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Dummie · 20.12.2015, 17:58

Code:

ATTFilter

17:51:43.0005 0x2618  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:51:43.0005 0x2618  UEFI system
17:51:45.0209 0x2618  ============================================================
17:51:45.0209 0x2618  Current date / time: 2015/12/20 17:51:45.0209
17:51:45.0209 0x2618  SystemInfo:
17:51:45.0209 0x2618  
17:51:45.0209 0x2618  OS Version: 10.0.10240 ServicePack: 0.0
17:51:45.0209 0x2618  Product type: Workstation
17:51:45.0209 0x2618  ComputerName: PC
17:51:45.0209 0x2618  UserName: Peter
17:51:45.0209 0x2618  Windows directory: C:\WINDOWS
17:51:45.0209 0x2618  System windows directory: C:\WINDOWS
17:51:45.0209 0x2618  Running under WOW64
17:51:45.0209 0x2618  Processor architecture: Intel x64
17:51:45.0209 0x2618  Number of processors: 4
17:51:45.0209 0x2618  Page size: 0x1000
17:51:45.0209 0x2618  Boot type: Normal boot
17:51:45.0209 0x2618  ============================================================
17:51:46.0084 0x2618  KLMD registered as C:\WINDOWS\system32\drivers\84659401.sys
17:51:46.0178 0x2618  System UUID: {4E036C41-5DAC-83EF-AB8C-EF04D2EE519A}
17:51:46.0475 0x2618  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:51:46.0490 0x2618  Drive \Device\Harddisk1\DR1 - Size: 0x2BA9F400000 ( 2794.49 Gb ), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:51:46.0490 0x2618  ============================================================
17:51:46.0490 0x2618  \Device\Harddisk0\DR0:
17:51:46.0490 0x2618  GPT partitions:
17:51:46.0490 0x2618  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F4B057AF-4BAF-4DCD-8196-79422ED1F584}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
17:51:46.0490 0x2618  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B0FD16A7-FC31-4CE4-B624-70F78EA0C0EE}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x31800
17:51:46.0490 0x2618  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1273D851-7057-4EFE-BEB0-05381DF5BA75}, Name: Microsoft reserved partition, StartLBA 0xC8000, BlocksNum 0x40000
17:51:46.0490 0x2618  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BDD31606-8C82-4952-8C43-741CAF3C7AB7}, Name: Basic data partition, StartLBA 0x108000, BlocksNum 0x1DA29000
17:51:46.0490 0x2618  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {228A9D3F-A84C-47AC-8E24-5E7BB6F0D1D0}, Name: , StartLBA 0x1DB31000, BlocksNum 0xE1000
17:51:46.0490 0x2618  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B7B25D5A-915F-43BC-B9D9-78F57C581959}, Name: , StartLBA 0x1DC12000, BlocksNum 0xE1000
17:51:46.0490 0x2618  MBR partitions:
17:51:46.0490 0x2618  \Device\Harddisk1\DR1:
17:51:46.0490 0x2618  MBR partitions:
17:51:46.0490 0x2618  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BA9F300
17:51:46.0490 0x2618  ============================================================
17:51:46.0490 0x2618  C: <-> \Device\Harddisk0\DR0\Partition4
17:51:46.0490 0x2618  D: <-> \Device\Harddisk1\DR1\Partition1
17:51:46.0490 0x2618  ============================================================
17:51:46.0490 0x2618  Initialize success
17:51:46.0490 0x2618  ============================================================
17:51:52.0741 0x111c  ============================================================
17:51:52.0741 0x111c  Scan started
17:51:52.0741 0x111c  Mode: Manual; SigCheck; TDLFS; 
17:51:52.0741 0x111c  ============================================================
17:51:52.0741 0x111c  KSN ping started
17:51:55.0065 0x111c  KSN ping finished: true
17:51:55.0455 0x111c  ================ Scan system memory ========================
17:51:55.0455 0x111c  System memory - ok
17:51:55.0455 0x111c  ================ Scan services =============================
17:51:55.0533 0x111c  [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:51:55.0580 0x111c  1394ohci - ok
17:51:55.0596 0x111c  [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:51:55.0596 0x111c  3ware - ok
17:51:55.0611 0x111c  [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:51:55.0627 0x111c  ACPI - ok
17:51:55.0643 0x111c  [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:51:55.0643 0x111c  acpiex - ok
17:51:55.0658 0x111c  [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:51:55.0658 0x111c  acpipagr - ok
17:51:55.0674 0x111c  [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:51:55.0674 0x111c  AcpiPmi - ok
17:51:55.0674 0x111c  [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:51:55.0690 0x111c  acpitime - ok
17:51:55.0690 0x111c  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:51:55.0705 0x111c  AdobeARMservice - ok
17:51:55.0752 0x111c  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:51:55.0768 0x111c  AdobeFlashPlayerUpdateSvc - ok
17:51:55.0783 0x111c  [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:51:55.0815 0x111c  ADP80XX - ok
17:51:55.0830 0x111c  [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:51:55.0846 0x111c  AFD - ok
17:51:55.0861 0x111c  [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:51:55.0861 0x111c  agp440 - ok
17:51:55.0877 0x111c  [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:51:55.0893 0x111c  ahcache - ok
17:51:55.0893 0x111c  [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
17:51:55.0893 0x111c  AJRouter - ok
17:51:55.0908 0x111c  [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG             C:\WINDOWS\System32\alg.exe
17:51:55.0924 0x111c  ALG - ok
17:51:55.0924 0x111c  [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:51:55.0940 0x111c  AmdK8 - ok
17:51:55.0940 0x111c  [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:51:55.0955 0x111c  AmdPPM - ok
17:51:55.0955 0x111c  [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:51:55.0971 0x111c  amdsata - ok
17:51:55.0971 0x111c  [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:51:55.0986 0x111c  amdsbs - ok
17:51:55.0986 0x111c  [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:51:56.0002 0x111c  amdxata - ok
17:51:56.0033 0x111c  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:51:56.0049 0x111c  AntiVirMailService - ok
17:51:56.0065 0x111c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:51:56.0080 0x111c  AntiVirSchedulerService - ok
17:51:56.0080 0x111c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:51:56.0096 0x111c  AntiVirService - ok
17:51:56.0143 0x111c  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:51:56.0174 0x111c  AntiVirWebService - ok
17:51:56.0174 0x111c  [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:51:56.0190 0x111c  AppID - ok
17:51:56.0190 0x111c  [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:51:56.0205 0x111c  AppIDSvc - ok
17:51:56.0205 0x111c  [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:51:56.0221 0x111c  Appinfo - ok
17:51:56.0237 0x111c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:51:56.0237 0x111c  Apple Mobile Device Service - ok
17:51:56.0252 0x111c  [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:51:56.0283 0x111c  AppReadiness - ok
17:51:56.0330 0x111c  [ D6D96E20079D902243690DCBB007F997, 4E3FAED92F6434D689CCC7AE3A077819BCD2E99D7D2C293563B2E0DCF08CC42F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:51:56.0393 0x111c  AppXSvc - ok
17:51:56.0393 0x111c  [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:51:56.0408 0x111c  arcsas - ok
17:51:56.0408 0x111c  [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
17:51:56.0424 0x111c  AsyncMac - ok
17:51:56.0424 0x111c  [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:51:56.0424 0x111c  atapi - ok
17:51:56.0440 0x111c  [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:51:56.0455 0x111c  AudioEndpointBuilder - ok
17:51:56.0487 0x111c  [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:51:56.0518 0x111c  Audiosrv - ok
17:51:56.0518 0x111c  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:51:56.0533 0x111c  avgntflt - ok
17:51:56.0533 0x111c  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:51:56.0549 0x111c  avipbb - ok
17:51:56.0549 0x111c  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:51:56.0565 0x111c  Avira.ServiceHost - ok
17:51:56.0565 0x111c  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:51:56.0565 0x111c  avkmgr - ok
17:51:56.0580 0x111c  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:51:56.0580 0x111c  avnetflt - ok
17:51:56.0580 0x111c  [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:51:56.0596 0x111c  AxInstSV - ok
17:51:56.0612 0x111c  [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:51:56.0627 0x111c  b06bdrv - ok
17:51:56.0643 0x111c  [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:51:56.0643 0x111c  BasicDisplay - ok
17:51:56.0643 0x111c  [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:51:56.0658 0x111c  BasicRender - ok
17:51:56.0658 0x111c  [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:51:56.0674 0x111c  bcmfn2 - ok
17:51:56.0674 0x111c  [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:51:56.0690 0x111c  BDESVC - ok
17:51:56.0705 0x111c  [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:51:56.0705 0x111c  Beep - ok
17:51:56.0721 0x111c  [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE             C:\WINDOWS\System32\bfe.dll
17:51:56.0752 0x111c  BFE - ok
17:51:56.0783 0x111c  [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:51:56.0815 0x111c  BITS - ok
17:51:56.0830 0x111c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:51:56.0846 0x111c  Bonjour Service - ok
17:51:56.0863 0x111c  [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:51:56.0878 0x111c  bowser - ok
17:51:56.0884 0x111c  [ 7487B46E104303E247F68D485C12326F, BAC6A4FFD5B4009B4B673479630FAA2784618438925DFB6489F07BF163188114 ] BRDriver64_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys
17:51:56.0891 0x111c  BRDriver64_1_3_3_E02B25FC - ok
17:51:56.0905 0x111c  [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:51:56.0929 0x111c  BrokerInfrastructure - ok
17:51:56.0935 0x111c  [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser         C:\WINDOWS\System32\browser.dll
17:51:56.0947 0x111c  Browser - ok
17:51:56.0956 0x111c  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
17:51:56.0967 0x111c  BRSptStub - ok
17:51:56.0979 0x111c  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
17:51:56.0991 0x111c  BRSptSvc - ok
17:51:56.0995 0x111c  [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:51:57.0006 0x111c  BthAvrcpTg - ok
17:51:57.0010 0x111c  [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:51:57.0021 0x111c  BthHFEnum - ok
17:51:57.0025 0x111c  [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:51:57.0035 0x111c  bthhfhid - ok
17:51:57.0044 0x111c  [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:51:57.0061 0x111c  BthHFSrv - ok
17:51:57.0065 0x111c  [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:51:57.0076 0x111c  BTHMODEM - ok
17:51:57.0082 0x111c  [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:51:57.0093 0x111c  bthserv - ok
17:51:57.0096 0x111c  [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
17:51:57.0107 0x111c  buttonconverter - ok
17:51:57.0111 0x111c  [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
17:51:57.0123 0x111c  CapImg - ok
17:51:57.0127 0x111c  [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:51:57.0139 0x111c  cdfs - ok
17:51:57.0145 0x111c  [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
17:51:57.0158 0x111c  CDPSvc - ok
17:51:57.0164 0x111c  [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:51:57.0178 0x111c  cdrom - ok
17:51:57.0184 0x111c  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:51:57.0201 0x111c  CertPropSvc - ok
17:51:57.0206 0x111c  [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:51:57.0216 0x111c  circlass - ok
17:51:57.0226 0x111c  [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:51:57.0241 0x111c  CLFS - ok
17:51:57.0257 0x111c  [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
17:51:57.0268 0x111c  ClipSVC - ok
17:51:57.0284 0x111c  [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:51:57.0284 0x111c  CmBatt - ok
17:51:57.0312 0x111c  [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:51:57.0333 0x111c  CNG - ok
17:51:57.0337 0x111c  [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
17:51:57.0346 0x111c  cnghwassist - ok
17:51:57.0371 0x111c  [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
17:51:57.0386 0x111c  CompositeBus - ok
17:51:57.0386 0x111c  COMSysApp - ok
17:51:57.0386 0x111c  [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:51:57.0402 0x111c  condrv - ok
17:51:57.0417 0x111c  [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
17:51:57.0433 0x111c  CoreMessagingRegistrar - ok
17:51:57.0454 0x111c  [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:51:57.0467 0x111c  CryptSvc - ok
17:51:57.0470 0x111c  [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:51:57.0479 0x111c  dam - ok
17:51:57.0500 0x111c  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:51:57.0532 0x111c  DcomLaunch - ok
17:51:57.0539 0x111c  [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
17:51:57.0557 0x111c  DcpSvc - ok
17:51:57.0570 0x111c  [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:51:57.0595 0x111c  defragsvc - ok
17:51:57.0606 0x111c  [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:51:57.0624 0x111c  DeviceAssociationService - ok
17:51:57.0624 0x111c  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:51:57.0639 0x111c  DeviceInstall - ok
17:51:57.0639 0x111c  [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
17:51:57.0664 0x111c  DevQueryBroker - ok
17:51:57.0669 0x111c  [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:51:57.0682 0x111c  Dfsc - ok
17:51:57.0687 0x111c  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:51:57.0687 0x111c  dg_ssudbus - ok
17:51:57.0703 0x111c  [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:51:57.0718 0x111c  Dhcp - ok
17:51:57.0718 0x111c  [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
17:51:57.0734 0x111c  diagnosticshub.standardcollector.service - ok
17:51:57.0773 0x111c  [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:51:57.0802 0x111c  DiagTrack - ok
17:51:57.0818 0x111c  [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:51:57.0818 0x111c  disk - ok
17:51:57.0833 0x111c  [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
17:51:57.0849 0x111c  DmEnrollmentSvc - ok
17:51:57.0849 0x111c  [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:51:57.0870 0x111c  dmvsc - ok
17:51:57.0874 0x111c  [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
17:51:57.0887 0x111c  dmwappushservice - ok
17:51:57.0895 0x111c  [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:51:57.0912 0x111c  Dnscache - ok
17:51:57.0921 0x111c  [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:51:57.0937 0x111c  dot3svc - ok
17:51:57.0937 0x111c  [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS             C:\WINDOWS\system32\dps.dll
17:51:57.0952 0x111c  DPS - ok
17:51:57.0952 0x111c  [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:51:57.0968 0x111c  drmkaud - ok
17:51:57.0968 0x111c  [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:51:57.0994 0x111c  DsmSvc - ok
17:51:58.0000 0x111c  [ D920A8B070A9BA5C9DEFC3BA7C3883B5, 8EA05CDE58930EB16B4B502561AF2DB5229658FDC1948A9A8F249A7402C21398 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
17:51:58.0013 0x111c  DsSvc - ok
17:51:58.0052 0x111c  [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:51:58.0099 0x111c  DXGKrnl - ok
17:51:58.0099 0x111c  [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:51:58.0120 0x111c  Eaphost - ok
17:51:58.0185 0x111c  [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:51:58.0269 0x111c  ebdrv - ok
17:51:58.0269 0x111c  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS             C:\WINDOWS\System32\lsass.exe
17:51:58.0284 0x111c  EFS - ok
17:51:58.0284 0x111c  [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:51:58.0300 0x111c  EhStorClass - ok
17:51:58.0307 0x111c  [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:51:58.0317 0x111c  EhStorTcgDrv - ok
17:51:58.0321 0x111c  [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
17:51:58.0322 0x111c  embeddedmode - ok
17:51:58.0338 0x111c  [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
17:51:58.0358 0x111c  EntAppSvc - ok
17:51:58.0363 0x111c  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
17:51:58.0371 0x111c  EpsonScanSvc - ok
17:51:58.0374 0x111c  [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:51:58.0383 0x111c  ErrDev - ok
17:51:58.0387 0x111c  [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem     C:\WINDOWS\system32\es.dll
17:51:58.0418 0x111c  EventSystem - ok
17:51:58.0418 0x111c  [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:51:58.0433 0x111c  exfat - ok
17:51:58.0449 0x111c  [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:51:58.0473 0x111c  fastfat - ok
17:51:58.0490 0x111c  [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:51:58.0516 0x111c  Fax - ok
17:51:58.0520 0x111c  [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:51:58.0520 0x111c  fdc - ok
17:51:58.0520 0x111c  [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:51:58.0535 0x111c  fdPHost - ok
17:51:58.0551 0x111c  [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:51:58.0551 0x111c  FDResPub - ok
17:51:58.0569 0x111c  [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:51:58.0586 0x111c  fhsvc - ok
17:51:58.0591 0x111c  [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
17:51:58.0602 0x111c  FileCrypt - ok
17:51:58.0607 0x111c  [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:51:58.0616 0x111c  FileInfo - ok
17:51:58.0619 0x111c  [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:51:58.0621 0x111c  Filetrace - ok
17:51:58.0621 0x111c  [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:51:58.0637 0x111c  flpydisk - ok
17:51:58.0637 0x14f4  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:51:58.0652 0x111c  [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:51:58.0670 0x111c  FltMgr - ok
17:51:58.0707 0x111c  [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:51:58.0752 0x111c  FontCache - ok
17:51:58.0770 0x111c  [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:51:58.0780 0x111c  FontCache3.0.0.0 - ok
17:51:58.0784 0x111c  [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:51:58.0793 0x111c  FsDepends - ok
17:51:58.0797 0x111c  [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:51:58.0806 0x111c  Fs_Rec - ok
17:51:58.0820 0x111c  [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:51:58.0840 0x111c  fvevol - ok
17:51:58.0844 0x111c  [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:51:58.0853 0x111c  gagp30kx - ok
17:51:58.0857 0x111c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:51:58.0861 0x111c  GEARAspiWDM - ok
17:51:58.0861 0x111c  [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:51:58.0875 0x111c  gencounter - ok
17:51:58.0878 0x111c  [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
17:51:58.0888 0x111c  genericusbfn - ok
17:51:58.0903 0x111c  [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:51:58.0934 0x111c  GfExperienceService - ok
17:51:58.0934 0x111c  [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:51:58.0950 0x111c  GPIOClx0101 - ok
17:51:58.0983 0x111c  [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:51:59.0030 0x111c  gpsvc - ok
17:51:59.0034 0x111c  [ 7BF844D362EB746BC7A6DC3F57FA3E32, C07007CF6A0A2BA953FC40A5031931131CC953A8CF3B5AFA86C8811F9C4D43C4 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
17:51:59.0044 0x111c  GpuEnergyDrv - ok
17:51:59.0044 0x111c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:51:59.0044 0x111c  gupdate - ok
17:51:59.0062 0x111c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:51:59.0068 0x111c  gupdatem - ok
17:51:59.0075 0x111c  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:51:59.0082 0x111c  gusvc - ok
17:51:59.0092 0x111c  [ FE85E924C86D6D313D61C28A451EA4DE, 22422CECDAB8EBAED6120E6CFDD57BAFC61EA12B1E3563E8605B9700DFE71EBC ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
17:51:59.0113 0x111c  HdAudAddService - ok
17:51:59.0117 0x111c  [ 27E248CD861AFED4DF0C48F4C853E7F0, 37BEA5E9D8ACAA871A441766B5FDD32A1091C0CB8B34DFA15596AD827C5EF1A4 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:51:59.0128 0x111c  HDAudBus - ok
17:51:59.0131 0x111c  [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:51:59.0141 0x111c  HidBatt - ok
17:51:59.0146 0x111c  [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:51:59.0154 0x111c  HidBth - ok
17:51:59.0154 0x111c  [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:51:59.0171 0x111c  hidi2c - ok
17:51:59.0176 0x111c  [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
17:51:59.0184 0x111c  hidinterrupt - ok
17:51:59.0188 0x111c  [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:51:59.0199 0x111c  HidIr - ok
17:51:59.0202 0x111c  [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:51:59.0213 0x111c  hidserv - ok
17:51:59.0216 0x111c  [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:51:59.0227 0x111c  HidUsb - ok
17:51:59.0235 0x111c  [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:51:59.0251 0x111c  HomeGroupListener - ok
17:51:59.0264 0x111c  [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:51:59.0286 0x111c  HomeGroupProvider - ok
17:51:59.0292 0x111c  [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:51:59.0300 0x111c  HpSAMD - ok
17:51:59.0322 0x111c  [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:51:59.0351 0x111c  HTTP - ok
17:51:59.0355 0x111c  [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:51:59.0363 0x111c  hwpolicy - ok
17:51:59.0366 0x111c  [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:51:59.0368 0x0fb8  Object required for P2P: [ 6300722E8527EC54D426FD00EE5196B2 ] Audiosrv
17:51:59.0376 0x111c  hyperkbd - ok
17:51:59.0379 0x111c  [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:51:59.0389 0x111c  HyperVideo - ok
17:51:59.0393 0x111c  [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:51:59.0406 0x111c  i8042prt - ok
17:51:59.0409 0x111c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:51:59.0416 0x111c  iaLPSSi_GPIO - ok
17:51:59.0420 0x111c  [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:51:59.0428 0x111c  iaLPSSi_I2C - ok
17:51:59.0443 0x111c  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:51:59.0459 0x111c  iaStorA - ok
17:51:59.0475 0x111c  [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:51:59.0496 0x111c  iaStorAV - ok
17:51:59.0508 0x111c  [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:51:59.0524 0x111c  iaStorV - ok
17:51:59.0535 0x111c  [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
17:51:59.0551 0x111c  ibbus - ok
17:51:59.0557 0x111c  [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
17:51:59.0572 0x111c  icssvc - ok
17:51:59.0575 0x111c  IEEtwCollectorService - ok
17:51:59.0596 0x111c  [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:51:59.0634 0x111c  IKEEXT - ok
17:51:59.0639 0x111c  [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:51:59.0648 0x111c  intelide - ok
17:51:59.0651 0x111c  [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:51:59.0660 0x111c  intelpep - ok
17:51:59.0666 0x111c  [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:51:59.0680 0x111c  intelppm - ok
17:51:59.0684 0x111c  [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
17:51:59.0700 0x111c  IoQos - ok
17:51:59.0705 0x111c  [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:51:59.0724 0x111c  IpFilterDriver - ok
17:51:59.0745 0x111c  [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:51:59.0785 0x111c  iphlpsvc - ok
17:51:59.0790 0x111c  [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:51:59.0803 0x111c  IPMIDRV - ok
17:51:59.0811 0x111c  [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:51:59.0853 0x111c  IPNAT - ok
17:51:59.0869 0x111c  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:51:59.0884 0x111c  iPod Service - ok
17:51:59.0888 0x111c  [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:51:59.0904 0x111c  IRENUM - ok
17:51:59.0907 0x111c  [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:51:59.0917 0x111c  isapnp - ok
17:51:59.0925 0x111c  [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:51:59.0940 0x111c  iScsiPrt - ok
17:51:59.0944 0x111c  [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:51:59.0953 0x111c  kbdclass - ok
17:51:59.0957 0x111c  [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:51:59.0975 0x111c  kbdhid - ok
17:51:59.0978 0x111c  [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
17:51:59.0997 0x111c  kdnic - ok
17:52:00.0000 0x111c  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:52:00.0011 0x111c  KeyIso - ok
17:52:00.0016 0x111c  [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:52:00.0027 0x111c  KSecDD - ok
17:52:00.0033 0x111c  [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:52:00.0044 0x111c  KSecPkg - ok
17:52:00.0047 0x111c  [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:52:00.0066 0x111c  ksthunk - ok
17:52:00.0076 0x111c  [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:52:00.0102 0x111c  KtmRm - ok
17:52:00.0111 0x111c  [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:52:00.0135 0x111c  LanmanServer - ok
17:52:00.0144 0x111c  [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:52:00.0166 0x111c  LanmanWorkstation - ok
17:52:00.0171 0x111c  [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
17:52:00.0182 0x111c  lfsvc - ok
17:52:00.0185 0x111c  [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
17:52:00.0197 0x111c  LicenseManager - ok
17:52:00.0201 0x111c  [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
17:52:00.0213 0x111c  lltdio - ok
17:52:00.0222 0x111c  [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:52:00.0242 0x111c  lltdsvc - ok
17:52:00.0245 0x111c  [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:52:00.0255 0x111c  lmhosts - ok
17:52:00.0261 0x111c  [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:52:00.0271 0x111c  LSI_SAS - ok
17:52:00.0276 0x111c  [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
17:52:00.0285 0x111c  LSI_SAS2i - ok
17:52:00.0290 0x111c  [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
17:52:00.0300 0x111c  LSI_SAS3i - ok
17:52:00.0304 0x111c  [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:52:00.0314 0x111c  LSI_SSS - ok
17:52:00.0331 0x111c  [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM             C:\WINDOWS\System32\lsm.dll
17:52:00.0361 0x111c  LSM - ok
17:52:00.0367 0x111c  [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:52:00.0383 0x111c  luafv - ok
17:52:00.0387 0x111c  [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker      C:\WINDOWS\System32\moshost.dll
17:52:00.0398 0x111c  MapsBroker - ok
17:52:00.0401 0x111c  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
17:52:00.0408 0x111c  MBAMProtector - ok
17:52:00.0432 0x111c  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:52:00.0458 0x111c  MBAMService - ok
17:52:00.0462 0x111c  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
17:52:00.0468 0x111c  MBAMWebAccessControl - ok
17:52:00.0473 0x111c  [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:52:00.0482 0x111c  megasas - ok
17:52:00.0496 0x111c  [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:52:00.0516 0x111c  megasr - ok
17:52:00.0520 0x111c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
17:52:00.0526 0x111c  MEIx64 - ok
17:52:00.0543 0x111c  [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
17:52:00.0565 0x111c  mlx4_bus - ok
17:52:00.0569 0x111c  [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
17:52:00.0580 0x111c  MMCSS - ok
17:52:00.0584 0x111c  [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:52:00.0597 0x111c  Modem - ok
17:52:00.0600 0x111c  [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:52:00.0611 0x111c  monitor - ok
17:52:00.0615 0x111c  [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:52:00.0625 0x111c  mouclass - ok
17:52:00.0629 0x111c  [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:52:00.0640 0x111c  mouhid - ok
17:52:00.0644 0x111c  [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:52:00.0654 0x111c  mountmgr - ok
17:52:00.0658 0x111c  [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:52:00.0669 0x111c  mpsdrv - ok
17:52:00.0689 0x111c  [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:52:00.0723 0x111c  MpsSvc - ok
17:52:00.0730 0x111c  [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:52:00.0749 0x111c  MRxDAV - ok
17:52:00.0764 0x111c  [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:52:00.0785 0x111c  mrxsmb - ok
17:52:00.0794 0x111c  [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:52:00.0812 0x111c  mrxsmb10 - ok
17:52:00.0821 0x111c  [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:52:00.0837 0x111c  mrxsmb20 - ok
17:52:00.0842 0x111c  [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
17:52:00.0856 0x111c  MsBridge - ok
17:52:00.0862 0x111c  [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:52:00.0878 0x111c  MSDTC - ok
17:52:00.0883 0x111c  [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:52:00.0900 0x111c  Msfs - ok
17:52:00.0903 0x111c  [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:52:00.0913 0x111c  msgpiowin32 - ok
17:52:00.0916 0x111c  [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:52:00.0925 0x111c  mshidkmdf - ok
17:52:00.0928 0x111c  [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:52:00.0937 0x111c  mshidumdf - ok
17:52:00.0940 0x111c  [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:52:00.0948 0x111c  msisadrv - ok
17:52:00.0954 0x111c  [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:52:00.0968 0x111c  MSiSCSI - ok
17:52:00.0970 0x111c  msiserver - ok
17:52:00.0973 0x111c  [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:52:00.0983 0x111c  MSKSSRV - ok
17:52:00.0987 0x111c  [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
17:52:01.0000 0x111c  MsLldp - ok
17:52:01.0003 0x111c  [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:52:01.0013 0x111c  MSPCLOCK - ok
17:52:01.0016 0x111c  [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:52:01.0026 0x111c  MSPQM - ok
17:52:01.0035 0x111c  [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:52:01.0050 0x111c  MsRPC - ok
17:52:01.0055 0x111c  [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:52:01.0063 0x111c  mssmbios - ok
17:52:01.0066 0x111c  [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:52:01.0072 0x14f4  Object send P2P result: true
17:52:01.0072 0x14f4  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:52:01.0077 0x111c  MSTEE - ok
17:52:01.0080 0x111c  [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:52:01.0090 0x111c  MTConfig - ok
17:52:01.0094 0x111c  [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:52:01.0105 0x111c  Mup - ok
17:52:01.0109 0x111c  [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:52:01.0118 0x111c  mvumis - ok
17:52:01.0134 0x111c  [ E605F35F03C881DC46902E0E2F5985B3, C97F0C733377E35B463EF7F6A5B879DA21AB512719899160C09278615FE39A21 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
17:52:01.0151 0x111c  MyEpson Portal Service - ok
17:52:01.0167 0x111c  [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:52:01.0190 0x111c  NativeWifiP - ok
17:52:01.0197 0x111c  [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:52:01.0211 0x111c  NcaSvc - ok
17:52:01.0220 0x111c  [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:52:01.0239 0x111c  NcbService - ok
17:52:01.0244 0x111c  [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:52:01.0263 0x111c  NcdAutoSetup - ok
17:52:01.0267 0x111c  [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
17:52:01.0277 0x111c  ndfltr - ok
17:52:01.0303 0x111c  [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:52:01.0334 0x111c  NDIS - ok
17:52:01.0339 0x111c  [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
17:52:01.0350 0x111c  NdisCap - ok
17:52:01.0355 0x111c  [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
17:52:01.0369 0x111c  NdisImPlatform - ok
17:52:01.0373 0x111c  [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:52:01.0384 0x111c  NdisTapi - ok
17:52:01.0389 0x111c  [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
17:52:01.0401 0x111c  Ndisuio - ok
17:52:01.0405 0x111c  [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:52:01.0418 0x111c  NdisVirtualBus - ok
17:52:01.0425 0x111c  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
17:52:01.0441 0x111c  NdisWan - ok
17:52:01.0447 0x111c  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:52:01.0463 0x111c  ndiswanlegacy - ok
17:52:01.0467 0x111c  [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
17:52:01.0482 0x111c  ndproxy - ok
17:52:01.0487 0x111c  [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:52:01.0499 0x111c  Ndu - ok
17:52:01.0503 0x111c  [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
17:52:01.0513 0x111c  NetBIOS - ok
17:52:01.0523 0x111c  [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:52:01.0539 0x111c  NetBT - ok
17:52:01.0543 0x111c  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:52:01.0553 0x111c  Netlogon - ok
17:52:01.0561 0x111c  [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman          C:\WINDOWS\System32\netman.dll
17:52:01.0580 0x111c  Netman - ok
17:52:01.0594 0x111c  [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:52:01.0619 0x111c  netprofm - ok
17:52:01.0627 0x111c  [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
17:52:01.0642 0x111c  NetSetupSvc - ok
17:52:01.0653 0x111c  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:01.0664 0x111c  NetTcpPortSharing - ok
17:52:01.0669 0x111c  [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
17:52:01.0681 0x111c  netvsc - ok
17:52:01.0690 0x111c  [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
17:52:01.0707 0x111c  NgcCtnrSvc - ok
17:52:01.0711 0x111c  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc          C:\WINDOWS\system32\lsass.exe
17:52:01.0721 0x111c  NgcSvc - ok
17:52:01.0731 0x111c  [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:52:01.0751 0x111c  NlaSvc - ok
17:52:01.0755 0x111c  [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:52:01.0767 0x111c  Npfs - ok
17:52:01.0770 0x111c  [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:52:01.0780 0x111c  npsvctrig - ok
17:52:01.0783 0x111c  [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:52:01.0794 0x111c  nsi - ok
17:52:01.0798 0x111c  [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:52:01.0809 0x111c  nsiproxy - ok
17:52:01.0855 0x111c  [ BA8DC96D1DD7785EB0589CB1777208B7, 09B486A20D9F22FE50CB4FBC0C801609F522FA99F5FBC43107336B7D98457D91 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
17:52:01.0877 0x0fb8  Object send P2P result: true
17:52:01.0877 0x0fb8  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
17:52:01.0906 0x111c  NTFS - ok
17:52:01.0911 0x111c  [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:52:01.0921 0x111c  Null - ok
17:52:01.0929 0x111c  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
17:52:01.0937 0x111c  NVHDA - ok
17:52:02.0165 0x111c  [ F4EBF9C00993F8FDD9A05D727EF14CB2, 86AAF6F3C29CC4852BD4D1948E6D2EE1E969AE8B94E2772066E826BD596C99A1 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:52:02.0361 0x111c  nvlddmkm - ok
17:52:02.0412 0x111c  [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:52:02.0448 0x111c  NvNetworkService - ok
17:52:02.0456 0x111c  [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:52:02.0467 0x111c  nvraid - ok
17:52:02.0473 0x111c  [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:52:02.0484 0x111c  nvstor - ok
17:52:02.0488 0x111c  [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:52:02.0493 0x111c  NvStreamKms - ok
17:52:02.0660 0x111c  [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
17:52:02.0807 0x111c  NvStreamNetworkSvc - ok
17:52:02.0934 0x111c  [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:52:03.0048 0x111c  NvStreamSvc - ok
17:52:03.0074 0x111c  [ 1CD8D5BF5E4058A2E12949D74A7E27FD, EB99D0451F28E20A06B9E184217B8B968C1BA968C24E1DD223C3AC648D968641 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
17:52:03.0095 0x111c  nvsvc - ok
17:52:03.0099 0x111c  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:52:03.0106 0x111c  nvvad_WaveExtensible - ok
17:52:03.0111 0x111c  [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:52:03.0122 0x111c  nv_agp - ok
17:52:03.0134 0x111c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:52:03.0148 0x111c  odserv - ok
17:52:03.0156 0x111c  [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
17:52:03.0177 0x111c  OneSyncSvc - ok
17:52:03.0227 0x111c  [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:52:03.0267 0x111c  Origin Client Service - ok
17:52:03.0274 0x111c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:52:03.0282 0x111c  ose - ok
17:52:03.0305 0x111c  [ 0AA0483A95AE15427661B631226F2285, A0A39A6CAC83D1402A22A9DE2081EE4FCEFAAA69E483EACF1BE8BC586A37BE86 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
17:52:03.0332 0x111c  OverwolfUpdater - ok
17:52:03.0342 0x111c  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:52:03.0362 0x111c  p2pimsvc - ok
17:52:03.0373 0x111c  [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:52:03.0394 0x111c  p2psvc - ok
17:52:03.0399 0x111c  [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:52:03.0411 0x111c  Parport - ok
17:52:03.0416 0x111c  [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:52:03.0427 0x111c  partmgr - ok
17:52:03.0439 0x111c  [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:52:03.0458 0x111c  PcaSvc - ok
17:52:03.0467 0x111c  [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:52:03.0482 0x111c  pci - ok
17:52:03.0485 0x111c  [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:52:03.0493 0x111c  pciide - ok
17:52:03.0498 0x111c  [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:52:03.0509 0x111c  pcmcia - ok
17:52:03.0512 0x111c  [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:52:03.0521 0x111c  pcw - ok
17:52:03.0526 0x111c  [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:52:03.0535 0x111c  pdc - ok
17:52:03.0552 0x111c  [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:52:03.0582 0x14f4  Object send P2P result: true
17:52:03.0582 0x14f4  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:52:03.0584 0x111c  PEAUTH - ok
17:52:03.0589 0x111c  [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
17:52:03.0598 0x111c  percsas2i - ok
17:52:03.0602 0x111c  [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
17:52:03.0611 0x111c  percsas3i - ok
17:52:03.0653 0x111c  [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:52:03.0664 0x111c  PerfHost - ok
17:52:03.0676 0x111c  [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll

Bild vom Screenshot der Gefahrenmeldung ist als Anhang dabei.

Dummie · 20.12.2015, 17:58

Code:

ATTFilter

17:52:03.0695 0x111c  PimIndexMaintenanceSvc - ok
17:52:03.0730 0x111c  [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla             C:\WINDOWS\system32\pla.dll
17:52:03.0783 0x111c  pla - ok
17:52:03.0789 0x111c  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:52:03.0807 0x111c  PlugPlay - ok
17:52:03.0810 0x111c  [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:52:03.0821 0x111c  PNRPAutoReg - ok
17:52:03.0831 0x111c  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:52:03.0850 0x111c  PNRPsvc - ok
17:52:03.0861 0x111c  [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:52:03.0883 0x111c  PolicyAgent - ok
17:52:03.0889 0x111c  [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power           C:\WINDOWS\system32\umpo.dll
17:52:03.0901 0x111c  Power - ok
17:52:03.0907 0x111c  [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
17:52:03.0920 0x111c  PptpMiniport - ok
17:52:03.0995 0x111c  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:52:04.0094 0x111c  PrintNotify - ok
17:52:04.0101 0x111c  [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:52:04.0114 0x111c  Processor - ok
17:52:04.0123 0x111c  [ 8A216BBE091DA0585F6A5E8B65980961, 7A9400AF63D1B906F48C072084CC77508C91C7E69ACC1E9957D7A9C353A67710 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:52:04.0142 0x111c  ProfSvc - ok
17:52:04.0148 0x111c  [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
17:52:04.0160 0x111c  Psched - ok
17:52:04.0169 0x111c  [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:52:04.0187 0x111c  QWAVE - ok
17:52:04.0191 0x111c  [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:52:04.0202 0x111c  QWAVEdrv - ok
17:52:04.0206 0x111c  [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:52:04.0217 0x111c  RasAcd - ok
17:52:04.0222 0x111c  [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
17:52:04.0236 0x111c  RasAgileVpn - ok
17:52:04.0241 0x111c  [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:52:04.0257 0x111c  RasAuto - ok
17:52:04.0261 0x111c  [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
17:52:04.0275 0x111c  Rasl2tp - ok
17:52:04.0291 0x111c  [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:52:04.0293 0x0fb8  Object send P2P result: true
17:52:04.0293 0x0fb8  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
17:52:04.0321 0x111c  RasMan - ok
17:52:04.0326 0x111c  [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
17:52:04.0339 0x111c  RasPppoe - ok
17:52:04.0343 0x111c  [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
17:52:04.0358 0x111c  RasSstp - ok
17:52:04.0368 0x111c  [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:52:04.0388 0x111c  rdbss - ok
17:52:04.0393 0x111c  [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:52:04.0402 0x111c  rdpbus - ok
17:52:04.0408 0x111c  [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:52:04.0422 0x111c  RDPDR - ok
17:52:04.0428 0x111c  [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:52:04.0436 0x111c  RdpVideoMiniport - ok
17:52:04.0444 0x111c  [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:52:04.0456 0x111c  rdyboost - ok
17:52:04.0478 0x111c  [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
17:52:04.0504 0x111c  ReFSv1 - ok
17:52:04.0518 0x111c  [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:52:04.0543 0x111c  RemoteAccess - ok
17:52:04.0549 0x111c  [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:52:04.0567 0x111c  RemoteRegistry - ok
17:52:04.0590 0x111c  [ DF84555A734BA2BDA55BCCCC47095ADD, 639814A7F5B758792FE6D84E3FF312F9CE9DACB21B93EA43394DC7A04526CB81 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
17:52:04.0628 0x111c  RetailDemo - ok
17:52:04.0633 0x111c  [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:52:04.0646 0x111c  RpcEptMapper - ok
17:52:04.0649 0x111c  [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:52:04.0660 0x111c  RpcLocator - ok
17:52:04.0681 0x111c  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:52:04.0714 0x111c  RpcSs - ok
17:52:04.0718 0x111c  [ DC73D9D076BDA93E3B48153A1B356B58, BD6D4FCA9AF25333C069DEE7D643453496ACF51840F9936850368772281239D0 ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys
17:52:04.0724 0x111c  RrNetCapFilterDriver - ok
17:52:04.0728 0x111c  [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
17:52:04.0741 0x111c  rspndr - ok
17:52:04.0745 0x111c  [ 9CD929A2F91A4D5399537D021AE43947, 200FB10872B9617BEF57E3B8D20FC900324CE90DAF85216C068B7A86CBFF7377 ] rsvcdwdr        C:\WINDOWS\System32\drivers\rsvcdwdr.sys
17:52:04.0750 0x111c  rsvcdwdr - ok
17:52:04.0765 0x111c  [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
17:52:04.0791 0x111c  rt640x64 - ok
17:52:04.0794 0x111c  [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:52:04.0803 0x111c  s3cap - ok
17:52:04.0807 0x111c  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:52:04.0817 0x111c  SamSs - ok
17:52:04.0821 0x111c  [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:52:04.0832 0x111c  sbp2port - ok
17:52:04.0839 0x111c  [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:52:04.0860 0x111c  SCardSvr - ok
17:52:04.0866 0x111c  [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:52:04.0884 0x111c  ScDeviceEnum - ok
17:52:04.0888 0x111c  [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:52:04.0901 0x111c  scfilter - ok
17:52:04.0925 0x111c  [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:52:04.0963 0x111c  Schedule - ok
17:52:04.0970 0x111c  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:52:04.0987 0x111c  SCPolicySvc - ok
17:52:04.0996 0x111c  [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:52:05.0009 0x111c  sdbus - ok
17:52:05.0015 0x111c  [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
17:52:05.0030 0x111c  SDRSVC - ok
17:52:05.0035 0x111c  [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:52:05.0045 0x111c  sdstor - ok
17:52:05.0049 0x111c  [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:52:05.0061 0x111c  seclogon - ok
17:52:05.0065 0x111c  [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS            C:\WINDOWS\System32\sens.dll
17:52:05.0081 0x111c  SENS - ok
17:52:05.0104 0x111c  [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
17:52:05.0142 0x111c  SensorDataService - ok
17:52:05.0150 0x111c  [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService   C:\WINDOWS\system32\SensorService.dll
17:52:05.0168 0x111c  SensorService - ok
17:52:05.0174 0x111c  [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:52:05.0189 0x111c  SensrSvc - ok
17:52:05.0193 0x111c  [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:52:05.0202 0x111c  SerCx - ok
17:52:05.0208 0x111c  [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:52:05.0219 0x111c  SerCx2 - ok
17:52:05.0223 0x111c  [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:52:05.0232 0x111c  Serenum - ok
17:52:05.0237 0x111c  [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:52:05.0249 0x111c  Serial - ok
17:52:05.0252 0x111c  [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:52:05.0263 0x111c  sermouse - ok
17:52:05.0276 0x111c  [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:52:05.0296 0x111c  SessionEnv - ok
17:52:05.0300 0x111c  [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:52:05.0311 0x111c  sfloppy - ok
17:52:05.0323 0x111c  [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:52:05.0346 0x111c  SharedAccess - ok
17:52:05.0363 0x111c  [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:52:05.0396 0x111c  ShellHWDetection - ok
17:52:05.0401 0x111c  [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:52:05.0410 0x111c  SiSRaid2 - ok
17:52:05.0414 0x111c  [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:52:05.0424 0x111c  SiSRaid4 - ok
17:52:05.0427 0x111c  [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost         C:\WINDOWS\System32\smphost.dll
17:52:05.0442 0x111c  smphost - ok
17:52:05.0457 0x111c  [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
17:52:05.0485 0x111c  SmsRouter - ok
17:52:05.0491 0x111c  [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:52:05.0504 0x111c  SNMPTRAP - ok
17:52:05.0516 0x111c  [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:52:05.0533 0x111c  spaceport - ok
17:52:05.0538 0x111c  [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:52:05.0547 0x111c  SpbCx - ok
17:52:05.0566 0x111c  [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:52:05.0598 0x111c  Spooler - ok
17:52:05.0732 0x111c  [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:52:05.0871 0x111c  sppsvc - ok
17:52:05.0908 0x111c  [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:52:05.0927 0x111c  srv - ok
17:52:05.0944 0x111c  [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:52:05.0971 0x111c  srv2 - ok
17:52:05.0979 0x111c  [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:52:05.0991 0x14f4  Object send P2P result: true
17:52:05.0991 0x14f4  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
17:52:05.0994 0x111c  srvnet - ok
17:52:06.0002 0x111c  [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:52:06.0020 0x111c  SSDPSRV - ok
17:52:06.0027 0x111c  [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:52:06.0045 0x111c  SstpSvc - ok
17:52:06.0052 0x111c  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:52:06.0060 0x111c  ssudmdm - ok
17:52:06.0079 0x111c  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:52:06.0096 0x111c  ss_conn_service - ok
17:52:06.0153 0x111c  [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
17:52:06.0233 0x111c  StateRepository - ok
17:52:06.0254 0x111c  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:52:06.0274 0x111c  Steam Client Service - ok
17:52:06.0286 0x111c  [ 044C02B6E0359B310C5881261DD9C484, 3ACAB69FC87E262C9C273EE81038F1291A1E019B309C4727E5AE4E26A855BBB2 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:52:06.0297 0x111c  Stereo Service - ok
17:52:06.0301 0x111c  [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:52:06.0309 0x111c  stexstor - ok
17:52:06.0325 0x111c  [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:52:06.0353 0x111c  stisvc - ok
17:52:06.0359 0x111c  [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:52:06.0369 0x111c  storahci - ok
17:52:06.0373 0x111c  [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:52:06.0382 0x111c  storflt - ok
17:52:06.0386 0x111c  [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:52:06.0396 0x111c  stornvme - ok
17:52:06.0400 0x111c  [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
17:52:06.0413 0x111c  storqosflt - ok
17:52:06.0424 0x111c  [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:52:06.0444 0x111c  StorSvc - ok
17:52:06.0448 0x111c  [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
17:52:06.0457 0x111c  storufs - ok
17:52:06.0460 0x111c  [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:52:06.0469 0x111c  storvsc - ok
17:52:06.0472 0x111c  [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:52:06.0486 0x111c  svsvc - ok
17:52:06.0513 0x111c  [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
17:52:06.0521 0x111c  swenum - ok
17:52:06.0533 0x111c  [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv           C:\WINDOWS\System32\swprv.dll
17:52:06.0560 0x111c  swprv - ok
17:52:06.0564 0x111c  [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
17:52:06.0575 0x111c  Synth3dVsc - ok
17:52:06.0599 0x111c  [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:52:06.0639 0x111c  SysMain - ok
17:52:06.0650 0x111c  [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:52:06.0670 0x111c  SystemEventsBroker - ok
17:52:06.0677 0x111c  [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:52:06.0691 0x111c  TabletInputService - ok
17:52:06.0700 0x111c  [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:52:06.0704 0x0fb8  Object send P2P result: true
17:52:06.0704 0x0fb8  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
17:52:06.0719 0x111c  TapiSrv - ok
17:52:06.0724 0x111c  [ E91BCBD521606E60C2807813D8EAC579, 9B9329535AF753E5922BD53DEF08E5E99C51927923C7DF87112A0E293DE47FAC ] tbhsd           C:\WINDOWS\system32\drivers\tbhsd.sys
17:52:06.0729 0x111c  tbhsd - ok
17:52:06.0779 0x111c  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:52:06.0836 0x111c  Tcpip - ok
17:52:06.0898 0x111c  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
17:52:06.0955 0x111c  Tcpip6 - ok
17:52:06.0962 0x111c  [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:52:06.0974 0x111c  tcpipreg - ok
17:52:06.0980 0x111c  [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:52:06.0991 0x111c  tdx - ok
17:52:06.0994 0x111c  [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:52:07.0002 0x111c  terminpt - ok
17:52:07.0026 0x111c  [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService     C:\WINDOWS\System32\termsrv.dll
17:52:07.0065 0x111c  TermService - ok
17:52:07.0070 0x111c  [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:52:07.0089 0x111c  Themes - ok
17:52:07.0102 0x111c  [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
17:52:07.0127 0x111c  tiledatamodelsvc - ok
17:52:07.0133 0x111c  [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:52:07.0148 0x111c  TimeBroker - ok
17:52:07.0155 0x111c  [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:52:07.0167 0x111c  TPM - ok
17:52:07.0172 0x111c  [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:52:07.0186 0x111c  TrkWks - ok
17:52:07.0191 0x111c  [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:52:07.0203 0x111c  TrustedInstaller - ok
17:52:07.0209 0x111c  [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
17:52:07.0219 0x111c  TsUsbFlt - ok
17:52:07.0223 0x111c  [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:52:07.0233 0x111c  TsUsbGD - ok
17:52:07.0238 0x111c  [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
17:52:07.0251 0x111c  tunnel - ok
17:52:07.0255 0x111c  [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:52:07.0265 0x111c  uagp35 - ok
17:52:07.0268 0x111c  [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:52:07.0278 0x111c  UASPStor - ok
17:52:07.0282 0x111c  [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
17:52:07.0293 0x111c  UcmCx0101 - ok
17:52:07.0297 0x111c  [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
17:52:07.0308 0x111c  UcmUcsi - ok
17:52:07.0314 0x111c  [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
17:52:07.0326 0x111c  Ucx01000 - ok
17:52:07.0330 0x111c  [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
17:52:07.0340 0x111c  UdeCx - ok
17:52:07.0349 0x111c  [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:52:07.0371 0x111c  udfs - ok
17:52:07.0375 0x111c  [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:52:07.0383 0x111c  UEFI - ok
17:52:07.0390 0x111c  [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
17:52:07.0403 0x111c  Ufx01000 - ok
17:52:07.0407 0x111c  [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
17:52:07.0417 0x111c  UfxChipidea - ok
17:52:07.0423 0x111c  [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
17:52:07.0433 0x111c  ufxsynopsys - ok
17:52:07.0439 0x111c  [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:52:07.0453 0x111c  UI0Detect - ok
17:52:07.0458 0x111c  [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:52:07.0467 0x111c  uliagpkx - ok
17:52:07.0471 0x111c  [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:52:07.0482 0x111c  umbus - ok
17:52:07.0486 0x111c  [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:52:07.0496 0x111c  UmPass - ok
17:52:07.0504 0x111c  [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:52:07.0522 0x111c  UmRdpService - ok
17:52:07.0549 0x111c  [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
17:52:07.0592 0x111c  UnistoreSvc - ok
17:52:07.0606 0x111c  [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:52:07.0629 0x111c  upnphost - ok
17:52:07.0633 0x111c  [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
17:52:07.0642 0x111c  UrsChipidea - ok
17:52:07.0646 0x111c  [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
17:52:07.0655 0x111c  UrsCx01000 - ok
17:52:07.0658 0x111c  [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
17:52:07.0667 0x111c  UrsSynopsys - ok
17:52:07.0672 0x111c  [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:52:07.0683 0x111c  usbccgp - ok
17:52:07.0688 0x111c  [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:52:07.0700 0x111c  usbcir - ok
17:52:07.0705 0x111c  [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:52:07.0715 0x111c  usbehci - ok
17:52:07.0728 0x111c  [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:52:07.0746 0x111c  usbhub - ok
17:52:07.0760 0x111c  [ 1BDA1FD02783566F0B20EB0E2517F85C, 4C86DC962BBE4CA5AE466A37CF647D84CE2A34DA7F861751587841FC10CFA09D ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:52:07.0779 0x111c  USBHUB3 - ok
17:52:07.0783 0x111c  [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:52:07.0793 0x111c  usbohci - ok
17:52:07.0797 0x111c  [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:52:07.0807 0x111c  usbprint - ok
17:52:07.0811 0x111c  [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
17:52:07.0822 0x111c  usbser - ok
17:52:07.0828 0x111c  [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:52:07.0838 0x111c  USBSTOR - ok
17:52:07.0841 0x111c  [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:52:07.0851 0x111c  usbuhci - ok
17:52:07.0861 0x111c  [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:52:07.0876 0x111c  USBXHCI - ok
17:52:07.0908 0x111c  [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
17:52:07.0955 0x111c  UserDataSvc - ok
17:52:07.0975 0x111c  [ 19DB66E644058AA880AE20144FA40839, 3622EBD3E203C436000947666E7CDF9B075951CC1929241CCCDB123F55F93E46 ] UserManager     C:\WINDOWS\System32\usermgr.dll
17:52:08.0004 0x111c  UserManager - ok
17:52:08.0014 0x111c  [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
17:52:08.0033 0x111c  UsoSvc - ok
17:52:08.0037 0x111c  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:52:08.0047 0x111c  VaultSvc - ok
17:52:08.0050 0x111c  [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:52:08.0059 0x111c  vdrvroot - ok
17:52:08.0076 0x111c  [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds             C:\WINDOWS\System32\vds.exe
17:52:08.0108 0x111c  vds - ok
17:52:08.0114 0x111c  [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:52:08.0127 0x111c  VerifierExt - ok
17:52:08.0143 0x111c  [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:52:08.0165 0x111c  vhdmp - ok
17:52:08.0169 0x111c  [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
17:52:08.0179 0x111c  vhf - ok
17:52:08.0189 0x111c  [ A67C345301198E0E104100272EB6BA90, D469D567DCCBD3EA59DB27F8BAE71263FA14D1E6A3BA54A54FF209BE95D39041 ] Virtual CDAudio Service C:\Program Files (x86)\Audials\Audials 12\VCDWriter\64\VCDAudioService.exe
17:52:08.0199 0x111c  Virtual CDAudio Service - ok
17:52:08.0204 0x111c  [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:52:08.0214 0x111c  vmbus - ok
17:52:08.0217 0x111c  [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:52:08.0227 0x111c  VMBusHID - ok
17:52:08.0240 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:52:08.0264 0x111c  vmicguestinterface - ok
17:52:08.0276 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:52:08.0302 0x111c  vmicheartbeat - ok
17:52:08.0314 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:52:08.0337 0x111c  vmickvpexchange - ok
17:52:08.0350 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:52:08.0373 0x111c  vmicrdv - ok
17:52:08.0385 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:52:08.0407 0x111c  vmicshutdown - ok
17:52:08.0413 0x14f4  Object send P2P result: true
17:52:08.0419 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:52:08.0442 0x111c  vmictimesync - ok
17:52:08.0453 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
17:52:08.0476 0x111c  vmicvmsession - ok
17:52:08.0488 0x111c  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:52:08.0512 0x111c  vmicvss - ok
17:52:08.0516 0x111c  [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:52:08.0525 0x111c  volmgr - ok
17:52:08.0535 0x111c  [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:52:08.0549 0x111c  volmgrx - ok
17:52:08.0559 0x111c  [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:52:08.0575 0x111c  volsnap - ok
17:52:08.0579 0x111c  [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:52:08.0588 0x111c  vpci - ok
17:52:08.0594 0x111c  [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:52:08.0605 0x111c  vsmraid - ok
17:52:08.0635 0x111c  [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:52:08.0684 0x111c  VSS - ok
17:52:08.0694 0x111c  [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:52:08.0708 0x111c  VSTXRAID - ok
17:52:08.0711 0x111c  [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:52:08.0721 0x111c  vwifibus - ok
17:52:08.0725 0x111c  [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
17:52:08.0738 0x111c  vwififlt - ok
17:52:08.0751 0x111c  [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time         C:\WINDOWS\system32\w32time.dll
17:52:08.0778 0x111c  W32Time - ok
17:52:08.0782 0x111c  [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:52:08.0792 0x111c  WacomPen - ok
17:52:08.0804 0x111c  [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService   C:\WINDOWS\system32\WalletService.dll
17:52:08.0828 0x111c  WalletService - ok
17:52:08.0833 0x111c  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:52:08.0846 0x111c  wanarp - ok
17:52:08.0850 0x111c  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:52:08.0863 0x111c  wanarpv6 - ok
17:52:08.0897 0x111c  [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:52:08.0948 0x111c  wbengine - ok
17:52:08.0964 0x111c  [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:52:08.0991 0x111c  WbioSrvc - ok
17:52:09.0006 0x111c  [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:52:09.0032 0x111c  Wcmsvc - ok
17:52:09.0045 0x111c  [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:52:09.0069 0x111c  wcncsvc - ok
17:52:09.0073 0x111c  [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:52:09.0084 0x111c  WcsPlugInService - ok
17:52:09.0108 0x111c  [ 6211C43075D3538ADBF344F77C1A337C, 1B4F21358C0ED8666213F897F7F254985E8666AC14568157A7143DD3DC9B2ADF ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
17:52:09.0119 0x0fb8  Object send P2P result: true
17:52:09.0130 0x111c  WDBackup - ok
17:52:09.0134 0x111c  [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:52:09.0144 0x111c  WdBoot - ok
17:52:09.0147 0x111c  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
17:52:09.0155 0x111c  WDC_SAM - ok
17:52:09.0164 0x111c  [ 464C440F9344289FDEA03F7475C44ACC, 5C7F9C1B604FCF01A78F69DBFC379B47E1A00EE35279A9F0F90E1E3663B0C3B7 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
17:52:09.0173 0x111c  WDDriveService - ok
17:52:09.0194 0x111c  [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:52:09.0217 0x111c  Wdf01000 - ok
17:52:09.0226 0x111c  [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:52:09.0241 0x111c  WdFilter - ok
17:52:09.0245 0x111c  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:52:09.0262 0x111c  WdiServiceHost - ok
17:52:09.0266 0x111c  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:52:09.0282 0x111c  WdiSystemHost - ok
17:52:09.0298 0x111c  [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
17:52:09.0326 0x111c  wdiwifi - ok
17:52:09.0332 0x111c  [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:52:09.0343 0x111c  WdNisDrv - ok
17:52:09.0345 0x111c  WdNisSvc - ok
17:52:09.0352 0x111c  [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:52:09.0373 0x111c  WebClient - ok
17:52:09.0380 0x111c  [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:52:09.0398 0x111c  Wecsvc - ok
17:52:09.0401 0x111c  [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:52:09.0415 0x111c  WEPHOSTSVC - ok
17:52:09.0419 0x111c  [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:52:09.0437 0x111c  wercplsupport - ok
17:52:09.0443 0x111c  [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:52:09.0462 0x111c  WerSvc - ok
17:52:09.0464 0x111c  wfpcapture - ok
17:52:09.0469 0x111c  [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
17:52:09.0480 0x111c  WFPLWFS - ok
17:52:09.0484 0x111c  [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:52:09.0497 0x111c  WiaRpc - ok
17:52:09.0501 0x111c  [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:52:09.0510 0x111c  WIMMount - ok
17:52:09.0512 0x111c  WinDefend - ok
17:52:09.0519 0x111c  [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
17:52:09.0531 0x111c  WindowsTrustedRT - ok
17:52:09.0534 0x111c  [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
17:52:09.0542 0x111c  WindowsTrustedRTProxy - ok
17:52:09.0569 0x111c  [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:52:09.0603 0x111c  WinHttpAutoProxySvc - ok
17:52:09.0610 0x111c  [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
17:52:09.0618 0x111c  WinMad - ok
17:52:09.0629 0x111c  [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:52:09.0645 0x111c  Winmgmt - ok
17:52:09.0701 0x111c  [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:52:09.0782 0x111c  WinRM - ok
17:52:09.0791 0x111c  [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
17:52:09.0801 0x111c  WINUSB - ok
17:52:09.0806 0x111c  [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
17:52:09.0815 0x111c  WinVerbs - ok
17:52:09.0863 0x111c  [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:52:09.0932 0x111c  WlanSvc - ok
17:52:09.0977 0x111c  [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:52:10.0043 0x111c  wlidsvc - ok
17:52:10.0048 0x111c  [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:52:10.0058 0x111c  WmiAcpi - ok
17:52:10.0066 0x111c  [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:52:10.0080 0x111c  wmiApSrv - ok
17:52:10.0083 0x111c  WMPNetworkSvc - ok
17:52:10.0090 0x111c  [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:52:10.0102 0x111c  Wof - ok
17:52:10.0144 0x111c  [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:52:10.0203 0x111c  workfolderssvc - ok
17:52:10.0209 0x111c  [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:52:10.0218 0x111c  wpcfltr - ok
17:52:10.0222 0x111c  [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:52:10.0238 0x111c  WPDBusEnum - ok
17:52:10.0241 0x111c  [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:52:10.0250 0x111c  WpdUpFltr - ok
17:52:10.0254 0x111c  [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService      C:\WINDOWS\system32\WpnService.dll
17:52:10.0273 0x111c  WpnService - ok
17:52:10.0276 0x111c  [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:52:10.0294 0x111c  ws2ifsl - ok
17:52:10.0301 0x111c  [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:52:10.0319 0x111c  wscsvc - ok
17:52:10.0322 0x111c  [ E392DFAF6D0DEFC812ECC727A61F91C5, C28B6CC8AD034157CE92C7F098A9C12ADED2769E6AF954A9AAD10CC0E811DD2A ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:52:10.0337 0x111c  WSDPrintDevice - ok
17:52:10.0340 0x111c  [ 0902C63D8C836EA4D0876FCD8D627701, 0173F83CF8DA9C6D40C64CE88BF1A40EB634008D3D48F74E4E3BBBB11F1CA8D1 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
17:52:10.0352 0x111c  WSDScan - ok
17:52:10.0355 0x111c  WSearch - ok
17:52:10.0429 0x111c  [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService       C:\WINDOWS\System32\WSService.dll
17:52:10.0530 0x111c  WSService - ok
17:52:10.0579 0x111c  [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:52:10.0648 0x111c  wuauserv - ok
17:52:10.0654 0x111c  [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:52:10.0667 0x111c  WudfPf - ok
17:52:10.0674 0x111c  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:52:10.0690 0x111c  WUDFRd - ok
17:52:10.0695 0x111c  [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:52:10.0709 0x111c  wudfsvc - ok
17:52:10.0716 0x111c  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:52:10.0731 0x111c  WUDFWpdFs - ok
17:52:10.0738 0x111c  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:52:10.0754 0x111c  WUDFWpdMtp - ok
17:52:10.0780 0x111c  [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:52:10.0823 0x111c  WwanSvc - ok
17:52:10.0845 0x111c  [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
17:52:10.0881 0x111c  XblAuthManager - ok
17:52:10.0908 0x111c  [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
17:52:10.0950 0x111c  XblGameSave - ok
17:52:10.0957 0x111c  [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
17:52:10.0974 0x111c  xboxgip - ok
17:52:10.0998 0x111c  [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
17:52:11.0037 0x111c  XboxNetApiSvc - ok
17:52:11.0041 0x111c  [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
17:52:11.0052 0x111c  xinputhid - ok
17:52:11.0058 0x111c  [ 1E80EDF59994925D6AF76D87564588E1, 40D02073F3A17B6C10F496341598D39F55CE70AD626BADE1BBD2021AB1A018F9 ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
17:52:11.0070 0x111c  xusb22 - ok
17:52:11.0071 0x111c  ================ Scan global ===============================
17:52:11.0076 0x111c  [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
17:52:11.0082 0x111c  [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
17:52:11.0088 0x111c  [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
17:52:11.0100 0x111c  [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
17:52:11.0107 0x111c  [ Global ] - ok
17:52:11.0108 0x111c  ================ Scan MBR ==================================
17:52:11.0109 0x111c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:52:11.0134 0x111c  \Device\Harddisk0\DR0 - ok
17:52:11.0143 0x111c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:52:11.0247 0x111c  \Device\Harddisk1\DR1 - ok
17:52:11.0247 0x111c  ================ Scan VBR ==================================
17:52:11.0249 0x111c  [ 4442EC6225047F9C58C008DB549D14C4 ] \Device\Harddisk0\DR0\Partition1
17:52:11.0251 0x111c  \Device\Harddisk0\DR0\Partition1 - ok
17:52:11.0253 0x111c  [ 8696EAD0C3B8EBB9549E63D67CB3F399 ] \Device\Harddisk0\DR0\Partition2
17:52:11.0253 0x111c  \Device\Harddisk0\DR0\Partition2 - ok
17:52:11.0255 0x111c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:52:11.0255 0x111c  \Device\Harddisk0\DR0\Partition3 - ok
17:52:11.0258 0x111c  [ F3E7E582206A4A745F1609D565129060 ] \Device\Harddisk0\DR0\Partition4
17:52:11.0260 0x111c  \Device\Harddisk0\DR0\Partition4 - ok
17:52:11.0262 0x111c  [ 05653943B86302A92ABD5D11886D6489 ] \Device\Harddisk0\DR0\Partition5
17:52:11.0263 0x111c  \Device\Harddisk0\DR0\Partition5 - ok
17:52:11.0265 0x111c  [ 2924B176E1D7A3DC4036F6992DC5C4F5 ] \Device\Harddisk0\DR0\Partition6
17:52:11.0267 0x111c  \Device\Harddisk0\DR0\Partition6 - ok
17:52:11.0268 0x111c  [ F0F58B385A84D1DF39C14D10FBB42C20 ] \Device\Harddisk1\DR1\Partition1
17:52:11.0273 0x111c  \Device\Harddisk1\DR1\Partition1 - ok
17:52:11.0273 0x111c  ================ Scan generic autorun ======================
17:52:11.0331 0x111c  [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:52:11.0382 0x111c  NvBackend - ok
17:52:11.0388 0x111c  [ 5DED2A3F11AE916C8F2724947E736261, 35402466FE6D02CC85A27171F55D9F7FD0AAF018D3CC410E46F0B43DCE7EA080 ] C:\WINDOWS\system32\rundll32.exe
17:52:11.0406 0x111c  ShadowPlay - ok
17:52:11.0412 0x111c  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
17:52:11.0419 0x111c  iTunesHelper - ok
17:52:11.0447 0x111c  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:52:11.0458 0x2470  Object required for P2P: [ 6F5AC1C495DA6D19AF99A59DC44BC13F ] NvStreamNetworkSvc
17:52:11.0469 0x111c  avgnt - ok
17:52:11.0583 0x111c  [ 25218B917E6C638A5A0257BBAF3AF7DB, 7DC4D65462D45CE4230300555C5EE666729179F135C720B2B79DC8409743A0F7 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
17:52:11.0681 0x111c  WD Quick View - ok
17:52:11.0700 0x111c  [ 359714A81A50EA2B3C8FD5B469AC7D23, AEA7CE88D44809DD0D656FC9B7D57B0993AEA99FB4665136CA0450F1BECEC453 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
17:52:11.0716 0x111c  FUFAXRCV - ok
17:52:11.0735 0x111c  [ 0DA6B555222873BB7AD140D9C675DFB7, A7EADD3D6A658D5B8FD208563466BC4E0EE185BB05DE3C0ACE70A8527E7B02F1 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
17:52:11.0754 0x111c  FUFAXSTM - ok
17:52:11.0779 0x111c  [ BD0A0131D76DFD35B0C8A769C6AE1E74, 974BDFADE639992CA2FF36CA52DC0BADDE2B665F4E16080E9CA54D7264638906 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
17:52:11.0802 0x111c  EEventManager - ok
17:52:11.0813 0x111c  [ BE3DD2A4A6296FB2DFF0EDC2E0269F64, 8EE1EFCB67D3E9FD08BD7E09174AAC75B018106988B97619F2D0432C86889E40 ] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSpeed.EXE
17:52:11.0819 0x111c  PMSpeed9.32.10 - ok
17:52:11.0824 0x111c  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:52:11.0830 0x111c  Avira SystrayStartTrigger - ok
17:52:11.0839 0x111c  [ 2EA68E33DFF41A10F1BAB15FC3A28076, C971C009F36A87116FBE785E45EB7192EAD9BAF713C43C8A3AC643624144ECF9 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
17:52:11.0849 0x111c  KiesTrayAgent - ok
17:52:12.0050 0x111c  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:52:12.0189 0x111c  OneDriveSetup - ok
17:52:12.0358 0x111c  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:52:12.0497 0x111c  OneDriveSetup - ok
17:52:12.0634 0x111c  [ 4DF6E378A00B6F89CB35078054057C36, 981BE3859AC48F43E739885BDA6756C5583BFD7353A57669067C8FB170DAE097 ] C:\Program Files\CCleaner\CCleaner64.exe
17:52:12.0744 0x111c  CCleaner Monitoring - ok
17:52:12.0752 0x111c  [ 3A9C2802C8DB10595F63FB1B26757C57, 3B8A18BA1F105428B6810CFA5D2F3CD1B8701DE13A22146D7F3FD8379E16C1BF ] C:\Program Files (x86)\Overwolf\Overwolf.exe
17:52:12.0757 0x111c  Overwolf - ok
17:52:12.0810 0x111c  [ 0C3C7C949E1C08E5AE38A574694DD0F4, 4653F2FA689FC1999E8BC8AC57E69FA10C64EA11774BC725244306059FBBD5E6 ] C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
17:52:12.0857 0x111c  AudialsNotifier - ok
17:52:12.0867 0x111c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:52:12.0875 0x111c  Dropbox Update - ok
17:52:12.0889 0x111c  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE
17:52:12.0899 0x111c  EPLTarget\P0000000000000000 - ok
17:52:12.0910 0x111c  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE
17:52:12.0919 0x111c  EPLTarget\P0000000000000001 - ok
17:52:12.0933 0x111c  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:52:12.0950 0x111c  OneDrive - ok
17:52:13.0014 0x111c  [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] C:\Program Files (x86)\Steam\steam.exe
17:52:13.0069 0x111c  Steam - ok
17:52:13.0072 0x111c  Waiting for KSN requests completion. In queue: 279
17:52:13.0895 0x2470  Object send P2P result: true
17:52:13.0897 0x2470  Object required for P2P: [ 73FA6B2DF3348AF05E1F98310854BD4F ] NvStreamSvc
17:52:14.0073 0x111c  Waiting for KSN requests completion. In queue: 278
17:52:15.0074 0x111c  Waiting for KSN requests completion. In queue: 278
17:52:15.0450 0x09c0  Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
17:52:16.0074 0x111c  Waiting for KSN requests completion. In queue: 249
17:52:16.0343 0x2470  Object send P2P result: true
17:52:16.0345 0x2470  Object required for P2P: [ 1CD8D5BF5E4058A2E12949D74A7E27FD ] nvsvc
17:52:17.0075 0x111c  Waiting for KSN requests completion. In queue: 248
17:52:18.0075 0x111c  Waiting for KSN requests completion. In queue: 248
17:52:18.0415 0x09c0  Object send P2P result: true
17:52:18.0418 0x09c0  Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:52:18.0765 0x2470  Object send P2P result: true
17:52:18.0775 0x2470  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
17:52:19.0076 0x111c  Waiting for KSN requests completion. In queue: 95
17:52:20.0076 0x111c  Waiting for KSN requests completion. In queue: 95
17:52:20.0834 0x09c0  Object send P2P result: true
17:52:20.0834 0x09c0  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:52:21.0076 0x111c  Waiting for KSN requests completion. In queue: 85
17:52:22.0077 0x111c  Waiting for KSN requests completion. In queue: 85
17:52:23.0077 0x111c  Waiting for KSN requests completion. In queue: 85
17:52:23.0260 0x09c0  Object send P2P result: true
17:52:23.0260 0x09c0  Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] C:\Program Files (x86)\Steam\steam.exe
17:52:24.0078 0x111c  Waiting for KSN requests completion. In queue: 84
17:52:25.0078 0x111c  Waiting for KSN requests completion. In queue: 84
17:52:25.0706 0x09c0  Object send P2P result: true
17:52:26.0079 0x111c  Waiting for KSN requests completion. In queue: 83
17:52:26.0688 0x2470  Object send P2P result: true
17:52:26.0688 0x2470  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
17:52:27.0079 0x111c  Waiting for KSN requests completion. In queue: 82
17:52:28.0080 0x111c  Waiting for KSN requests completion. In queue: 82
17:52:29.0081 0x111c  Waiting for KSN requests completion. In queue: 82
17:52:29.0110 0x2470  Object send P2P result: true
17:52:30.0097 0x111c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
17:52:30.0097 0x111c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
17:52:30.0101 0x111c  Win FW state via NFP2: enabled ( trusted )
17:52:32.0442 0x111c  ============================================================
17:52:32.0442 0x111c  Scan finished
17:52:32.0442 0x111c  ============================================================
17:52:32.0447 0x0480  Detected object count: 0
17:52:32.0447 0x0480  Actual detected object count: 0

deeprybka · 20.12.2015, 18:00

Seit wann genau besteht das Problem?

Dummie · 20.12.2015, 18:14

Vorgestern die Meldung von der Bank-Software bekommen. Anfang der Woche wurde mein EA-Account wohl gehacked, was ich aber glücklicherweise mit Hilfe von EA wieder rückgängig machen konnte. Daraufhin habe ich zuerst Malwarebytes laufen lassen was eine Datei in Quarantäne geschoben hat. Danach wurde mir nach einem weiteren Suchlauf mit Malwarebytes und mit Avira keine Bedrohungen gemeldet worauf ich davon ausgegangen bin, dass nun alles i.O. ist. Am Freitag hat aber dann die Bank-Software sich geweigert zu starten mit der Warnmeldung, darum bin ich nicht sicher ob doch noch was verstecktes auf meinem Rechner wohnt.

deeprybka · 21.12.2015, 18:54

Dann jetzt einen MBAM-Scan mit aktiver Rootkit-Suche:

Schritt 1

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Dummie · 21.12.2015, 18:54

Jetzt schaffe ich das nicht mehr, werde das erledigen wenn ich heute Abend zu Hause bin.
Danke schon mal vorab

deeprybka · 21.12.2015, 19:00

Keine Eile.

Dummie · 21.12.2015, 22:43

Malware-Log

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.12.2015
Suchlaufzeit: 22:05
Protokolldatei: Malware.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.21.06
Rootkit-Datenbank: v2015.12.18.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Peter

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 380491
Abgelaufene Zeit: 9 Min., 48 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Adw-Cleaner-Log

Code:

ATTFilter

# AdwCleaner v5.026 - Bericht erstellt am 21/12/2015 um 22:24:45
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-21.3 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Peter - PC
# Gestartet von : C:\Users\Peter\Desktop\adwcleaner_5.026.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.updatepm.oneclickctrl.9
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.updatepm.update3webcontrol.3
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{553D53FA-59F3-44D0-ABC4-58F290DB70DC}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59E8D94C-7A20-41AD-83CF-3E156D3AEB2F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5EF4F032-2DB4-48E9-B5A9-ADAC095E096A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6FE5D7AF-5812-4E08-BA22-9805FFE9F429}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{781999CA-3F51-4A56-94CA-0C8A8E0100AF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A39B7A1C-F58A-4C22-9015-E2C8EF1C31BA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AB121BE6-2299-4B9B-8545-9104ABA20717}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0833ED4-281E-441C-B004-43752001A629}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC330A23-4FBE-414C-AB3D-1C42056E5245}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DCD71BA3-32C2-455F-8DF0-37EE26E0C395}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E9C30691-5CE7-46BF-B940-C0125DA9E05B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F654B5BE-1A20-48A6-BED0-7C9E29CB8099}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0DA40B75-6FEE-49BF-BDDE-E2598E786C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{12FF3C6A-56FB-4B3E-858D-0877CD39B025}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{15DDC42D-13A8-432B-B31D-36A8FB50758F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1CD6E593-ABBF-45AC-9F94-21E8F1BDC10B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2B584AEB-6C8F-4238-89E4-850CFD7B2065}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{30A2947A-664F-440B-908D-E0FEDFEAE5DE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{34BCEF11-CE38-48EC-9D08-5CC0557E8887}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3B06CDDC-2ECB-45DC-B565-D41CC095BE40}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3FD7EB0A-96B6-43E0-9D94-44929F3FD1B3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D2525EE-3B7B-44C6-8960-77843DBC67A3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{89449F37-4AB2-46ED-A566-BB3A7797701B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-3501281241-138803316-725630430-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Internetbrowser ] *****

[-] [C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://www.istartsurf.com/webfavicon.ico
[-] [C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5685 Bytes] ##########

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Peter (Administrator) auf PC (21-12-2015 22:40:32)
Gestartet von C:\Users\Peter\Desktop
Geladene Profile: Peter (Verfügbare Profile: Peter)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(RapidSolution Software AG) C:\Program Files (x86)\Audials\Audials 12\VCDWriter\64\VCDAudioService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Peter\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSpeed.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed9.32.10] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSpeed.EXE [125248 2013-09-26] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2412440 2015-09-18] ()
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [Dropbox Update] => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-3501281241-138803316-725630430-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fd940e4a-dbbc-4f82-b980-3f0c256955ee}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3501281241-138803316-725630430-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3501281241-138803316-725630430-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3501281241-138803316-725630430-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-31] (Oracle Corporation)
BHO: Kein Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-31] (Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Kein Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lymaashi.default
FF Homepage: hxxps://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: FoxyProxy Standard - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lymaashi.default\extensions\foxyproxy@eric.h.jung [2015-09-10]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\lymaashi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-08-29] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x64\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Avira Browserschutz) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Google Mail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Peter\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-15] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-10-12] (BitRaider, LLC)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 Virtual CDAudio Service; C:\Program Files (x86)\Audials\Audials 12\VCDWriter\64\VCDAudioService.exe [179608 2015-09-18] (RapidSolution Software AG)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-05] (BitRaider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-06-17] (Audials AG)
R3 rsvcdwdr; C:\Windows\System32\drivers\rsvcdwdr.sys [45192 2015-06-17] (RapidSolution Software AG)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-21 22:40 - 2015-12-21 22:40 - 00000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2015-12-21 22:38 - 2015-12-21 22:38 - 00016148 _____ C:\WINDOWS\system32\PC_Peter_HistoryPrediction.bin
2015-12-21 22:25 - 2015-12-21 22:25 - 00266416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-21 22:18 - 2015-12-21 22:18 - 01743360 _____ C:\Users\Peter\Desktop\adwcleaner_5.026.exe
2015-12-21 22:16 - 2015-12-21 22:16 - 00001185 _____ C:\Users\Peter\Desktop\Malware.txt
2015-12-21 22:02 - 2015-12-21 22:03 - 22908888 _____ (Malwarebytes ) C:\Users\Peter\Downloads\mbam-setup-2.2.0.1024 (1).exe
2015-12-21 22:02 - 2015-12-21 22:02 - 00000000 ___HD C:\OneDriveTemp
2015-12-20 17:51 - 2015-12-20 18:09 - 00268072 _____ C:\TDSSKiller.3.1.0.9_20.12.2015_17.51.43_log.txt
2015-12-20 17:47 - 2015-12-20 17:49 - 00267336 _____ C:\TDSSKiller.3.1.0.9_20.12.2015_17.47.06_log.txt
2015-12-20 17:45 - 2015-12-20 17:45 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Peter\Desktop\tdsskiller.exe
2015-12-20 12:45 - 2015-12-20 12:45 - 00001298 _____ C:\Users\Peter\Desktop\Anti-Malware.txt
2015-12-20 10:07 - 2015-12-21 22:40 - 00023555 _____ C:\Users\Peter\Desktop\FRST.txt
2015-12-20 10:07 - 2015-12-20 10:07 - 00057465 _____ C:\Users\Peter\Desktop\Addition.txt
2015-12-20 10:06 - 2015-12-21 22:40 - 02370560 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2015-12-20 10:06 - 2015-12-21 22:40 - 00000000 ____D C:\FRST
2015-12-15 18:00 - 2015-12-21 22:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 18:00 - 2015-12-21 22:03 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 18:00 - 2015-12-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 18:00 - 2015-12-21 22:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 18:00 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 18:00 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 18:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 17:58 - 2015-12-15 17:59 - 22908888 _____ (Malwarebytes ) C:\Users\Peter\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 06:35 - 2015-12-15 06:35 - 00118455 _____ C:\Users\Peter\Downloads\Kundennummer_9100706440.pdf
2015-12-13 20:11 - 2015-12-13 20:11 - 00000690 _____ C:\Users\Peter\Desktop\Ina - Verknüpfung.lnk
2015-12-13 19:15 - 2015-12-13 19:15 - 00446513 _____ C:\Users\Peter\Downloads\Carpesol_18.pdf
2015-12-11 19:10 - 2015-12-11 19:10 - 00066193 _____ C:\Users\Peter\Downloads\2015-12-13 Pfarrnachrichten-homepage.pdf
2015-12-11 06:43 - 2015-12-11 06:43 - 05468955 _____ C:\Users\Peter\Downloads\2016-01 Partykarneval A2 - 002.pdf
2015-12-10 19:22 - 2015-12-10 19:22 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-12-10 01:36 - 2015-12-10 01:36 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 13:57 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-09 10:31 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 10:31 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 10:31 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 10:31 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 10:31 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 10:31 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 10:31 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 10:31 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 10:31 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 10:31 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 10:31 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 10:31 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 10:31 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 10:31 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 10:31 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 10:31 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 10:31 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 10:31 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 10:31 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 10:31 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 10:31 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 10:31 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 10:31 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 10:31 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 10:31 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 10:31 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 10:31 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 10:31 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 10:31 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 10:31 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 10:31 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 10:31 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 10:31 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 10:31 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 10:31 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 10:31 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 10:31 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 10:31 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 10:31 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 10:31 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 10:31 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 10:31 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 10:31 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 10:31 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 10:31 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 10:31 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 10:31 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 10:31 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 10:31 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 10:31 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 10:31 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 10:31 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 10:31 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 10:31 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 10:31 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 10:31 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 10:31 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 10:31 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 10:31 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 10:31 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 06:43 - 2015-12-09 06:43 - 00264643 _____ C:\Users\Peter\Downloads\VV-Protokoll vom 26.11.2015.pdf
2015-12-08 19:54 - 2015-12-08 19:54 - 03228561 _____ C:\Users\Peter\Downloads\Rose Vorlagen 2.pdf
2015-12-08 19:53 - 2015-12-08 19:54 - 03272578 _____ C:\Users\Peter\Downloads\Rose Vorlagen 1.pdf
2015-12-08 16:34 - 2015-12-15 22:36 - 00000000 ____D C:\Users\Peter\Documents\FIFA 16
2015-12-08 16:26 - 2015-12-08 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-12-04 17:52 - 2015-12-04 17:52 - 00198318 _____ C:\Users\Peter\Downloads\2015-12-06 Pfarrnachrichten Homepage.pdf
2015-12-03 19:57 - 2015-12-03 19:57 - 00070149 _____ C:\Users\Peter\Downloads\2015.12.03_TK001_Site 501_TRNG.pdf
2015-12-01 06:43 - 2015-12-01 06:43 - 00214141 _____ C:\Users\Peter\Downloads\18725-022-20151130-44915-6.pdf
2015-11-28 13:53 - 2015-11-28 13:53 - 00193887 _____ C:\Users\Peter\Downloads\2015-11-29 Pfarrnachrichten - Homepage.pdf
2015-11-26 13:01 - 2015-11-26 13:01 - 00000000 ____D C:\Users\Peter\AppData\LocalLow\SKS
2015-11-26 12:39 - 2015-11-26 12:39 - 00000222 _____ C:\Users\Peter\Desktop\The Forest.url
2015-11-26 12:39 - 2015-11-26 12:39 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-26 00:05 - 2015-11-26 00:05 - 00000000 ____D C:\Users\Peter\AppData\Local\Steam
2015-11-26 00:03 - 2015-11-26 00:03 - 01476720 _____ C:\Users\Peter\Downloads\SteamSetup (1).exe
2015-11-26 00:01 - 2015-12-21 22:38 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-26 00:01 - 2015-11-26 00:01 - 01476720 _____ C:\Users\Peter\Downloads\SteamSetup.exe
2015-11-26 00:01 - 2015-11-26 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Peter\Documents\samsung
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Samsung
2015-11-24 18:50 - 2015-11-24 18:50 - 00000000 ____D C:\Users\Peter\AppData\Local\Samsung
2015-11-24 18:49 - 2015-05-21 07:02 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-11-24 18:49 - 2015-05-21 07:02 - 00110720 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-11-24 18:47 - 2015-11-24 18:49 - 00000000 ____D C:\ProgramData\Samsung
2015-11-24 18:47 - 2015-11-24 18:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-11-24 18:47 - 2015-11-24 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-24 18:47 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2015-11-24 18:47 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2015-11-24 18:45 - 2015-11-24 18:46 - 78749536 _____ (Samsung Electronics Co., Ltd.) C:\Users\Peter\Downloads\KiesSetup.exe
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\Users\Peter\AppData\Roaming\EAC
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\Users\Peter\AppData\Roaming\AccurateRip
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-11-24 15:42 - 2015-11-24 15:42 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-11-24 15:41 - 2015-11-24 15:41 - 01466656 _____ C:\Users\Peter\Downloads\Exact Audio Copy - CHIP-Installer.exe
2015-11-23 08:10 - 2015-11-23 08:11 - 20137572 _____ C:\Users\Peter\Downloads\Silverlight40728.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-21 22:38 - 2015-08-28 19:31 - 00000000 ____D C:\Users\Peter\AppData\Roaming\.oit
2015-12-21 22:38 - 2014-11-05 21:43 - 00000000 ___RD C:\Users\Peter\Dropbox
2015-12-21 22:38 - 2014-11-05 21:33 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Dropbox
2015-12-21 22:38 - 2014-11-05 21:24 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2015-12-21 22:38 - 2014-09-30 21:32 - 00000000 ___RD C:\Users\Peter\OneDrive
2015-12-21 22:38 - 2014-09-27 17:26 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-21 22:36 - 2015-09-13 18:36 - 00000925 _____ C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {A8225B49-B2EF-46DA-9489-E1768911EA1F}.job
2015-12-21 22:36 - 2015-09-13 18:36 - 00000925 _____ C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {337FE276-AC21-4B52-8359-CAF96D1767B8}.job
2015-12-21 22:35 - 2015-06-13 07:24 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001UA.job
2015-12-21 22:32 - 2015-10-12 13:34 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-21 22:32 - 2015-09-10 06:10 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-21 22:32 - 2015-09-10 06:10 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-21 22:32 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-21 22:25 - 2015-10-12 13:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-21 22:25 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-21 22:25 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-21 22:25 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-21 22:24 - 2015-03-27 23:56 - 00000000 ____D C:\AdwCleaner
2015-12-21 22:17 - 2014-09-27 17:26 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 22:04 - 2014-09-27 11:34 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1D7D91BD-122C-44C1-BFE7-AB33EA8F8A70}
2015-12-21 18:55 - 2015-03-31 10:17 - 00000000 ____D C:\ProgramData\Origin
2015-12-21 18:28 - 2014-11-28 00:28 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-21 18:00 - 2015-09-06 15:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-20 12:52 - 2015-10-12 13:30 - 00000000 ____D C:\Users\Peter
2015-12-20 11:35 - 2015-06-13 07:24 - 00001178 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001Core.job
2015-12-20 10:01 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-19 09:17 - 2015-05-02 07:32 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Coronic
2015-12-19 09:14 - 2015-05-02 07:30 - 22134048 _____ (Fiducia & GAD IT AG, Münster) C:\Users\Peter\Desktop\VB-Greven.exe
2015-12-19 09:10 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-18 14:22 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-17 23:21 - 2015-03-31 10:17 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-17 23:18 - 2014-09-29 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-17 23:18 - 2014-09-29 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-15 21:03 - 2015-10-12 14:25 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-15 21:01 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-15 18:22 - 2014-09-27 17:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-15 18:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-15 17:06 - 2015-03-31 10:19 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Origin
2015-12-14 16:15 - 2015-10-12 13:41 - 00002415 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-13 20:13 - 2014-11-28 00:27 - 00000000 ____D C:\Users\Peter\AppData\Roaming\TS3Client
2015-12-11 06:40 - 2014-09-25 18:06 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2015-12-10 19:23 - 2014-10-01 20:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 19:22 - 2014-09-27 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 19:22 - 2014-09-27 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 19:21 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-10 19:20 - 2014-09-25 18:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 19:17 - 2014-09-25 18:26 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 13:57 - 2015-01-22 19:46 - 00000000 ____D C:\Users\Peter\AppData\Local\NVIDIA Corporation
2015-12-08 16:34 - 2015-03-31 10:19 - 00000000 ____D C:\Users\Peter\AppData\Local\Origin
2015-12-08 16:04 - 2015-03-31 10:20 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-04 16:12 - 2014-09-27 17:26 - 00004182 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 16:12 - 2014-09-27 17:26 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 22:51 - 2015-08-14 10:33 - 22127272 _____ (Fiducia & GAD IT AG, Münster) C:\Users\Peter\Desktop\VB-Münster.exe
2015-12-01 16:21 - 2014-09-29 17:33 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-01 16:21 - 2014-09-29 17:33 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-01 16:21 - 2014-09-29 17:33 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-01 16:21 - 2014-09-29 17:33 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-30 19:30 - 2015-10-15 14:05 - 00000000 ____D C:\Users\Peter\AppData\Local\Battle.net
2015-11-30 19:29 - 2015-10-15 14:04 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-25 17:58 - 2015-11-09 16:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-25 11:58 - 2014-10-01 20:47 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2015-11-24 18:47 - 2015-04-12 02:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-24 18:46 - 2014-10-21 21:48 - 00000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2015-11-23 11:10 - 2014-12-07 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 12
2015-11-23 08:04 - 2014-10-01 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-26 23:35 - 2015-01-26 23:35 - 0002101 _____ () C:\Users\Peter\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\avgnt.exe
C:\Users\Peter\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-20 10:52

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Peter (2015-12-21 22:40:58)
Gestartet von C:\Users\Peter\Desktop
Windows 10 Home (X64) (2015-10-12 12:39:30)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3501281241-138803316-725630430-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3501281241-138803316-725630430-503 - Limited - Disabled)
Gast (S-1-5-21-3501281241-138803316-725630430-501 - Limited - Disabled)
Peter (S-1-5-21-3501281241-138803316-725630430-1001 - Administrator - Enabled) => C:\Users\Peter

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Audials (HKLM-x32\...\{BC9B1130-6992-4C49-A166-A2220E220815}) (Version: 12.1.10000.0 - Audials AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.60.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-2650 Series Printer Uninstall (HKLM\...\EPSON WF-2650 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.64673.4 - Electronic Arts)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearts of Iron III (HKLM-x32\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version:  - )
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.91.145.0 - Overwolf Ltd.)
PDF Experte Ultimate Testversion (HKLM-x32\...\{1B9D9CB3-A817-4f3e-B018-5C0967D5B425}) (Version: 9.00 - Avanquest)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Presto! PageManager 9.32  (HKLM-x32\...\{378DD150-B73B-42A2-954C-B27B70167B66}) (Version: 9.32.10 - Newsoft Technology Corporation)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Quick View (HKLM-x32\...\{847C1E81-8A3F-49BF-8FF0-189E56634656}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{E8DDC6BB-0080-4E70-840B-58B74FBCDE11}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3501281241-138803316-725630430-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-12-2015 13:27:14 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {060781B2-20EA-4135-8A45-3FF0C98E8307} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {0E5CF0B5-D4C4-4B32-BC3F-495DE9575B61} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001Core => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {1CED51D8-AB26-4C71-97F5-47C2EB00F350} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {23071AFD-CFC5-44EF-88A8-8D652A485BBD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001UA => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {321D1D4B-21EE-4CB9-B6B5-84C0FE93F2DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {45A996AA-6B80-4EB5-A5AB-3BE0FF094D11} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4712EAA2-51BF-4FA3-BF29-1617206FFFF5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {4A56A051-0042-4806-B80F-EB0B438F87A6} - System32\Tasks\EPSON WF-2650 Series Update {A8225B49-B2EF-46DA-9489-E1768911EA1F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {68901BCC-6754-496E-B5FA-06AFF3122143} - System32\Tasks\Western Digital\SmartWare\____Volume_bdd31606_8c82_4952_8c43_741caf3c7ab7______Volume_eda84e6f_5f9f_11e4_be74_d43d7e2df5c8__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2015-07-20] (Western Digital Technologies, Inc.)
Task: {6AB7F735-E47B-4DFE-B98A-D7B96FBB876F} - System32\Tasks\{A102B7EC-6F71-491B-A389-07B9692B878D} => pcalua.exe -a E:\FileRgn.exe -d E:\
Task: {6E1E8CAD-648A-4AA8-B6DD-94C6119D4954} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6F2CF347-8A61-4DA5-919B-8FB73EB55EEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8D5FBBB8-BA3D-434E-88F0-DFC23CD3A66A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {A0AF6F1F-33D0-4FC6-A6C3-8B35ADD7FF32} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-15] (Overwolf LTD)
Task: {A57B56CD-F9EB-4CB4-9F4E-21C0F545B615} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {ABA169B1-03AC-4D35-8430-E46A8D792F04} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CBE54687-5094-4C7F-8B76-420CC8F86294} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {CE5758C1-CFCB-437B-9FCE-925BC279EF5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D453DC91-ED9D-448C-9BCD-12191E7A6E9D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D49BBBAE-2376-4419-A290-59BE381914D5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D64BF529-A81A-4064-AC40-F6CBBF12EAEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {D7AE71F5-7A79-4A40-9F48-49649A177F18} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D8B9282E-2C34-4487-9B41-1055917A1A2B} - System32\Tasks\EPSON WF-2650 Series Update {337FE276-AC21-4B52-8359-CAF96D1767B8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DD3D12FA-E587-418B-9163-A2110E4ED6CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FC5594D9-8403-4C18-BEDE-A15C81260C91} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001Core.job => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3501281241-138803316-725630430-1001UA.job => C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {337FE276-AC21-4B52-8359-CAF96D1767B8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{337FE276-AC21-4B52-8359-CAF96D1767B8} /F:UpdateWORKGROUP\PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {74829AD9-5596-4597-BA80-2352C2DC6D16}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{74829AD9-5596-4597-BA80-2352C2DC6D16} /F:UpdateWORKGROUP\PC$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {A8225B49-B2EF-46DA-9489-E1768911EA1F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE:/EXE:{A8225B49-B2EF-46DA-9489-E1768911EA1F} /F:UpdateWORKGROUP\PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-12 13:27 - 2015-11-05 16:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 10:31 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 10:31 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 10:31 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-12 14:23 - 2015-10-12 14:23 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-16 23:18 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:18 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-03-31 09:46 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-26 00:04 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-26 00:04 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-26 00:04 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-26 00:04 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-26 00:04 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-26 00:04 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-26 00:04 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-26 00:04 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-10 01:36 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 01:36 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 01:36 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-10 01:36 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00031568 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2015-10-05 17:16 - 2015-11-05 01:04 - 00293392 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-10 01:36 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-10 01:36 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-10 01:36 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 01:36 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-10 01:36 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 05:28 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Peter\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-08-28 19:30 - 2008-11-17 13:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\nsSign.dll
2015-08-28 19:30 - 2014-02-28 09:25 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PerformOcr.dll
2015-08-28 19:30 - 2014-01-23 13:03 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMISM.dll
2015-08-28 19:30 - 2013-07-22 10:08 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PHooKDlg.dll
2015-08-28 19:30 - 2014-01-23 13:02 - 00172032 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMCommon.dll
2015-08-28 19:30 - 2013-10-25 15:21 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSet.dll
2015-08-28 19:29 - 2011-12-22 12:36 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\Qem.dll
2015-08-28 19:29 - 2014-02-17 09:42 - 00135168 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\ComClass.dll
2015-08-28 19:29 - 2014-01-05 14:03 - 01494528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\cairo.dll
2015-08-28 19:29 - 2014-02-17 09:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\CloudManager.dll
2015-08-28 19:30 - 2014-02-17 09:45 - 00118784 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMSave.dll
2015-08-28 19:30 - 2014-02-17 09:43 - 00667648 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMDB_N.dll
2015-08-28 19:30 - 2013-11-27 09:28 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMINSO.dll
2015-08-28 19:30 - 2014-01-23 19:13 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMANO.dll
2015-08-28 19:30 - 2013-04-26 13:06 - 00053248 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMOffice.dll
2015-08-28 19:30 - 2007-03-30 10:08 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\NSWinZip.dll
2015-08-28 19:30 - 2014-03-13 20:22 - 00208896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\ScanModule.dll
2015-08-28 19:30 - 2014-02-17 09:43 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMTree.dll
2015-08-28 19:30 - 2013-12-25 09:22 - 00110592 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMProp.dll
2015-08-28 19:30 - 2013-07-22 10:12 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMVoice.dll
2015-08-28 19:30 - 2013-06-22 10:10 - 00077824 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\OutlookVBA.dll
2015-08-28 19:30 - 2013-07-31 08:20 - 00344064 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMAppBar.dll
2015-08-28 19:30 - 2014-02-25 08:20 - 04669440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMView.dll
2015-08-28 19:30 - 2007-03-30 09:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\NsOEMKey.dll
2015-08-28 19:30 - 2014-01-26 14:09 - 00442368 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMPageVW.dll
2015-08-28 19:30 - 2014-01-23 13:03 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\SlideBarDLL.dll
2015-08-28 19:30 - 2013-07-22 10:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMIEVW.dll
2015-08-28 19:30 - 2014-02-17 09:45 - 00188416 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMImgVW.dll
2015-08-28 19:30 - 2014-02-17 09:45 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMDocVW.dll
2015-08-28 19:30 - 2013-12-25 09:20 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMPDFView.dll
2015-08-28 19:30 - 2013-07-22 10:08 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMAnoSet.dll
2015-08-28 19:30 - 2013-07-22 10:09 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMApSet.dll
2015-08-28 19:30 - 2013-06-22 10:12 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMStatus.dll
2015-08-28 19:30 - 2014-02-28 09:25 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMScnSet.dll
2015-08-28 19:29 - 2013-07-22 10:15 - 00028672 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\Import.dll
2015-08-28 19:30 - 2013-07-22 10:14 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\PMImageSplitter.dll
2015-08-28 19:30 - 2013-06-22 10:09 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\NetFun2K.dll
2015-11-26 00:04 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\sony.com -> sony.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3501281241-138803316-725630430-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\Urlaub\Südafrika 16 - 27.03.2015\Kap der Guten Hoffnung, Seal Island, Pinguine 18.03.2015\P1000981.JPG
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-3501281241-138803316-725630430-1001\...\StartupApproved\Run: => "Overwolf"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{76835413-10D4-4D68-8A9B-8CFAE2FD7ADC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{CB104195-5115-450B-805B-2381B891F183}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{89DB49D5-D5F8-49B0-9061-7A4E64F37EFE}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\LicenseCheck.exe
FirewallRules: [{6AD9DA3D-3A05-4261-A49F-762F97813E2F}] => (Allow) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.32\LicenseCheck.exe
FirewallRules: [{43D7D801-579E-407F-9CE8-B3A3E332A677}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{496BC6E5-9436-4504-8FA7-6FA92A1853A5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{F152A80D-07F2-460F-B8B9-DDDC51B84E8C}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{C03F89BF-7E62-4E28-B502-01B3ED780E49}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7847209A-CA4B-48CA-BB22-DA601BAE1969}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A7E16A21-3F72-4DFC-9B49-FE50AD0D3248}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A9B7B5E-FFE9-4921-8D64-2C2811944E3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3E0BB217-95BE-4955-A6E4-87A271834A58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{15CD9402-6023-4609-9845-9376F50C4047}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{48E0A04C-A7F4-4A42-B47E-E6066AEE65A6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{870D1668-914E-49FE-8054-522FB4AC4D69}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{F85C94B1-F6AE-427A-96E5-434FF23C7280}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4CDBC95A-4266-4CC7-BFA6-48E9FC3EE688}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{439874E3-D455-4F90-B1F4-DB4DBC1580A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{916FAFB0-AD94-4CE6-827A-25EE6DA5D242}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E348E6D-2C9E-4AA0-9DA1-2C20C55EE636}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9C3F099-F863-4712-8824-39DA03F1E86D}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{66CFF4F2-84BA-4064-A084-1AC6BEAFD22E}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8178D6FE-A07E-42A2-9447-B36AD2EE411B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BEEF8375-1077-46E0-AF0A-6F3D4319A1A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{6509715D-4FFF-48E5-9F85-47711C242DC2}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3EA41D90-239E-43D4-8030-F98B09D2568E}C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CD1A029E-EB15-4B9A-BDF5-8447D414ABDB}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7AE06CD8-751F-4ECB-86D0-071153E6F4DD}] => (Allow) C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C42F6C0D-13C1-414C-A9BC-EC45375615C7}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D6B9505C-B75F-415D-BE17-B243B6C805D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{019DFA42-03C1-4F4A-A449-8087439D8869}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{78F0CAB7-2674-4A08-AD2C-2C76B654C1E7}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [UDP Query User{A0D92CAA-BE09-4716-BD13-D91C498E45C9}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{E52D8FE8-08C2-4363-9469-E745C9FDD86B}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{43B1D521-EAFB-4477-B4AE-27A8F416C32F}] => (Allow) LPort=1900
FirewallRules: [{BB1A74E9-53DB-4113-9760-8D6A5C30AD70}] => (Allow) LPort=2869
FirewallRules: [{CD60E7AF-72D9-4CAC-943D-222D53D9C00C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{ECFF6F2F-7B98-4CD4-B5DA-46F0120BC4F0}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F818BFCA-AE71-4B5F-B696-B13697F4A476}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6F89C87F-9D59-4991-893D-93FF5F23B268}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{23C73837-8E9F-44E5-82D7-6C29B9326DA0}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{35CF2B60-8187-4B16-9395-FA385E20F028}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{5D469EAF-B52D-468D-902F-30C7A128E1A0}] => (Allow) LPort=12972
FirewallRules: [{82764839-16E8-46A5-B75F-DA6866DB5D5C}] => (Allow) LPort=14714
FirewallRules: [{33F0770F-4BDC-4816-B0C5-06CA2DB722BA}] => (Allow) LPort=31931
FirewallRules: [{3239B938-D8F3-45A1-88C4-8F26663EBDF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CCEE1EDD-176E-44F9-8C55-56ABA68DABA4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B91D27A-3AEA-4232-8E48-3D3134803DF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2642E890-0D58-4CDC-98C2-DE7C49087125}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7ED73168-D91D-44B2-98E0-589B7C36990C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{F59AD314-C545-433C-BE11-BCD9281E900E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{2B8323F0-B8B6-47F9-A7FC-6D3FAD015FFE}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{0865BB69-2E4D-4266-9488-437C8B97CE1E}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{C173D498-7B5B-4513-B83E-F6A7E69095BC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{B09B3E1A-2148-4E4F-9243-170777EC31C2}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{CB9D9A15-E67D-47EF-929B-3A01189213EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: GT-I8190
Description: GT-I8190
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd. 
Service: WUDFWpdMtp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/21/2015 10:26:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (12/21/2015 10:24:47 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler4

Error: (12/21/2015 10:24:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/21/2015 06:55:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/21/2015 01:49:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15375

Error: (12/21/2015 01:49:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15375

Error: (12/21/2015 01:49:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/21/2015 01:48:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/19/2015 12:48:24 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: PC)
Description: C:\Users\Peter\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCacheMicrosoft.WindowsStore_8wekyb3d8bbwe-2147024894

Error: (12/19/2015 12:48:24 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: PC)
Description: C:\Users\Peter\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\LocalCacheMicrosoft.WindowsStore_8wekyb3d8bbwe-2147024894


Systemfehler:
=============
Error: (12/21/2015 10:25:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session10" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/21/2015 10:25:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session10" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/21/2015 10:25:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session10" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/21/2015 10:25:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session10" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/21/2015 10:25:14 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/21/2015 10:24:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/21/2015 10:24:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/21/2015 10:24:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/21/2015 10:24:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/21/2015 10:24:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8155.5 MB
Verfügbarer physikalischer RAM: 5839.43 MB
Summe virtueller Speicher: 9435.5 MB
Verfügbarer virtueller Speicher: 6968.34 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.08 GB) (Free:85.49 GB) NTFS
Drive d: (My Book) (Fixed) (Total:2794.49 GB) (Free:2671.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== Ende von Addition.txt ============================

Lesestoff

deeprybka · 22.12.2015, 20:49

Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Dummie · 23.12.2015, 01:28

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d9baa009ad5bc0428292bf60c523892d
# end=init
# utc_time=2015-12-22 10:03:38
# local_time=2015-12-22 11:03:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27321
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d9baa009ad5bc0428292bf60c523892d
# end=updated
# utc_time=2015-12-22 10:10:46
# local_time=2015-12-22 11:10:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d9baa009ad5bc0428292bf60c523892d
# engine=27321
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-22 11:30:23
# local_time=2015-12-23 12:30:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8965202 15402395 0 0
# scanned=402005
# found=3
# cleaned=0
# scan_time=4776
sh=F9D00EEF67F456B07C277EDE009DD246359AF016 ft=1 fh=dd0ca36473385c46 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Peter\Downloads\Exact Audio Copy - CHIP-Installer.exe"
sh=73AB241860565E4EE713E6CD17E89F3F6B71DB32 ft=1 fh=a4b225c8d951c115 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Peter\Downloads\Free PDF to Word Doc Converter - CHIP-Installer (1).exe"
sh=B186485DEDDDA8D0AD01BA4EA351985ACCE4925D ft=1 fh=82df90c5ef6ab5b0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Peter\Downloads\Free PDF to Word Doc Converter - CHIP-Installer.exe"

deeprybka · 23.12.2015, 19:56

Da wurde auch nichts gefunden. Ich würde mal die Bank kontaktieren.

20.12.2015, 18:00	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	PC infiziert? Seit wann genau besteht das Problem? __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

21.12.2015, 19:00	#11
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	PC infiziert? Keine Eile. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

23.12.2015, 19:56	#15
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	PC infiziert? Da wurde auch nichts gefunden. Ich würde mal die Bank kontaktieren. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

PC infiziert?

Plagegeister aller Art und deren Bekämpfung: PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

PC infiziert?

Ähnliche Themen: PC infiziert?

18.12.2015, 16:15	#1
Dummie	PC infiziert? Hallo, meine Online-Banking Software sagt mir, dass auf meinen Rechner ein schadhaftes Programm ist. Daraufhin habe ich ein Malware-Programm laufen lassen und meinen Virenscanner. Beides zeigt aber nichts an, darum frage ich hier mal nach Hilfe. Beste Grüße

21.12.2015, 18:54	#10
Dummie	PC infiziert? Jetzt schaffe ich das nicht mehr, werde das erledigen wenn ich heute Abend zu Hause bin. Danke schon mal vorab