TDSS-Killer hat 3 Funde

moha · 13.04.2016, 20:26

Hallo TB!
Habe mal aus Routine TDSS-Killer laufen lassen und siehe da, ein Fund.
Sieht mir zwar stark nach False-Positive aus, aber ich hätte trotzdem gern, dass jemand drüberschaut!

Weder Emsisoft, noch MBAM und MBAR und Eset haben bis jetzt was gefunden.
FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Moha´s PC (Administrator) auf MOHASPC (13-04-2016 20:58:09)
Gestartet von C:\Users\Moha´s PC\Desktop
Geladene Profile: Moha´s PC (Verfügbare Profile: Moha´s PC & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Moha´s PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
() C:\Program Files (x86)\EIZO\G-Ignition\QtWebProcess.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
() C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Program Files (x86)\FAHClient\FAHClient.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
() C:\Program Files (x86)\Mod Organizer\ModOrganizer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.46\opera.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2016-01-14] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2016-01-13] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9404304 2016-04-07] (Emsisoft Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [1129984 2014-11-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [COLADA] => C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe [1753600 2014-04-25] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13894472 2016-02-03] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [Spotify Web Helper] => C:\Users\Moha´s PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-13] (Spotify Ltd)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [MediaFire Tray] => "C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\mf_watch.exe"
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-04-03] (Electronic Arts)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-06-26] (Apple Inc.)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\RunOnce: [Uninstall C:\Users\Moha�s PC\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\RunOnce: [Uninstall C:\Users\Moha�s PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => Keine Datei
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\G-Ignition Ver1.0.2.lnk [2015-02-28]
ShortcutTarget: G-Ignition Ver1.0.2.lnk -> C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe (EIZO Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\G-Ignition Ver2.0.0.lnk [2015-11-15]
ShortcutTarget: G-Ignition Ver2.0.0.lnk -> C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe (EIZO Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-03-20]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-09-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2014-11-14]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Borderless Gaming.lnk [2015-01-14]
ShortcutTarget: Borderless Gaming.lnk -> C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe (Codeusa Software)
Startup: C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2015-10-11]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe ()
Startup: C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2ee03ea9-3074-49ae-8ba3-86a485ddb484}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2ee03ea9-3074-49ae-8ba3-86a485ddb484}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{512e878b-a7ad-48d7-8186-edbe6236cd34}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{74a60767-3d94-49bb-9d8e-1303b5fba16e}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-16] (Microsoft Corporation)
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-16] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-16] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Moha´s PC\AppData\Roaming\Mozilla\Firefox\Profiles\9p2yriq5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-11-16] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-09] (Adobe Systems Inc.)
FF HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17
FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17 [2015-10-28]

Chrome: 
=======
CHR Profile: C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-25]
CHR Extension: (Google Docs) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-25]
CHR Extension: (Google Drive) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google-Suche) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Tabellen) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-25]
CHR Extension: (Google Docs Offline) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]
CHR Extension: (Google Mail) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

Opera: 
=======
OPR Extension: (Ghostery) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2016-02-23]
OPR Extension: (uBlock Origin) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2016-04-09]
OPR Extension: (History Eraser) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-12-19]
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2015-12-21]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2016-03-11]
OPR Extension: (Magic Actions for YouTube™) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2015-12-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11334288 2016-04-07] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (AOMEI Tech Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2014-11-13] (Creative Technology Ltd) [Datei ist nicht signiert]
S4 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2014-08-29] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-05] (Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-04-08] (EasyAntiCheat Ltd)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-11-05] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [402432 2015-07-07] (Rivet Networks) [Datei ist nicht signiert]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-03] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-12-20] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel(R) Corporation)
S2 CsrBtOBEX-Dienst; "C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe" [X]
S3 MediaFire Desktop Updater Service; C:\Program Files (x86)\MediaFire Desktop\bin\UpdaterLocalCOM.exe [X]
S2 MF NTFS Monitor; C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [Datei ist nicht signiert]
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-26] () [Datei ist nicht signiert]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-26] () [Datei ist nicht signiert]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-11-06] ()
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [114736 2015-07-07] (Rivet Networks, LLC.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-12-17] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-12-17] (Corsair)
S3 CsrBtPort; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1051392 2014-08-29] (Creative Technology Ltd)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
S3 etocdrv; C:\WINDOWS\etocdrv.sys [15584 2013-10-30] (Giga-Byte Technology CO., LTD.)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 G3GKB; C:\Windows\system32\drivers\G3GKB.sys [25600 2012-10-23] ( )
S3 GPCIDrv; C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
S3 GPU-Z; C:\Users\Moha´s PC\AppData\Local\Temp\GPU-Z.sys [27008 2016-04-09] ()
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
S3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [124464 2015-04-27] (Qualcomm Atheros, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-11-06] ()
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-13] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] ()
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-15] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-13 20:58 - 2016-04-13 20:58 - 00037390 _____ C:\Users\Moha´s PC\Desktop\FRST.txt
2016-04-13 20:49 - 2016-04-13 20:53 - 00319834 _____ C:\TDSSKiller.3.1.0.9_13.04.2016_20.49.29_log.txt
2016-04-13 20:38 - 2016-04-13 20:58 - 00000000 ____D C:\FRST
2016-04-13 20:38 - 2016-04-13 20:38 - 02375168 _____ (Farbar) C:\Users\Moha´s PC\Desktop\FRST64.exe
2016-04-13 13:43 - 2016-04-13 13:43 - 00000000 ___HD C:\OneDriveTemp
2016-04-09 18:53 - 2016-04-09 18:55 - 00000964 __RSH C:\ProgramData\ntuser.pol
2016-04-09 18:35 - 2016-04-13 19:04 - 00000412 _____ C:\WINDOWS\Tasks\update-sys.job
2016-04-09 18:35 - 2016-04-13 18:04 - 00000412 _____ C:\WINDOWS\Tasks\update-S-1-5-21-1815034600-3101877025-2237350249-1000.job
2016-04-09 18:35 - 2016-04-09 18:35 - 00003410 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-1815034600-3101877025-2237350249-1000
2016-04-09 18:35 - 2016-04-09 18:35 - 00003338 _____ C:\WINDOWS\System32\Tasks\update-sys
2016-04-09 18:35 - 2016-04-09 18:35 - 00000424 _____ C:\Users\Moha´s PC\AppData\Local\UserProducts.xml
2016-04-09 18:35 - 2016-04-09 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-04-09 18:35 - 2016-04-09 18:35 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2016-04-08 15:45 - 2016-04-08 15:41 - 00243984 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2016-04-08 15:40 - 2016-04-08 15:40 - 00000222 _____ C:\Users\Moha´s PC\Desktop\The Culling.url
2016-04-08 15:34 - 2016-04-08 15:55 - 00317176 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-04-07 21:46 - 2016-04-07 22:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-06 21:10 - 2016-04-06 21:10 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2016-04-05 19:31 - 2016-04-05 19:31 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\HandBrake Team
2016-04-05 19:30 - 2016-04-05 19:30 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-04-05 19:30 - 2016-04-05 19:30 - 00000000 ____D C:\Program Files\Handbrake
2016-04-05 18:49 - 2016-04-13 13:43 - 00000000 ___RD C:\Users\Moha´s PC\Dropbox
2016-04-05 18:49 - 2016-04-05 18:49 - 00001310 _____ C:\Users\Moha´s PC\Desktop\Dropbox.lnk
2016-04-05 18:49 - 2016-04-05 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-05 18:48 - 2016-04-13 20:53 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-05 18:48 - 2016-04-13 18:53 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-05 18:48 - 2016-04-13 13:43 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Dropbox
2016-04-05 18:48 - 2016-04-05 18:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-05 18:48 - 2016-04-05 18:48 - 00004296 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-04-05 18:48 - 2016-04-05 18:48 - 00004064 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-04-05 18:48 - 2016-04-05 18:48 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Dropbox
2016-04-05 18:48 - 2016-04-05 18:48 - 00000000 ____D C:\ProgramData\Dropbox
2016-04-05 13:47 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-05 13:47 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-05 13:47 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-05 13:47 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-05 13:47 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-05 13:47 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-05 13:47 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-05 13:47 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-05 13:47 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-05 13:47 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-05 13:47 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-05 13:47 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-05 13:47 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-05 13:47 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-05 13:47 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-05 13:47 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-05 13:47 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-05 13:47 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-05 13:47 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-05 13:47 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-05 13:47 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-05 13:47 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-05 13:47 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-05 13:47 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-05 13:47 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-05 13:47 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-05 13:47 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-05 13:47 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-05 13:47 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-05 13:47 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-05 13:47 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-05 13:47 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-05 13:47 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-05 13:47 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-05 13:47 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-05 13:47 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-05 13:47 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-05 13:47 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-05 13:47 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-05 13:47 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-05 13:47 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-05 13:47 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-05 13:47 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-05 13:47 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-05 13:47 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-05 13:47 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-05 13:47 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-05 13:47 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-05 13:47 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-05 13:47 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-05 13:47 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-05 13:47 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-05 13:47 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-05 13:47 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-05 13:47 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-05 13:47 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-05 13:47 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-05 13:47 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-05 13:47 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-05 13:47 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-05 13:47 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-05 13:47 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-05 13:47 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-05 13:47 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-05 13:47 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-05 13:47 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-05 13:47 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-05 13:47 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-05 13:47 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-05 13:47 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-05 13:47 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-05 13:47 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-05 13:47 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-05 13:47 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-05 13:47 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-05 13:47 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-05 13:47 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-05 13:47 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-05 13:47 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-05 13:47 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-05 13:47 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-05 13:47 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-05 13:47 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-05 13:47 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-05 13:47 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-05 13:47 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-05 13:47 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-05 13:47 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-05 13:47 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-05 13:47 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-05 13:47 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-05 13:47 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-05 13:47 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-05 13:46 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-05 13:46 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-05 13:46 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-05 13:46 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-05 13:46 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-05 13:46 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-05 13:46 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-05 13:46 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-05 13:46 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-05 13:46 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-05 13:46 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-05 13:46 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-05 13:46 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-05 13:46 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-05 13:46 - 2016-02-24 09:23 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-05 13:46 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-05 13:46 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-05 13:46 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-05 13:46 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-05 13:46 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-05 13:46 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-05 13:46 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-05 13:46 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-05 13:46 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-05 13:46 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-05 13:46 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-05 13:46 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-05 13:46 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-05 13:46 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-05 13:46 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-05 13:46 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-05 13:46 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-05 13:46 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-05 13:46 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-05 13:46 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-05 13:46 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-05 13:46 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-05 13:46 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-05 13:46 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-05 13:46 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-05 13:46 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-05 13:46 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-05 13:46 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-05 13:46 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-05 13:46 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-05 13:46 - 2016-02-24 08:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-05 13:46 - 2016-02-24 08:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-05 13:46 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-05 13:46 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-05 13:46 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-05 13:46 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-05 13:46 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-05 13:46 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-05 13:46 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-05 13:46 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-05 13:46 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-05 13:46 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-05 13:46 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-05 13:46 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-03 18:20 - 2016-04-13 17:06 - 00000000 ____D C:\Textures Backup
2016-04-03 18:20 - 2016-04-03 18:20 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\WinRAR
2016-04-03 14:19 - 2016-02-23 13:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-03 14:19 - 2016-02-23 13:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-03 14:19 - 2016-02-23 13:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-03 14:19 - 2016-02-23 13:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-03 14:19 - 2016-02-23 13:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-03 14:19 - 2016-02-23 13:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-03 14:19 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-03 14:19 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-03 14:19 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-03 14:19 - 2016-02-23 13:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-03 14:19 - 2016-02-23 12:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-03 14:19 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-03 14:19 - 2016-02-23 12:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-03 14:19 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-03 14:19 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-03 14:19 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-03 14:19 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-03 14:19 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-03 14:19 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-03 14:19 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-03 14:19 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-03 14:19 - 2016-02-23 11:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-03 14:19 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-03 14:19 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-03 14:19 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-03 14:19 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-03 14:19 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-03 14:19 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-03 14:19 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-03 14:19 - 2016-02-23 11:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-03 14:19 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-03 14:19 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-03 14:19 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-03 14:19 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-03 14:19 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-03 14:19 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-03 14:19 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-03 14:19 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-03 14:19 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-03 14:19 - 2016-02-23 10:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-03 14:19 - 2016-02-23 10:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-03 14:19 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-03 14:19 - 2016-02-23 10:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-03 14:19 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-03 14:19 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-03 14:19 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-03 14:19 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-03 14:19 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-03 14:19 - 2016-02-23 10:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-03 14:19 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-03 14:19 - 2016-02-23 10:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-03 14:19 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-03 14:19 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-03 14:19 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-03 14:19 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-03 14:19 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-03 14:19 - 2016-02-23 10:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-03 14:19 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-03 14:19 - 2016-02-23 10:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-03 14:19 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-03 14:19 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-03 14:19 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-03 14:19 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-03 14:19 - 2016-02-23 10:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-03 14:19 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-03 14:19 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-03 14:19 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-03 14:19 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-03 14:19 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-03 14:19 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-03 14:19 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-03 14:19 - 2016-02-23 10:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-03 14:19 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-03 14:19 - 2016-02-23 10:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-03 14:19 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-03 14:19 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-03 14:19 - 2016-02-23 10:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-03 14:19 - 2016-02-23 10:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-03 14:19 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-03 14:19 - 2016-02-23 10:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-03 14:19 - 2016-02-23 10:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-03 14:19 - 2016-02-23 10:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-03 14:19 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-03 14:19 - 2016-02-23 10:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-03 14:19 - 2016-02-23 10:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-03 14:19 - 2016-02-23 10:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-03 14:19 - 2016-02-23 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-03 14:19 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-03 14:19 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-03 14:19 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-03 14:19 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-03 14:19 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-03 14:19 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-03 14:19 - 2016-02-23 10:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-03 14:19 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-03 14:19 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-03 14:19 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-03 14:19 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-03 14:19 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-03 14:19 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-03 14:19 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-03 14:19 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-03 14:19 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-03 14:19 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-03 14:19 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 09:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-03 14:19 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-03 14:19 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-03 14:19 - 2016-02-23 09:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-03 14:19 - 2016-02-23 09:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-03 14:19 - 2016-02-23 09:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-03 14:19 - 2016-02-23 09:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-03 14:19 - 2016-02-23 09:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-03 14:19 - 2016-02-23 09:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-03 14:19 - 2016-02-23 09:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-03 14:19 - 2016-02-23 09:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-03 14:19 - 2016-02-23 09:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-03 14:19 - 2016-02-23 09:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-03 14:19 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-03 14:19 - 2016-02-23 09:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-03 14:19 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-03 14:19 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-03 14:19 - 2016-02-23 08:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-03 14:19 - 2016-02-23 08:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-03 14:19 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-03 14:19 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-03 14:19 - 2016-02-23 08:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-03 14:19 - 2016-02-23 08:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-03 14:19 - 2016-02-23 08:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-03 14:19 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-03 14:19 - 2016-02-23 08:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-03 14:19 - 2016-02-23 08:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-03 14:19 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-03 14:19 - 2016-02-23 08:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-03 14:19 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-03 14:19 - 2016-02-23 08:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-03 14:19 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-03 14:19 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-03 14:19 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-03 14:19 - 2016-02-23 08:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-03 14:19 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-03 14:19 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-03 14:19 - 2016-02-09 06:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-03 14:19 - 2016-02-09 06:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-03 14:19 - 2016-02-09 05:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-03 14:19 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-03 14:19 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-03 14:19 - 2016-02-09 05:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-03 14:19 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-03 14:19 - 2016-02-09 05:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-25 22:26 - 2016-03-25 22:26 - 00001182 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-24 19:41 - 2016-03-24 19:50 - 00000000 ____D C:\TESVEDIT
2016-03-24 19:11 - 2016-03-24 19:11 - 00000222 _____ C:\Users\Moha´s PC\Desktop\CAT Interstellar.url
2016-03-24 00:26 - 2016-03-24 01:26 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\PersBackup5
2016-03-24 00:26 - 2016-03-24 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Backup
2016-03-24 00:26 - 2016-03-24 00:26 - 00000000 ____D C:\Program Files\Personal Backup 5
2016-03-24 00:15 - 2016-03-24 00:15 - 00001141 _____ C:\Users\Public\Desktop\AOMEI Backupper Standard.lnk
2016-03-24 00:15 - 2016-03-24 00:15 - 00001024 ____H C:\SYSTAG.BIN
2016-03-24 00:15 - 2016-03-24 00:15 - 00000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2016-03-24 00:15 - 2016-03-24 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2016-03-24 00:15 - 2016-03-24 00:15 - 00000000 ____D C:\ProgramData\AomeiBR
2016-03-24 00:15 - 2016-03-24 00:15 - 00000000 ____D C:\Program Files (x86)\AOMEI Backupper
2016-03-24 00:15 - 2015-02-26 01:00 - 00151480 _____ C:\WINDOWS\system32\ammntdrv.sys
2016-03-24 00:15 - 2015-02-26 01:00 - 00030648 _____ C:\WINDOWS\system32\ambakdrv.sys
2016-03-24 00:15 - 2015-02-26 01:00 - 00017848 _____ C:\WINDOWS\system32\amwrtdrv.sys
2016-03-23 22:09 - 2016-03-23 22:11 - 00002613 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-03-23 22:09 - 2016-03-23 22:11 - 00002601 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-03-23 22:09 - 2016-03-23 22:10 - 00000000 ____D C:\ProgramData\Epic
2016-03-23 22:09 - 2016-03-23 22:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\EpicGamesLauncher
2016-03-23 22:09 - 2016-03-23 22:09 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-03-23 11:58 - 2016-03-23 11:58 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\Program Files\iPod
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-23 11:57 - 2016-03-23 11:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-03-23 11:57 - 2016-03-23 11:57 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\licensecb
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\CrazyBump
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazybump
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\ProgramData\licensecb
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\ProgramData\CrazyBump
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Program Files (x86)\Crazybump
2016-03-22 13:09 - 2016-03-22 13:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Corsair
2016-03-22 13:09 - 2016-03-22 13:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Corsair
2016-03-22 13:08 - 2016-03-22 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-03-22 13:07 - 2016-03-22 13:07 - 00000000 ____D C:\Program Files (x86)\Corsair
2016-03-21 01:25 - 2016-04-13 13:49 - 00009730 _____ C:\Users\Moha�s
2016-03-20 02:19 - 2016-03-20 02:19 - 00000000 ____D C:\ProgramData\Emsisoft
2016-03-20 02:14 - 2016-04-13 20:43 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-03-20 02:14 - 2016-03-20 02:14 - 00000944 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-03-20 02:14 - 2016-03-20 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-03-16 18:05 - 2016-03-16 18:05 - 00001111 _____ C:\Users\Public\Desktop\DoNotSpy10.lnk
2016-03-16 16:19 - 2016-03-16 16:19 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Nexus
2016-03-16 15:34 - 2016-03-16 15:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2016-03-16 15:34 - 2016-03-16 15:34 - 00000000 ____D C:\BluetoothExchangeFolder

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-13 20:54 - 2015-03-22 21:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-13 20:26 - 2014-11-01 17:34 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-13 20:04 - 2016-01-02 23:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-13 19:51 - 2015-06-04 15:06 - 00000000 ____D C:\Program Files (x86)\Mod Organizer
2016-04-13 14:07 - 2014-11-02 12:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-13 13:49 - 2015-12-06 12:32 - 01922188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-13 13:49 - 2015-10-30 20:35 - 00891730 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-13 13:49 - 2015-10-30 20:35 - 00198838 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-13 13:49 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-13 13:46 - 2014-11-08 17:52 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\LogMeIn Hamachi
2016-04-13 13:45 - 2016-02-17 23:04 - 00000000 ____D C:\tmp
2016-04-13 13:45 - 2016-01-02 15:46 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\CrashDumps
2016-04-13 13:43 - 2016-03-05 20:22 - 00000000 ___RD C:\Users\Moha´s PC\iCloudDrive
2016-04-13 13:43 - 2015-12-06 12:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-13 13:43 - 2015-12-06 12:32 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-13 13:43 - 2015-12-06 12:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-13 13:43 - 2015-10-13 11:20 - 00000000 ____D C:\ProgramData\Origin
2016-04-13 13:43 - 2015-10-11 14:30 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\FAHClient
2016-04-13 13:43 - 2014-11-06 20:31 - 00000000 ___RD C:\Users\Moha´s PC\OneDrive
2016-04-13 13:43 - 2014-11-01 18:11 - 00000000 __SHD C:\Users\Moha´s PC\IntelGraphicsProfiles
2016-04-13 13:43 - 2014-11-01 17:34 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-12 21:50 - 2016-01-30 14:54 - 00003134 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-04-12 21:50 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-12 18:41 - 2016-01-22 17:54 - 00000000 ____D C:\Users\Moha´s PC\Desktop\Blender
2016-04-12 18:27 - 2014-11-01 17:34 - 00002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 18:11 - 2014-11-14 21:48 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\vlc
2016-04-09 23:27 - 2015-12-06 12:32 - 00000000 ____D C:\Users\Moha´s PC
2016-04-09 23:16 - 2014-11-16 10:54 - 00007593 _____ C:\Users\Moha´s PC\AppData\Local\Resmon.ResmonCfg
2016-04-09 22:51 - 2015-12-09 19:04 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-09 19:34 - 2015-01-18 12:25 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Spotify
2016-04-09 19:34 - 2015-01-18 12:25 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Spotify
2016-04-09 18:51 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-09 18:35 - 2014-12-24 18:19 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\DVDVideoSoft
2016-04-09 18:17 - 2015-11-28 23:10 - 00000000 ____D C:\Users\Moha´s PC\Desktop\PC
2016-04-09 18:17 - 2015-11-28 23:01 - 00000000 ___RD C:\Users\Moha´s PC\Desktop\Programme
2016-04-09 18:14 - 2015-06-11 13:30 - 00000000 ____D C:\Users\Moha´s PC\.gimp-2.8
2016-04-08 20:04 - 2015-12-09 19:04 - 00004028 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-08 19:04 - 2016-01-02 23:06 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-08 15:40 - 2014-11-02 13:06 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-07 21:45 - 2015-03-22 21:47 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-07 17:05 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-07 16:47 - 2015-06-11 13:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\UnrealEngine
2016-04-07 16:46 - 2014-11-01 17:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-06 15:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-06 14:04 - 2015-12-06 12:30 - 00276392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-05 19:32 - 2014-12-24 18:22 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\HandBrake
2016-04-05 18:46 - 2015-05-01 16:41 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\uTorrent
2016-04-05 15:23 - 2014-11-01 17:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-05 15:21 - 2014-11-01 17:58 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-05 14:00 - 2015-03-19 21:56 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-04-05 13:59 - 2015-03-19 21:55 - 00000000 ____D C:\Program Files\paint.net
2016-04-04 14:50 - 2015-09-01 18:13 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-04 14:50 - 2015-02-08 16:02 - 00000000 ___RD C:\Users\Moha´s PC\Virtual Machines
2016-04-03 21:04 - 2015-10-30 20:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-03 21:04 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-03 21:04 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-03 19:02 - 2014-11-09 16:13 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\ElevatedDiagnostics
2016-04-03 14:03 - 2014-11-01 17:34 - 00003984 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1414856039
2016-04-03 14:03 - 2014-11-01 17:34 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-03 14:03 - 2014-11-01 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-03 14:02 - 2015-10-13 11:20 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-03 14:01 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-03 14:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-25 22:26 - 2015-03-22 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-25 22:26 - 2015-03-22 21:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-25 17:59 - 2014-11-01 21:18 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-03-24 19:32 - 2015-04-26 19:41 - 00000000 ____D C:\Program Files (x86)\LOOT
2016-03-24 15:38 - 2014-11-01 18:01 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Adobe
2016-03-24 01:03 - 2014-11-09 14:40 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Skype
2016-03-23 22:28 - 2015-09-25 18:26 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\UnrealTournament
2016-03-23 11:58 - 2014-11-09 14:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-23 11:57 - 2014-11-09 14:40 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-23 11:39 - 2015-12-19 23:58 - 00029184 ___SH C:\Users\Moha´s PC\Desktop\Thumbs.db
2016-03-21 01:26 - 2015-10-28 14:48 - 00000000 ____D C:\Users\Moha´s PC\AppData\LocalLow\uTorrent
2016-03-20 02:23 - 2016-01-02 23:05 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-20 02:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-20 02:21 - 2016-01-12 17:54 - 00000000 ____D C:\ProgramData\Sophos
2016-03-16 18:09 - 2015-09-01 18:15 - 00002444 _____ C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-16 18:05 - 2015-09-02 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoNotSpy10
2016-03-16 18:05 - 2015-09-02 12:40 - 00000000 ____D C:\Program Files (x86)\DoNotSpy10
2016-03-16 17:58 - 2015-09-01 18:13 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Packages
2016-03-16 17:16 - 2015-11-28 23:02 - 00000000 ____D C:\Users\Moha´s PC\Desktop\Gaming
2016-03-16 16:19 - 2015-12-16 13:03 - 00002389 _____ C:\Users\Moha´s PC\Desktop\Skyrim (SKSE).lnk
2016-03-16 15:40 - 2015-12-22 15:48 - 00000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-03-16 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-16 15:04 - 2014-11-06 20:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-16 14:52 - 2015-12-06 12:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-01 19:05 - 2015-09-19 09:08 - 0000000 _____ () C:\Users\Moha´s PC\AppData\Local\Driver_LOM_8161Present.flag
2015-02-19 14:39 - 2016-01-22 18:38 - 2128896 _____ () C:\Users\Moha´s PC\AppData\Local\file__0.localstorage
2016-03-05 20:15 - 2016-03-05 20:15 - 0010270 _____ () C:\Users\Moha´s PC\AppData\Local\recently-used.xbel
2014-11-16 10:54 - 2016-04-09 23:16 - 0007593 _____ () C:\Users\Moha´s PC\AppData\Local\Resmon.ResmonCfg
2016-04-09 18:35 - 2016-04-09 18:35 - 0000003 _____ () C:\Users\Moha´s PC\AppData\Local\updater.log
2016-04-09 18:35 - 2016-04-09 18:35 - 0000424 _____ () C:\Users\Moha´s PC\AppData\Local\UserProducts.xml

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-05 15:20

==================== Ende von FRST.txt ============================

Alle anderen Logs kommen, wenn ich schon eine Antwort habe, da sie auch zu groß für einen Anhang sind und ich keine Doppelposts machen will, solang ich noch keine Antwort habe.

Danke für jede Hilfe!

cosinus · 14.04.2016, 13:55

Log vom tdsskiller posten, sonst kann niemand was dazu sagen

moha · 14.04.2016, 15:07

Wollte nur sichergehen, dass ich nicht übersehen werde

Code:

ATTFilter

20:49:29.0474 0x3398  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
20:49:35.0853 0x3398  ============================================================
20:49:35.0853 0x3398  Current date / time: 2016/04/13 20:49:35.0853
20:49:35.0853 0x3398  SystemInfo:
20:49:35.0853 0x3398  
20:49:35.0853 0x3398  OS Version: 10.0.10586 ServicePack: 0.0
20:49:35.0853 0x3398  Product type: Workstation
20:49:35.0853 0x3398  ComputerName: MOHASPC
20:49:35.0853 0x3398  UserName: Moha´s PC
20:49:35.0853 0x3398  Windows directory: C:\WINDOWS
20:49:35.0853 0x3398  System windows directory: C:\WINDOWS
20:49:35.0853 0x3398  Running under WOW64
20:49:35.0853 0x3398  Processor architecture: Intel x64
20:49:35.0853 0x3398  Number of processors: 8
20:49:35.0853 0x3398  Page size: 0x1000
20:49:35.0853 0x3398  Boot type: Normal boot
20:49:35.0853 0x3398  ============================================================
20:49:36.0081 0x3398  KLMD registered as C:\WINDOWS\system32\drivers\10201737.sys
20:49:36.0103 0x3398  System UUID: {0E3529C7-3680-7DB6-7073-29E72FF19ED7}
20:49:36.0264 0x3398  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:36.0266 0x3398  Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:36.0266 0x3398  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:36.0269 0x3398  Drive \Device\Harddisk3\DR3 - Size: 0x1DE97FE00 ( 7.48 Gb ), SectorSize: 0x200, Cylinders: 0x3D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:49:36.0270 0x3398  Drive \Device\Harddisk4\DR4 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:49:36.0324 0x3398  ============================================================
20:49:36.0324 0x3398  \Device\Harddisk0\DR0:
20:49:36.0457 0x3398  MBR partitions:
20:49:36.0457 0x3398  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:49:36.0457 0x3398  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8B1D4800
20:49:36.0457 0x3398  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x8B207800, BlocksNum 0x619000
20:49:36.0457 0x3398  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xAA607800, BlocksNum 0x3E800000
20:49:36.0457 0x3398  \Device\Harddisk1\DR1:
20:49:36.0459 0x3398  MBR partitions:
20:49:36.0459 0x3398  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCF2000
20:49:36.0459 0x3398  \Device\Harddisk2\DR2:
20:49:36.0459 0x3398  MBR partitions:
20:49:36.0459 0x3398  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAC12C
20:49:36.0459 0x3398  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xB07E8, BlocksNum 0x3A1F4048
20:49:36.0459 0x3398  \Device\Harddisk3\DR3:
20:49:36.0460 0x3398  MBR partitions:
20:49:36.0460 0x3398  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xEF4BC0
20:49:36.0460 0x3398  \Device\Harddisk4\DR4:
20:49:36.0460 0x3398  MBR partitions:
20:49:36.0460 0x3398  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
20:49:36.0460 0x3398  ============================================================
20:49:36.0564 0x3398  A: <-> \Device\Harddisk0\DR0\Partition4
20:49:36.0566 0x3398  C: <-> \Device\Harddisk2\DR2\Partition2
20:49:36.0615 0x3398  D: <-> \Device\Harddisk0\DR0\Partition2
20:49:36.0616 0x3398  E: <-> \Device\Harddisk0\DR0\Partition1
20:49:36.0619 0x3398  F: <-> \Device\Harddisk1\DR1\Partition1
20:49:36.0641 0x3398  Y: <-> \Device\Harddisk0\DR0\Partition3
20:49:36.0641 0x3398  ============================================================
20:49:36.0641 0x3398  Initialize success
20:49:36.0641 0x3398  ============================================================
20:50:19.0519 0x1930  ============================================================
20:50:19.0519 0x1930  Scan started
20:50:19.0519 0x1930  Mode: Manual; SigCheck; TDLFS; 
20:50:19.0519 0x1930  ============================================================
20:50:19.0519 0x1930  KSN ping started
20:50:21.0924 0x1930  KSN ping finished: true
20:50:23.0224 0x1930  ================ Scan system memory ========================
20:50:23.0224 0x1930  System memory - ok
20:50:23.0225 0x1930  ================ Scan services =============================
20:50:23.0249 0x1930  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:50:23.0280 0x1930  1394ohci - ok
20:50:23.0292 0x1930  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:50:23.0299 0x1930  3ware - ok
20:50:23.0435 0x1930  [ 900C786D674B5AA8062E56476E12CA95, 6D2914A91C315662AE36BB6F2304669D161B38B1DED3DD409312E3D9E01C7BDF ] a2AntiMalware   C:\Program Files\Emsisoft Anti-Malware\a2service.exe
20:50:23.0592 0x1930  a2AntiMalware - ok
20:50:23.0610 0x1930  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:50:23.0624 0x1930  ACPI - ok
20:50:23.0628 0x1930  [ 2EA3EB3E69B6480AB112E876F3096312, 4A22343D8F261BE90F7287318EAC5B187F49D1C375174E4B526A0F3A27CD8346 ] AcpiCtlDrv      C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys
20:50:23.0632 0x1930  AcpiCtlDrv - ok
20:50:23.0636 0x1930  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:50:23.0643 0x1930  acpiex - ok
20:50:23.0645 0x1930  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:50:23.0652 0x1930  acpipagr - ok
20:50:23.0654 0x1930  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:50:23.0662 0x1930  AcpiPmi - ok
20:50:23.0664 0x1930  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:50:23.0670 0x1930  acpitime - ok
20:50:23.0675 0x1930  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:50:23.0680 0x1930  AdobeARMservice - ok
20:50:23.0702 0x1930  [ 04A7B373A727BD3ACD824621CF65AE70, 37FD3893811D8E7FDB2794AE18CB5A85D7FA13AB24DBEEF91F68832668204D21 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:50:23.0710 0x1930  AdobeFlashPlayerUpdateSvc - ok
20:50:23.0727 0x1930  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:50:23.0748 0x1930  ADP80XX - ok
20:50:23.0759 0x1930  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:50:23.0772 0x1930  AFD - ok
20:50:23.0776 0x1930  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
20:50:23.0783 0x1930  agp440 - ok
20:50:23.0788 0x1930  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:50:23.0799 0x1930  ahcache - ok
20:50:23.0801 0x1930  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:50:23.0807 0x1930  AJRouter - ok
20:50:23.0811 0x1930  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
20:50:23.0820 0x1930  ALG - ok
20:50:23.0823 0x1930  [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv        C:\WINDOWS\system32\ambakdrv.sys
20:50:23.0828 0x1930  ambakdrv - detected UnsignedFile.Multi.Generic ( 1 )
20:50:26.0310 0x1930  Detect skipped due to KSN trusted
20:50:26.0310 0x1930  ambakdrv - ok
20:50:26.0314 0x1930  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:50:26.0322 0x1930  AmdK8 - ok
20:50:26.0327 0x1930  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:50:26.0335 0x1930  AmdPPM - ok
20:50:26.0339 0x1930  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:50:26.0345 0x1930  amdsata - ok
20:50:26.0351 0x1930  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:50:26.0361 0x1930  amdsbs - ok
20:50:26.0372 0x1930  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:50:26.0379 0x1930  amdxata - ok
20:50:26.0383 0x1930  [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv        C:\WINDOWS\system32\ammntdrv.sys
20:50:26.0390 0x1930  ammntdrv - detected UnsignedFile.Multi.Generic ( 1 )
20:50:29.0077 0x1930  Detect skipped due to KSN trusted
20:50:29.0077 0x1930  ammntdrv - ok
20:50:29.0081 0x1930  [ 7CD08E63219E00BB206077F5BA708677, E8F4031E5E524C60D5853B5DE3AC37E45F28B490665F0CD2016754EDCFA4B2F2 ] amwrtdrv        C:\WINDOWS\system32\amwrtdrv.sys
20:50:29.0085 0x1930  amwrtdrv - detected UnsignedFile.Multi.Generic ( 1 )
20:50:31.0470 0x1930  Detect skipped due to KSN trusted
20:50:31.0470 0x1930  amwrtdrv - ok
20:50:31.0477 0x1930  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
20:50:31.0485 0x1930  AppHostSvc - ok
20:50:31.0489 0x1930  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:50:31.0497 0x1930  AppID - ok
20:50:31.0500 0x1930  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:50:31.0516 0x1930  AppIDSvc - ok
20:50:31.0518 0x1930  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:50:31.0529 0x1930  Appinfo - ok
20:50:31.0534 0x1930  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:50:31.0539 0x1930  Apple Mobile Device Service - ok
20:50:31.0544 0x1930  [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:50:31.0556 0x1930  AppMgmt - ok
20:50:31.0566 0x1930  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:50:31.0582 0x1930  AppReadiness - ok
20:50:31.0609 0x1930  [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:50:31.0655 0x1930  AppXSvc - ok
20:50:31.0662 0x1930  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:50:31.0669 0x1930  arcsas - ok
20:50:31.0671 0x2950  Object required for P2P: [ 900C786D674B5AA8062E56476E12CA95 ] a2AntiMalware
20:50:31.0681 0x1930  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:50:31.0688 0x1930  aspnet_state - ok
20:50:31.0690 0x1930  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
20:50:31.0700 0x1930  AsyncMac - ok
20:50:31.0702 0x1930  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:50:31.0711 0x1930  atapi - ok
20:50:31.0723 0x1930  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
20:50:31.0737 0x1930  atksgt - ok
20:50:31.0743 0x1930  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:50:31.0755 0x1930  AudioEndpointBuilder - ok
20:50:31.0772 0x1930  [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:50:31.0800 0x1930  Audiosrv - ok
20:50:31.0804 0x1930  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:50:31.0815 0x1930  AxInstSV - ok
20:50:31.0824 0x1930  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:50:31.0837 0x1930  b06bdrv - ok
20:50:31.0841 0x1930  [ 7228CA6320ABA120DAAA69C740B73943, 852D7A095BF0393338AC5480EF84B9E8FA3D03340390869686F74B301744D4F5 ] Backupper Service C:\Program Files (x86)\AOMEI Backupper\ABService.exe
20:50:31.0845 0x1930  Backupper Service - ok
20:50:31.0848 0x1930  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:50:31.0854 0x1930  BasicDisplay - ok
20:50:31.0856 0x1930  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:50:31.0864 0x1930  BasicRender - ok
20:50:31.0866 0x1930  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
20:50:31.0873 0x1930  bcmfn - ok
20:50:31.0875 0x1930  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:50:31.0882 0x1930  bcmfn2 - ok
20:50:31.0889 0x1930  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:50:31.0901 0x1930  BDESVC - ok
20:50:31.0904 0x1930  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:50:31.0920 0x1930  Beep - ok
20:50:31.0934 0x1930  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
20:50:31.0956 0x1930  BFE - ok
20:50:31.0963 0x1930  [ 9D5A59DD3BB9635024E14F05DA6E5CBC, ED94C11D2B028BB7C6689D1B368A306163FB97EDA5311CCDD1CCA7D7B3DB8926 ] BfLwf           C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys
20:50:31.0970 0x1930  BfLwf - ok
20:50:31.0988 0x1930  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
20:50:32.0016 0x1930  BITS - ok
20:50:32.0024 0x1930  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:50:32.0032 0x1930  Bonjour Service - ok
20:50:32.0036 0x1930  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:50:32.0045 0x1930  bowser - ok
20:50:32.0055 0x1930  [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:50:32.0072 0x1930  BrokerInfrastructure - ok
20:50:32.0082 0x1930  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
20:50:32.0090 0x1930  Browser - ok
20:50:32.0096 0x1930  [ FF4E89D75628B3780716CB6C87AC1CE2, 797713EA165810FADBB5CACA855B4A1E76601641C256C3A3D9C673460349C08A ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
20:50:32.0105 0x1930  BthA2DP - ok
20:50:32.0107 0x1930  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:50:32.0130 0x1930  BthAvrcpTg - ok
20:50:32.0134 0x1930  [ 36417FC4F11C31C880CB428037DEDF3F, ACDB798A038E3D5CC350AC53A9EC8E14AD02E2C28AE4578EC0205E6DF537A8F9 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
20:50:32.0143 0x1930  BthEnum - ok
20:50:32.0145 0x1930  [ 0B10EFF40BBAF466D729B105CA51AAFC, 4FF1AECA2284622E8E1442CA6BF91AF4C10EAE89B111ADC4A7DD116517975BF8 ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
20:50:32.0152 0x1930  BthHFAud - ok
20:50:32.0154 0x1930  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:50:32.0162 0x1930  BthHFEnum - ok
20:50:32.0164 0x1930  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:50:32.0171 0x1930  bthhfhid - ok
20:50:32.0177 0x1930  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:50:32.0190 0x1930  BthHFSrv - ok
20:50:32.0196 0x1930  [ CC6C1393B423EBFF9F6696CB9CC4CBCB, AB1861727631EDDD5B8404C51E75A67CAA42FD640E067A6ECC07EF0FCC871840 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
20:50:32.0206 0x1930  BthLEEnum - ok
20:50:32.0210 0x1930  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:50:32.0217 0x1930  BTHMODEM - ok
20:50:32.0221 0x1930  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
20:50:32.0230 0x1930  BthPan - ok
20:50:32.0243 0x1930  [ CEFF59649E90987D263D96078724A54A, 3EB69F0BA282085682FB09F1469BF66A84229D8C7A044C6B98B78477716917EE ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
20:50:32.0266 0x1930  BTHPORT - ok
20:50:32.0270 0x1930  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:50:32.0280 0x1930  bthserv - ok
20:50:32.0283 0x1930  [ 0D279373091AA1BBEEE958AAF02B5EDF, 79CEBC2D9345103958DC161C31AC4BE078626D6DC28F6F06C432917872A1E3B4 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
20:50:32.0290 0x1930  BTHUSB - ok
20:50:32.0293 0x1930  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
20:50:32.0300 0x1930  buttonconverter - ok
20:50:32.0303 0x1930  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
20:50:32.0312 0x1930  CapImg - ok
20:50:32.0322 0x1930  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:50:32.0336 0x1930  cdfs - ok
20:50:32.0343 0x1930  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
20:50:32.0356 0x1930  CDPSvc - ok
20:50:32.0361 0x1930  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:50:32.0370 0x1930  cdrom - ok
20:50:32.0374 0x1930  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:50:32.0387 0x1930  CertPropSvc - ok
20:50:32.0390 0x1930  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:50:32.0398 0x1930  circlass - ok
20:50:32.0405 0x1930  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:50:32.0417 0x1930  CLFS - ok
20:50:32.0458 0x1930  [ 43102F2322F0CB42A7D2C685278BC460, 5586485A472BD5D99D27A36CEEEBB2C849C9D0D9EDB8312203B78279D69C6CA2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
20:50:32.0499 0x1930  ClickToRunSvc - ok
20:50:32.0511 0x1930  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
20:50:32.0530 0x1930  ClipSVC - ok
20:50:32.0545 0x1930  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:50:32.0551 0x1930  CmBatt - ok
20:50:32.0585 0x1930  [ 12145BABD827F3B68B27A4F73B7284CD, 29F539A3CE770D9B719FCDF055FCCD46353FC2A3752DCAE95F3C171CB40D1A44 ] cmudaxp         C:\WINDOWS\system32\drivers\cmudaxp.sys
20:50:32.0656 0x1930  cmudaxp - ok
20:50:32.0670 0x1930  [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:50:32.0687 0x1930  CNG - ok
20:50:32.0690 0x1930  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:50:32.0696 0x1930  cnghwassist - ok
20:50:32.0704 0x1930  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
20:50:32.0711 0x1930  CompositeBus - ok
20:50:32.0713 0x1930  COMSysApp - ok
20:50:32.0717 0x1930  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:50:32.0723 0x1930  condrv - ok
20:50:32.0739 0x1930  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
20:50:32.0762 0x1930  CoreMessagingRegistrar - ok
20:50:32.0767 0x1930  [ 829FD68876F4B6484AAF85F1E98BE050, BF94C916A393E0D99DB9E49FB5B37649799EA494112FD7271D0EAC704751F799 ] CorsairVBusDriver C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys
20:50:32.0772 0x1930  CorsairVBusDriver - ok
20:50:32.0775 0x1930  [ 407237341D4E3D27E987E4B78CAF5359, EBFD281D853D45016C67003B284C88FB4BB59B6ACE181E207CCC4A14449092BC ] CorsairVHidDriver C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys
20:50:32.0778 0x1930  CorsairVHidDriver - ok
20:50:32.0790 0x1930  [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:50:32.0798 0x1930  cphs - ok
20:50:32.0803 0x1930  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:50:32.0811 0x1930  CryptSvc - ok
20:50:32.0820 0x1930  [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
20:50:32.0836 0x1930  CSC - ok
20:50:32.0849 0x1930  [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService      C:\WINDOWS\System32\cscsvc.dll
20:50:32.0873 0x1930  CscService - ok
20:50:32.0878 0x1930  CsrBtOBEX-Dienst - ok
20:50:32.0915 0x1930  [ 6AA077D6CC426476E349DF8BFAB2DD0A, 5D24CE14881DD6D1C5003FDE45036DB8894546D26BAEA29D50A6F73B3BE78050 ] CsrBtPort       C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys
20:50:32.0965 0x1930  CsrBtPort - ok
20:50:32.0970 0x1930  [ B869927FB411004CCD98B7DF30A8AEDC, 4E72AE1EDFA55A8577B56ADAEF196910A915F619E121BCC98155439984FA2AE3 ] csrpan          C:\WINDOWS\System32\drivers\csrpan.sys
20:50:32.0973 0x1930  csrpan - ok
20:50:32.0977 0x1930  [ 7DB081CD5AFF021666444D7CEFFBDB1B, F32E7D217B0BB6091D808BE413D548A2C66584BA3625F189C81090DC0CC1F0F9 ] csrserial       C:\WINDOWS\system32\DRIVERS\csrserial.sys
20:50:32.0980 0x1930  csrserial - ok
20:50:32.0985 0x1930  [ 19A0B8F1CE67E5E0E0CDF315F9DA29D6, 3A2E289F8E227D60F6211C5B62170F2F446DBD86ED7BE014B543F24D394600AF ] csrusb          C:\WINDOWS\System32\Drivers\csrusb.sys
20:50:32.0988 0x1930  csrusb - ok
20:50:32.0991 0x1930  [ D2EF74C29A95E8814BC0BCFF3F21D4D1, 1D70B391B0C3FE50C96932580302353BB290D589F7834407C4DA7FCFAF3B4B06 ] csrusbfilter    C:\WINDOWS\System32\Drivers\csrusbfilter.sys
20:50:32.0995 0x1930  csrusbfilter - ok
20:50:33.0016 0x1930  [ E94E2A73DD415849CCAEEF50899FC486, 7A93BA6386DCD6F4CF1E41D347C19F844B51EC4EBA710601E9963A655467A691 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
20:50:33.0027 0x1930  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
20:50:34.0191 0x2950  Object send P2P result: true
20:50:34.0193 0x2950  Object required for P2P: [ 04A7B373A727BD3ACD824621CF65AE70 ] AdobeFlashPlayerUpdateSvc
20:50:35.0380 0x1930  Detect skipped due to KSN trusted
20:50:35.0380 0x1930  CTAudSvcService - ok
20:50:35.0403 0x1930  [ 69701960E710AB2042070A5AA3ABB417, A0AE36CDDF3CD2E9F3BC784DF9625253CA7BF298F70B7C5C63E15026651BBCDA ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
20:50:35.0424 0x1930  cthda - ok
20:50:35.0429 0x1930  [ 15173210FAD874517DE61B2C3DC042C4, DFEFF22C85525D43160DA81DA8BC0DDAEC56E71DB7D81059B6ACE8B132C66A63 ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
20:50:35.0437 0x1930  CtHdaSvc - ok
20:50:35.0440 0x1930  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:50:35.0447 0x1930  dam - ok
20:50:35.0450 0x1930  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
20:50:35.0456 0x1930  dbupdate - ok
20:50:35.0460 0x1930  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
20:50:35.0465 0x1930  dbupdatem - ok
20:50:35.0478 0x1930  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:50:35.0502 0x1930  DcomLaunch - ok
20:50:35.0507 0x1930  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
20:50:35.0521 0x1930  DcpSvc - ok
20:50:35.0531 0x1930  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:50:35.0550 0x1930  defragsvc - ok
20:50:35.0560 0x1930  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:50:35.0574 0x1930  DeviceAssociationService - ok
20:50:35.0580 0x1930  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:50:35.0607 0x1930  DeviceInstall - ok
20:50:35.0612 0x1930  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:50:35.0625 0x1930  DevQueryBroker - ok
20:50:35.0637 0x1930  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:50:35.0650 0x1930  Dfsc - ok
20:50:35.0657 0x1930  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:50:35.0672 0x1930  Dhcp - ok
20:50:35.0685 0x1930  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:50:35.0692 0x1930  diagnosticshub.standardcollector.service - ok
20:50:35.0717 0x1930  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:50:35.0748 0x1930  DiagTrack - ok
20:50:35.0760 0x1930  [ ABD573313386C93625643BEEB89E5400, DA9A9F6F42FD7E3097A54069251A01B313EA21C5BC96E2284B3EF63B974D2E91 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
20:50:35.0768 0x1930  DigitalWave.Update.Service - ok
20:50:35.0770 0x1930  [ 790CCCA8341919BB8BB49262A21FCA0E, 9778136D2441439DC470861D15D96FA21DC9F16225232CD05B76791A5E0FDE6F ] DIRECTIO        C:\Program Files\PerformanceTest\DirectIo64.sys
20:50:35.0776 0x1930  DIRECTIO - ok
20:50:35.0780 0x1930  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:50:35.0786 0x1930  disk - ok
20:50:35.0792 0x1930  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
20:50:35.0815 0x1930  DmEnrollmentSvc - ok
20:50:35.0818 0x1930  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:50:35.0825 0x1930  dmvsc - ok
20:50:35.0829 0x1930  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:50:35.0837 0x1930  dmwappushservice - ok
20:50:35.0842 0x1930  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:50:35.0854 0x1930  Dnscache - ok
20:50:35.0861 0x1930  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:50:35.0873 0x1930  dot3svc - ok
20:50:35.0878 0x1930  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
20:50:35.0888 0x1930  DPS - ok
20:50:35.0891 0x1930  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
20:50:35.0897 0x1930  drmkaud - ok
20:50:35.0901 0x1930  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:50:35.0912 0x1930  DsmSvc - ok
20:50:35.0916 0x1930  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
20:50:35.0926 0x1930  DsSvc - ok
20:50:35.0953 0x1930  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:50:35.0986 0x1930  DXGKrnl - ok
20:50:35.0991 0x1930  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
20:50:36.0014 0x1930  Eaphost - ok
20:50:36.0016 0x1930  EasyAntiCheat - ok
20:50:36.0058 0x1930  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:50:36.0114 0x1930  ebdrv - ok
20:50:36.0120 0x1930  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
20:50:36.0127 0x1930  EFS - ok
20:50:36.0130 0x1930  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:50:36.0136 0x1930  EhStorClass - ok
20:50:36.0139 0x1930  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:50:36.0146 0x1930  EhStorTcgDrv - ok
20:50:36.0150 0x1930  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
20:50:36.0159 0x1930  embeddedmode - ok
20:50:36.0165 0x1930  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
20:50:36.0177 0x1930  EntAppSvc - ok
20:50:36.0180 0x1930  [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
20:50:36.0183 0x1930  epmntdrv - ok
20:50:36.0187 0x1930  [ B6A7D3B49CA93FC0AECAC7C911E81F1E, 75245217F86F6BFC94C929EF7295D1C2D3A42B3A5161E8D85599812AD7CC723D ] epp             C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys
20:50:36.0193 0x1930  epp - ok
20:50:36.0195 0x1930  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:50:36.0211 0x1930  ErrDev - ok
20:50:36.0214 0x1930  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
20:50:36.0218 0x1930  etdrv - ok
20:50:36.0220 0x1930  [ ED2037F8C941E66E3C7F6545BEEA1681, 6A5F1A8097CF217952C828E28DD8F59BFEEF9F91BE9A732E89489E6C5FE5359A ] etocdrv         C:\WINDOWS\etocdrv.sys
20:50:36.0224 0x1930  etocdrv - ok
20:50:36.0228 0x1930  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
20:50:36.0230 0x1930  EuGdiDrv - ok
20:50:36.0239 0x1930  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
20:50:36.0254 0x1930  EventSystem - ok
20:50:36.0260 0x1930  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:50:36.0272 0x1930  exfat - ok
20:50:36.0278 0x1930  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:50:36.0288 0x1930  fastfat - ok
20:50:36.0299 0x1930  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:50:36.0318 0x1930  Fax - ok
20:50:36.0320 0x1930  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:50:36.0328 0x1930  fdc - ok
20:50:36.0330 0x1930  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:50:36.0339 0x1930  fdPHost - ok
20:50:36.0341 0x1930  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:50:36.0351 0x1930  FDResPub - ok
20:50:36.0354 0x1930  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:50:36.0366 0x1930  fhsvc - ok
20:50:36.0369 0x1930  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:50:36.0376 0x1930  FileCrypt - ok
20:50:36.0379 0x1930  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:50:36.0386 0x1930  FileInfo - ok
20:50:36.0388 0x1930  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:50:36.0397 0x1930  Filetrace - ok
20:50:36.0400 0x1930  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:50:36.0420 0x1930  flpydisk - ok
20:50:36.0428 0x1930  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:50:36.0438 0x1930  FltMgr - ok
20:50:36.0460 0x1930  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:50:36.0498 0x1930  FontCache - ok
20:50:36.0502 0x1930  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:50:36.0506 0x1930  FontCache3.0.0.0 - ok
20:50:36.0510 0x1930  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:50:36.0518 0x1930  FsDepends - ok
20:50:36.0520 0x1930  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:50:36.0526 0x1930  Fs_Rec - ok
20:50:36.0533 0x1930  [ A02BF986010DDE74A254692B365454AC, 1A26D6AEAF0E71D590D7F1995A7837DF3560899CCD1804338AB8400C6A2602BB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
20:50:36.0540 0x1930  Futuremark SystemInfo Service - ok
20:50:36.0551 0x1930  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:50:36.0565 0x1930  fvevol - ok
20:50:36.0568 0x1930  [ E06FCBB3B5CD057DA081B60239109EB9, 2EBC3D652FA5E8A06694E527E752A6D23FA5E690CF00DF4EA5DC3519792D5E13 ] G3GKB           C:\WINDOWS\system32\drivers\G3GKB.sys
20:50:36.0575 0x1930  G3GKB - ok
20:50:36.0578 0x1930  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
20:50:36.0585 0x1930  gagp30kx - ok
20:50:36.0586 0x1930  [ 9AB9F3B75A2EB87FAFB1B7361BE9DFB3, 31F4CFB4C71DA44120752721103A16512444C13C2AC2D857A7E6F13CB679B427 ] gdrv            C:\Windows\gdrv.sys
20:50:36.0590 0x1930  gdrv - ok
20:50:36.0593 0x1930  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:50:36.0597 0x1930  GEARAspiWDM - ok
20:50:36.0599 0x1930  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:50:36.0607 0x1930  gencounter - ok
20:50:36.0617 0x1930  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
20:50:36.0626 0x1930  genericusbfn - ok
20:50:36.0642 0x1930  [ C5FA929A389F11330C780C1E97EF0740, A83EAD4A2F4DB236CC569CCAD619021C1E011CD70DEE249FE8594E8822640BBF ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:50:36.0660 0x1930  GfExperienceService - ok
20:50:36.0665 0x2950  Object send P2P result: true
20:50:36.0666 0x1930  [ 5D4DF0BAC74E9AC62AF6BC99440B050B, 655110646BFF890C448C0951E11132DC3592BDA6E080696341B930D090224723 ] GPCIDrv         C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\GPCIDrv64.sys
20:50:36.0669 0x1930  GPCIDrv - ok
20:50:36.0673 0x1930  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:50:36.0681 0x1930  GPIOClx0101 - ok
20:50:36.0700 0x1930  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:50:36.0733 0x1930  gpsvc - ok
20:50:36.0739 0x1930  [ 96E7F6770E12DD05A8ECF7B5D5DCD2FD, F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD ] GPU-Z           C:\Users\MOHASP~1\AppData\Local\Temp\GPU-Z.sys
20:50:36.0744 0x1930  GPU-Z - ok
20:50:36.0746 0x1930  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:50:36.0754 0x1930  GpuEnergyDrv - ok
20:50:36.0758 0x1930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:36.0763 0x1930  gupdate - ok
20:50:36.0766 0x1930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:50:36.0770 0x1930  gupdatem - ok
20:50:36.0773 0x1930  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\System32\drivers\Hamdrv.sys
20:50:36.0781 0x1930  Hamachi - ok
20:50:36.0820 0x1930  [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:50:36.0853 0x1930  Hamachi2Svc - ok
20:50:36.0859 0x1930  [ 6972149D79A4E48A347E49D5D6397F4C, 0A66A6C18CE5C4A7025CD0D49857D9D9009260F402A56A7944D7D0634DB003BD ] hcmon           C:\WINDOWS\system32\drivers\hcmon.sys
20:50:36.0864 0x1930  hcmon - ok
20:50:36.0871 0x1930  [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
20:50:36.0885 0x1930  HdAudAddService - ok
20:50:36.0889 0x1930  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:50:36.0897 0x1930  HDAudBus - ok
20:50:36.0899 0x1930  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:50:36.0905 0x1930  HidBatt - ok
20:50:36.0909 0x1930  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:50:36.0916 0x1930  HidBth - ok
20:50:36.0920 0x1930  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:50:36.0927 0x1930  hidi2c - ok
20:50:36.0929 0x1930  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
20:50:36.0935 0x1930  hidinterrupt - ok
20:50:36.0938 0x1930  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:50:36.0948 0x1930  HidIr - ok
20:50:36.0950 0x1930  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:50:36.0958 0x1930  hidserv - ok
20:50:36.0961 0x1930  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:50:36.0968 0x1930  HidUsb - ok
20:50:36.0973 0x1930  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:50:36.0986 0x1930  HomeGroupListener - ok
20:50:36.0994 0x1930  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:50:37.0010 0x1930  HomeGroupProvider - ok
20:50:37.0020 0x1930  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:50:37.0031 0x1930  HpSAMD - ok
20:50:37.0048 0x1930  [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:50:37.0069 0x1930  HTTP - ok
20:50:37.0072 0x1930  [ 300E938E5BE4BFB10EE60EC14C897DB8, F36B508BB44EC65D1E5B62CAB722A72822A7BD35A696F378D4F55C70BECEDBE1 ] HwmRecordService C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe
20:50:37.0076 0x1930  HwmRecordService - ok
20:50:37.0083 0x1930  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:50:37.0088 0x1930  hwpolicy - ok
20:50:37.0090 0x1930  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:50:37.0098 0x1930  hyperkbd - ok
20:50:37.0101 0x1930  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:50:37.0109 0x1930  i8042prt - ok
20:50:37.0112 0x1930  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
20:50:37.0120 0x1930  iai2c - ok
20:50:37.0125 0x1930  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
20:50:37.0134 0x1930  iaLPSS2i_I2C - ok
20:50:37.0136 0x1930  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:50:37.0140 0x1930  iaLPSSi_GPIO - ok
20:50:37.0145 0x1930  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:50:37.0153 0x1930  iaLPSSi_I2C - ok
20:50:37.0164 0x1930  [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:50:37.0176 0x1930  iaStorA - ok
20:50:37.0187 0x1930  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:50:37.0201 0x1930  iaStorAV - ok
20:50:37.0204 0x1930  [ F35FBCEB1B71BC20BBAFA526E203D6A1, F389B689B5DF0D204E3EA21B7201A89D29DE518716781BB390AC6E5CED64C790 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:50:37.0207 0x1930  IAStorDataMgrSvc - ok
20:50:37.0221 0x1930  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:50:37.0234 0x1930  iaStorV - ok
20:50:37.0241 0x1930  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
20:50:37.0253 0x1930  ibbus - ok
20:50:37.0257 0x1930  [ 8F5031663CBB1A9922074E8E23151FFA, EF69CD92096291F5FC18550B2B6DBD4F61058603691F4BD3E61DEC97FD15E5FE ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:50:37.0263 0x1930  ICCS - ok
20:50:37.0266 0x1930  [ B9187F0E4F990357B9A5372066A40B57, BF9535335DAD8E26A3841FA07CFA937F9645AE4B1914C08C8029EDB020E8C694 ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
20:50:37.0269 0x1930  ICCWDT - ok
20:50:37.0273 0x1930  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
20:50:37.0283 0x1930  icssvc - ok
20:50:37.0286 0x1930  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
20:50:37.0289 0x1930  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
20:50:37.0635 0x0fe8  Object required for P2P: [ 43102F2322F0CB42A7D2C685278BC460 ] ClickToRunSvc
20:50:39.0765 0x1930  Detect skipped due to KSN trusted
20:50:39.0765 0x1930  IDriverT - ok
20:50:39.0768 0x1930  IEEtwCollectorService - ok
20:50:39.0866 0x1930  [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:50:39.0979 0x1930  igfx - ok
20:50:39.0991 0x1930  [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
20:50:40.0000 0x1930  igfxCUIService2.0.0.0 - ok
20:50:40.0015 0x1930  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:50:40.0041 0x1930  IKEEXT - ok
20:50:40.0053 0x1930  [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:50:40.0063 0x1930  IntcDAud - ok
20:50:40.0066 0x1930  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:50:40.0072 0x1930  intelide - ok
20:50:40.0074 0x1930  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:50:40.0084 0x1930  intelpep - ok
20:50:40.0088 0x1930  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:50:40.0109 0x1930  intelppm - ok
20:50:40.0112 0x1930  [ 6D71CC813AC0963C5C78C19EC656048A, E6D7AA29A5860C7FB8AA76A47BF64C12D7E68CF98EABB7A3F9D9F3A918155FA7 ] iocbios2        C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
20:50:40.0116 0x1930  iocbios2 - ok
20:50:40.0118 0x1930  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
20:50:40.0125 0x1930  IoQos - ok
20:50:40.0129 0x1930  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:50:40.0137 0x1930  IpFilterDriver - ok
20:50:40.0151 0x1930  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:50:40.0177 0x1930  iphlpsvc - ok
20:50:40.0181 0x1930  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:50:40.0188 0x1930  IPMIDRV - ok
20:50:40.0191 0x1930  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:50:40.0200 0x1930  IPNAT - ok
20:50:40.0209 0x1930  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:50:40.0220 0x1930  iPod Service - ok
20:50:40.0223 0x1930  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:50:40.0232 0x1930  IRENUM - ok
20:50:40.0234 0x1930  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:50:40.0239 0x1930  isapnp - ok
20:50:40.0244 0x1930  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:50:40.0253 0x1930  iScsiPrt - ok
20:50:40.0256 0x1930  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:50:40.0264 0x1930  kbdclass - ok
20:50:40.0266 0x1930  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:50:40.0272 0x1930  kbdhid - ok
20:50:40.0275 0x1930  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
20:50:40.0282 0x1930  kdnic - ok
20:50:40.0286 0x1930  [ 819433A6CFC8771F0A2B0BB8EF6125B1, 37BE3545E3782CFA56F1A890B389CDF37C48F177CEE3EF23F4FDDF3D2A094DD3 ] Ke2200          C:\WINDOWS\System32\drivers\e22w7x64.sys
20:50:40.0292 0x1930  Ke2200 - ok
20:50:40.0299 0x1930  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:50:40.0314 0x1930  KeyIso - ok
20:50:40.0322 0x1930  [ F76F554811FA679DAB3DA33D3258021F, F9F518BECB16125C9F0FECB427B05E640860EDB61987824B2AD4677645E56A21 ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
20:50:40.0332 0x1930  Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
20:50:41.0750 0x0c48  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
20:50:42.0846 0x1930  Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning
20:50:43.0420 0x0fe8  Object send P2P result: true
20:50:44.0207 0x0c48  Object send P2P result: true
20:50:44.0207 0x0c48  Object required for P2P: [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate
20:50:45.0311 0x1930  [ 443AB18D6296BC6D1FDFF7BFBF55B962, B77D971BA186741F9BC79BD4E26D5075632270D6EFD7D94FC748BBBD43FCC30B ] KillerEth       C:\WINDOWS\System32\drivers\e22w10x64.sys
20:50:45.0317 0x1930  KillerEth - ok
20:50:45.0320 0x1930  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:50:45.0328 0x1930  KSecDD - ok
20:50:45.0332 0x1930  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:50:45.0340 0x1930  KSecPkg - ok
20:50:45.0343 0x1930  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:50:45.0351 0x1930  ksthunk - ok
20:50:45.0357 0x1930  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:50:45.0372 0x1930  KtmRm - ok
20:50:45.0380 0x1930  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:50:45.0393 0x1930  LanmanServer - ok
20:50:45.0399 0x1930  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:50:45.0412 0x1930  LanmanWorkstation - ok
20:50:45.0415 0x1930  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:50:45.0422 0x1930  lfsvc - ok
20:50:45.0424 0x1930  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
20:50:45.0437 0x1930  LicenseManager - ok
20:50:45.0441 0x1930  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
20:50:45.0447 0x1930  lirsgt - ok
20:50:45.0450 0x1930  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:50:45.0460 0x1930  lltdio - ok
20:50:45.0466 0x1930  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:50:45.0479 0x1930  lltdsvc - ok
20:50:45.0482 0x1930  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:50:45.0488 0x1930  lmhosts - ok
20:50:45.0495 0x1930  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
20:50:45.0503 0x1930  LMIGuardianSvc - ok
20:50:45.0507 0x1930  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:50:45.0515 0x1930  LSI_SAS - ok
20:50:45.0518 0x1930  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
20:50:45.0524 0x1930  LSI_SAS2i - ok
20:50:45.0529 0x1930  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
20:50:45.0535 0x1930  LSI_SAS3i - ok
20:50:45.0538 0x1930  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:50:45.0544 0x1930  LSI_SSS - ok
20:50:45.0556 0x1930  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
20:50:45.0579 0x1930  LSM - ok
20:50:45.0583 0x1930  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:50:45.0594 0x1930  luafv - ok
20:50:45.0597 0x1930  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:50:45.0604 0x1930  MapsBroker - ok
20:50:45.0606 0x1930  MediaFire Desktop Updater Service - ok
20:50:45.0609 0x1930  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:50:45.0615 0x1930  megasas - ok
20:50:45.0624 0x1930  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:50:45.0651 0x1930  megasr - ok
20:50:45.0654 0x1930  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
20:50:45.0660 0x1930  MEIx64 - ok
20:50:45.0664 0x1930  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
20:50:45.0672 0x1930  MessagingService - ok
20:50:45.0687 0x1930  MF NTFS Monitor - ok
20:50:45.0698 0x1930  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
20:50:45.0714 0x1930  mlx4_bus - ok
20:50:45.0718 0x1930  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
20:50:45.0726 0x1930  MMCSS - ok
20:50:45.0729 0x1930  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:50:45.0737 0x1930  Modem - ok
20:50:45.0739 0x1930  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:50:45.0747 0x1930  monitor - ok
20:50:45.0750 0x1930  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:50:45.0755 0x1930  mouclass - ok
20:50:45.0758 0x1930  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:50:45.0765 0x1930  mouhid - ok
20:50:45.0769 0x1930  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:50:45.0775 0x1930  mountmgr - ok
20:50:45.0780 0x1930  [ 4DA42FB0A8294C9FBD52B0EF2EA9EE07, 4C327BC4DCE86CE5DFDD57F2CF09DD9EF52E3E1D0D74BB5825808975FFA7B0FD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:50:45.0785 0x1930  MozillaMaintenance - ok
20:50:45.0788 0x1930  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:50:45.0795 0x1930  mpsdrv - ok
20:50:45.0810 0x1930  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:50:45.0842 0x1930  MpsSvc - ok
20:50:45.0850 0x1930  [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
20:50:45.0860 0x1930  MQAC - ok
20:50:45.0864 0x1930  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:50:45.0873 0x1930  MRxDAV - ok
20:50:45.0881 0x1930  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:50:45.0892 0x1930  mrxsmb - ok
20:50:45.0898 0x1930  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:50:45.0911 0x1930  mrxsmb10 - ok
20:50:45.0916 0x1930  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:50:45.0924 0x1930  mrxsmb20 - ok
20:50:45.0930 0x1930  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:50:45.0939 0x1930  MsBridge - ok
20:50:45.0943 0x1930  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:50:45.0953 0x1930  MSDTC - ok
20:50:45.0956 0x1930  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:50:45.0966 0x1930  Msfs - ok
20:50:45.0969 0x1930  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:50:45.0975 0x1930  msgpiowin32 - ok
20:50:45.0979 0x1930  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:50:45.0987 0x1930  mshidkmdf - ok
20:50:45.0989 0x1930  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:50:45.0998 0x1930  mshidumdf - ok
20:50:46.0001 0x1930  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:50:46.0006 0x1930  msisadrv - ok
20:50:46.0011 0x1930  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:50:46.0022 0x1930  MSiSCSI - ok
20:50:46.0024 0x1930  msiserver - ok
20:50:46.0029 0x1930  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
20:50:46.0037 0x1930  MSKSSRV - ok
20:50:46.0051 0x1930  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:50:46.0066 0x1930  MsLldp - ok
20:50:46.0068 0x1930  [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
20:50:46.0076 0x1930  MSMQ - ok
20:50:46.0079 0x1930  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
20:50:46.0085 0x1930  MSPCLOCK - ok
20:50:46.0087 0x1930  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
20:50:46.0094 0x1930  MSPQM - ok
20:50:46.0100 0x1930  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:50:46.0112 0x1930  MsRPC - ok
20:50:46.0116 0x1930  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:50:46.0121 0x1930  mssmbios - ok
20:50:46.0123 0x1930  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
20:50:46.0131 0x1930  MSTEE - ok
20:50:46.0133 0x1930  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:50:46.0139 0x1930  MTConfig - ok
20:50:46.0144 0x1930  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:50:46.0153 0x1930  Mup - ok
20:50:46.0156 0x1930  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:50:46.0162 0x1930  mvumis - ok
20:50:46.0171 0x1930  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:50:46.0189 0x1930  NativeWifiP - ok
20:50:46.0193 0x1930  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:50:46.0203 0x1930  NcaSvc - ok
20:50:46.0210 0x1930  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:50:46.0222 0x1930  NcbService - ok
20:50:46.0225 0x1930  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:50:46.0238 0x1930  NcdAutoSetup - ok
20:50:46.0241 0x1930  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
20:50:46.0255 0x1930  ndfltr - ok
20:50:46.0273 0x1930  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:50:46.0295 0x1930  NDIS - ok
20:50:46.0298 0x1930  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:50:46.0305 0x1930  NdisCap - ok
20:50:46.0309 0x1930  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
20:50:46.0319 0x1930  NdisImPlatform - ok
20:50:46.0321 0x1930  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:50:46.0330 0x1930  NdisTapi - ok
20:50:46.0332 0x1930  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
20:50:46.0339 0x1930  Ndisuio - ok
20:50:46.0342 0x1930  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:50:46.0350 0x1930  NdisVirtualBus - ok
20:50:46.0354 0x1930  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
20:50:46.0365 0x1930  NdisWan - ok
20:50:46.0369 0x1930  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:50:46.0381 0x1930  ndiswanlegacy - ok
20:50:46.0383 0x1930  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
20:50:46.0392 0x1930  ndproxy - ok
20:50:46.0396 0x1930  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:50:46.0404 0x1930  Ndu - ok
20:50:46.0406 0x1930  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
20:50:46.0414 0x1930  Netaapl - ok
20:50:46.0416 0x1930  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
20:50:46.0422 0x1930  NetBIOS - ok
20:50:46.0430 0x1930  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:50:46.0440 0x1930  NetBT - ok
20:50:46.0445 0x1930  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:50:46.0454 0x1930  Netlogon - ok
20:50:46.0465 0x1930  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
20:50:46.0478 0x1930  Netman - ok
20:50:46.0483 0x1930  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:46.0489 0x1930  NetMsmqActivator - ok
20:50:46.0493 0x1930  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:46.0499 0x1930  NetPipeActivator - ok
20:50:46.0508 0x1930  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:50:46.0528 0x1930  netprofm - ok
20:50:46.0533 0x1930  [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
20:50:46.0543 0x1930  NetSetupSvc - ok
20:50:46.0546 0x1930  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:46.0552 0x1930  NetTcpActivator - ok
20:50:46.0555 0x1930  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:46.0562 0x1930  NetTcpPortSharing - ok
20:50:46.0568 0x1930  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
20:50:46.0580 0x1930  NgcCtnrSvc - ok
20:50:46.0591 0x1930  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
20:50:46.0611 0x1930  NgcSvc - ok
20:50:46.0618 0x1930  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:50:46.0633 0x1930  NlaSvc - ok
20:50:46.0636 0x1930  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
20:50:46.0640 0x1930  NPF - ok
20:50:46.0645 0x1930  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:50:46.0654 0x1930  Npfs - ok
20:50:46.0664 0x1930  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:50:46.0672 0x1930  npsvctrig - ok
20:50:46.0674 0x1930  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:50:46.0680 0x0c48  Object send P2P result: true
20:50:46.0680 0x0c48  Object required for P2P: [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem
20:50:46.0683 0x1930  nsi - ok
20:50:46.0685 0x1930  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:50:46.0692 0x1930  nsiproxy - ok
20:50:46.0720 0x1930  [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
20:50:46.0761 0x1930  NTFS - ok
20:50:46.0765 0x1930  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:50:46.0771 0x1930  Null - ok
20:50:46.0776 0x1930  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
20:50:46.0782 0x1930  NVHDA - ok
20:50:46.0939 0x1930  [ 2D766A9EE4FBE2CE60F595EA4ACBE540, 5AF3B1BD24A170D3C70EBAE79CE42FCBB14FF35CB0850DA9B08A9DC646712A5E ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:50:47.0116 0x1930  nvlddmkm - ok
20:50:47.0150 0x1930  [ 3D596244C1B93A506292DA07CC2B123F, 1604F8B4B89D599C1944E6FF9A0D35DDB1E34BAEC0315E23070180959644DCF2 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:50:47.0176 0x1930  NvNetworkService - ok
20:50:47.0181 0x1930  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:50:47.0189 0x1930  nvraid - ok
20:50:47.0193 0x1930  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:50:47.0200 0x1930  nvstor - ok
20:50:47.0203 0x1930  [ 27DF221148B9C1A3EA8900D87ABC30F5, 904B4C99EB039C6D2474E30A0E03B700486BED61D226A1A5095BFF729B91C3F2 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:50:47.0206 0x1930  NvStreamKms - ok
20:50:47.0291 0x1930  [ 4B8F9A38BBE8ACCA6D48E253FFE2393A, 11D9ED3E3C5C3D544E83284E24A93632B9B5FF277639DF18046C0564FB838155 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
20:50:47.0375 0x1930  NvStreamNetworkSvc - ok
20:50:47.0413 0x1930  [ 2035827FCA3BDF5F37A3B64C8D284176, B3CCCF3AEBBF1D5BC756EEA433CD06A7650294CA4FF09FBCD985085B4692B846 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:50:47.0447 0x1930  NvStreamSvc - ok
20:50:47.0477 0x1930  [ 4F2B65FA16319BBA3A309EC2964920A1, 733D1B203AEC92B523B182438AF61D93388F781682297A48CC7C0FA741C2D21D ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:50:47.0498 0x1930  nvsvc - ok
20:50:47.0502 0x1930  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:50:47.0505 0x1930  nvvad_WaveExtensible - ok
20:50:47.0509 0x1930  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
20:50:47.0515 0x1930  nv_agp - ok
20:50:47.0521 0x1930  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
20:50:47.0537 0x1930  OneSyncSvc - ok
20:50:47.0577 0x1930  [ EABD6FC38504B46913E2B1B739DAD185, A6225F8A939E6DA467777F85FAB02A218FB4B7ECDF68C34FE156E85BEA6E04BB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:50:47.0605 0x1930  Origin Client Service - ok
20:50:47.0612 0x1930  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:50:47.0619 0x1930  ose - ok
20:50:47.0692 0x1930  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:50:47.0760 0x1930  osppsvc - ok
20:50:47.0772 0x1930  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:50:47.0785 0x1930  p2pimsvc - ok
20:50:47.0793 0x1930  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:50:47.0807 0x1930  p2psvc - ok
20:50:47.0812 0x1930  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:50:47.0820 0x1930  Parport - ok
20:50:47.0823 0x1930  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:50:47.0831 0x1930  partmgr - ok
20:50:47.0839 0x1930  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:50:47.0853 0x1930  PcaSvc - ok
20:50:47.0859 0x1930  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:50:47.0868 0x1930  pci - ok
20:50:47.0871 0x1930  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:50:47.0882 0x1930  pciide - ok
20:50:47.0889 0x1930  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:50:47.0896 0x1930  pcmcia - ok
20:50:47.0898 0x1930  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:50:47.0904 0x1930  pcw - ok
20:50:47.0907 0x1930  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:50:47.0914 0x1930  pdc - ok
20:50:47.0926 0x1930  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:50:47.0947 0x1930  PEAUTH - ok
20:50:47.0974 0x1930  [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
20:50:48.0016 0x1930  PeerDistSvc - ok
20:50:48.0021 0x1930  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
20:50:48.0028 0x1930  percsas2i - ok
20:50:48.0030 0x1930  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
20:50:48.0036 0x1930  percsas3i - ok
20:50:48.0046 0x1930  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:50:48.0053 0x1930  PerfHost - ok
20:50:48.0066 0x1930  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
20:50:48.0095 0x1930  PhoneSvc - ok
20:50:48.0100 0x1930  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
20:50:48.0114 0x1930  PimIndexMaintenanceSvc - ok
20:50:48.0148 0x1930  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
20:50:48.0185 0x1930  pla - ok
20:50:48.0189 0x1930  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:50:48.0201 0x1930  PlugPlay - ok
20:50:48.0203 0x1930  PnkBstrA - ok
20:50:48.0205 0x1930  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:50:48.0213 0x1930  PNRPAutoReg - ok
20:50:48.0219 0x1930  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:50:48.0232 0x1930  PNRPsvc - ok
20:50:48.0239 0x1930  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:50:48.0254 0x1930  PolicyAgent - ok
20:50:48.0258 0x1930  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
20:50:48.0268 0x1930  Power - ok
20:50:48.0271 0x1930  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
20:50:48.0293 0x1930  PptpMiniport - ok
20:50:48.0339 0x1930  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:50:48.0405 0x1930  PrintNotify - ok
20:50:48.0414 0x1930  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:50:48.0422 0x1930  Processor - ok
20:50:48.0429 0x1930  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:50:48.0443 0x1930  ProfSvc - ok
20:50:48.0447 0x1930  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
20:50:48.0455 0x1930  Psched - ok
20:50:48.0461 0x1930  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:50:48.0472 0x1930  QWAVE - ok
20:50:48.0475 0x1930  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:50:48.0494 0x1930  QWAVEdrv - ok
20:50:48.0498 0x1930  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:50:48.0504 0x1930  RasAcd - ok
20:50:48.0507 0x1930  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
20:50:48.0517 0x1930  RasAgileVpn - ok
20:50:48.0520 0x1930  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:50:48.0529 0x1930  RasAuto - ok
20:50:48.0533 0x1930  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
20:50:48.0540 0x1930  Rasl2tp - ok
20:50:48.0552 0x1930  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:50:48.0573 0x1930  RasMan - ok
20:50:48.0578 0x1930  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:50:48.0586 0x1930  RasPppoe - ok
20:50:48.0589 0x1930  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
20:50:48.0599 0x1930  RasSstp - ok
20:50:48.0606 0x1930  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:50:48.0618 0x1930  rdbss - ok
20:50:48.0622 0x1930  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:50:48.0628 0x1930  rdpbus - ok
20:50:48.0632 0x1930  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:50:48.0642 0x1930  RDPDR - ok
20:50:48.0646 0x1930  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:50:48.0652 0x1930  RdpVideoMiniport - ok
20:50:48.0656 0x1930  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:50:48.0665 0x1930  rdyboost - ok
20:50:48.0679 0x1930  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
20:50:48.0707 0x1930  ReFSv1 - ok
20:50:48.0718 0x1930  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:50:48.0735 0x1930  RemoteAccess - ok
20:50:48.0739 0x1930  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:50:48.0752 0x1930  RemoteRegistry - ok
20:50:48.0768 0x1930  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
20:50:48.0799 0x1930  RetailDemo - ok
20:50:48.0804 0x1930  [ 74727B8BF0227820660A79450F2D94EF, 86BC249322A3C63CBC3B532AD86BFDCB5A46A24A767137D02C944B94A899C521 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
20:50:48.0814 0x1930  RFCOMM - ok
20:50:48.0818 0x1930  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
20:50:48.0823 0x1930  rpcapd - ok
20:50:48.0835 0x1930  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:50:48.0843 0x1930  RpcEptMapper - ok
20:50:48.0845 0x1930  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:50:48.0852 0x1930  RpcLocator - ok
20:50:48.0866 0x1930  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:50:48.0898 0x1930  RpcSs - ok
20:50:48.0905 0x1930  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:50:48.0915 0x1930  rspndr - ok
20:50:48.0917 0x1930  [ DDB7DA975D90B2A9C9C58E1AF55F0285, D9A3DC47699949C8EC0C704346FB2EE86FF9010DAA0DBAC953CFA5F76B52FCD1 ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
20:50:48.0922 0x1930  RTCore64 - ok
20:50:48.0924 0x1930  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:50:48.0931 0x1930  s3cap - ok
20:50:48.0933 0x1930  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:50:48.0939 0x1930  SamSs - ok
20:50:48.0946 0x1930  [ BC99D12CE9DB8DB55E231F8D195FC67B, F348D35D3F43366DBEEC864495458041326A7D1951A78E18AF89179D7FC87AB0 ] SamsungRapidDiskFltr C:\WINDOWS\system32\DRIVERS\SamsungRapidDiskFltr.sys
20:50:48.0953 0x1930  SamsungRapidDiskFltr - ok
20:50:48.0956 0x1930  [ AF482EF7743667400875C7B9470BFD4D, 8C07C2DA2EB921160FD02B4BF86F0636B317EC32C1841581BEC25A0909EC7EF0 ] SamsungRapidFSFltr C:\WINDOWS\system32\DRIVERS\SamsungRapidFSFltr.sys
20:50:48.0962 0x1930  SamsungRapidFSFltr - ok
20:50:48.0964 0x1930  [ 3763C406CB735D044373C50FF95167E3, BBAA92881A9A1A12C87A59C157F0661B847D23E8275DF712DA4AB0DAF62227E5 ] SamsungRapidSvc C:\WINDOWS\system32\RAPID\SamsungRapidSvc.exe
20:50:48.0968 0x1930  SamsungRapidSvc - ok
20:50:48.0971 0x1930  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:50:48.0978 0x1930  sbp2port - ok
20:50:48.0983 0x1930  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:50:48.0997 0x1930  SCardSvr - ok
20:50:49.0001 0x1930  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:50:49.0013 0x1930  ScDeviceEnum - ok
20:50:49.0015 0x1930  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:50:49.0024 0x1930  scfilter - ok
20:50:49.0039 0x1930  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:50:49.0064 0x1930  Schedule - ok
20:50:49.0069 0x1930  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:50:49.0082 0x1930  SCPolicySvc - ok
20:50:49.0087 0x1930  [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:50:49.0100 0x1930  sdbus - ok
20:50:49.0108 0x1930  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
20:50:49.0118 0x1930  SDRSVC - ok
20:50:49.0121 0x1930  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:50:49.0128 0x1930  sdstor - ok
20:50:49.0131 0x1930  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:50:49.0135 0x0c48  Object send P2P result: true
20:50:49.0136 0x0c48  Object required for P2P: [ ABD573313386C93625643BEEB89E5400 ] DigitalWave.Update.Service
20:50:49.0138 0x1930  seclogon - ok
20:50:49.0142 0x1930  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
20:50:49.0152 0x1930  SENS - ok
20:50:49.0170 0x1930  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
20:50:49.0204 0x1930  SensorDataService - ok
20:50:49.0212 0x1930  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
20:50:49.0225 0x1930  SensorService - ok
20:50:49.0230 0x1930  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:50:49.0239 0x1930  SensrSvc - ok
20:50:49.0244 0x1930  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:50:49.0250 0x1930  SerCx - ok
20:50:49.0254 0x1930  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:50:49.0262 0x1930  SerCx2 - ok
20:50:49.0264 0x1930  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:50:49.0270 0x1930  Serenum - ok
20:50:49.0273 0x1930  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:50:49.0282 0x1930  Serial - ok
20:50:49.0284 0x1930  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:50:49.0290 0x1930  sermouse - ok
20:50:49.0314 0x1930  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:50:49.0331 0x1930  SessionEnv - ok
20:50:49.0334 0x1930  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:50:49.0341 0x1930  sfloppy - ok
20:50:49.0350 0x1930  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:50:49.0365 0x1930  SharedAccess - ok
20:50:49.0375 0x1930  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:50:49.0399 0x1930  ShellHWDetection - ok
20:50:49.0401 0x1930  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:50:49.0407 0x1930  SiSRaid2 - ok
20:50:49.0411 0x1930  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:50:49.0417 0x1930  SiSRaid4 - ok
20:50:49.0423 0x1930  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:50:49.0432 0x1930  SkypeUpdate - ok
20:50:49.0434 0x1930  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
20:50:49.0445 0x1930  smphost - ok
20:50:49.0454 0x1930  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
20:50:49.0472 0x1930  SmsRouter - ok
20:50:49.0478 0x1930  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:50:49.0486 0x1930  SNMPTRAP - ok
20:50:49.0495 0x1930  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:50:49.0516 0x1930  spaceport - ok
20:50:49.0520 0x1930  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:50:49.0527 0x1930  SpbCx - ok
20:50:49.0536 0x1930  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\WINDOWS\SysWOW64\speedfan.sys
20:50:49.0540 0x1930  speedfan - ok
20:50:49.0554 0x1930  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:50:49.0574 0x1930  Spooler - ok
20:50:49.0653 0x1930  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:50:49.0764 0x1930  sppsvc - ok
20:50:49.0776 0x1930  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:50:49.0789 0x1930  srv - ok
20:50:49.0800 0x1930  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:50:49.0819 0x1930  srv2 - ok
20:50:49.0824 0x1930  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:50:49.0835 0x1930  srvnet - ok
20:50:49.0840 0x1930  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:50:49.0852 0x1930  SSDPSRV - ok
20:50:49.0857 0x1930  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:50:49.0870 0x1930  SstpSvc - ok
20:50:49.0910 0x1930  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
20:50:49.0970 0x1930  StateRepository - ok
20:50:49.0985 0x1930  [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:50:49.0998 0x1930  Steam Client Service - ok
20:50:50.0005 0x1930  [ 5311DAD9879DA242A9EA385EE7DD4F0D, AD7180A9176A9243A430ABA45079C7B256E4E05AFBE6215C662B8337B8760E39 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:50:50.0015 0x1930  Stereo Service - ok
20:50:50.0017 0x1930  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:50:50.0023 0x1930  stexstor - ok
20:50:50.0034 0x1930  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:50:50.0054 0x1930  stisvc - ok
20:50:50.0058 0x1930  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:50:50.0065 0x1930  storahci - ok
20:50:50.0068 0x1930  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:50:50.0073 0x1930  storflt - ok
20:50:50.0078 0x1930  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:50:50.0085 0x1930  stornvme - ok
20:50:50.0088 0x1930  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
20:50:50.0096 0x1930  storqosflt - ok
20:50:50.0113 0x1930  [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:50:50.0134 0x1930  StorSvc - ok
20:50:50.0137 0x1930  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
20:50:50.0143 0x1930  storufs - ok
20:50:50.0146 0x1930  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:50:50.0151 0x1930  storvsc - ok
20:50:50.0153 0x1930  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:50:50.0164 0x1930  svsvc - ok
20:50:50.0166 0x1930  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:50:50.0171 0x1930  swenum - ok
20:50:50.0179 0x1930  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
20:50:50.0199 0x1930  swprv - ok
20:50:50.0202 0x1930  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
20:50:50.0210 0x1930  Synth3dVsc - ok
20:50:50.0226 0x1930  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:50:50.0256 0x1930  SysMain - ok
20:50:50.0265 0x1930  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:50:50.0280 0x1930  SystemEventsBroker - ok
20:50:50.0284 0x1930  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:50:50.0295 0x1930  TabletInputService - ok
20:50:50.0302 0x1930  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:50:50.0322 0x1930  TapiSrv - ok
20:50:50.0356 0x1930  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:50:50.0396 0x1930  Tcpip - ok
20:50:50.0429 0x1930  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
20:50:50.0467 0x1930  Tcpip6 - ok
20:50:50.0474 0x1930  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:50:50.0484 0x1930  tcpipreg - ok
20:50:50.0488 0x1930  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:50:50.0495 0x1930  tdx - ok
20:50:50.0572 0x1930  [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
20:50:50.0646 0x1930  TeamViewer - ok
20:50:50.0653 0x1930  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:50:50.0659 0x1930  terminpt - ok
20:50:50.0674 0x1930  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
20:50:50.0700 0x1930  TermService - ok
20:50:50.0703 0x1930  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:50:50.0717 0x1930  Themes - ok
20:50:50.0729 0x1930  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
20:50:50.0746 0x1930  TieringEngineService - ok
20:50:50.0755 0x1930  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
20:50:50.0770 0x1930  tiledatamodelsvc - ok
20:50:50.0774 0x1930  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
20:50:50.0785 0x1930  TimeBroker - ok
20:50:50.0789 0x1930  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:50:50.0798 0x1930  TPM - ok
20:50:50.0801 0x1930  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:50:50.0811 0x1930  TrkWks - ok
20:50:50.0814 0x1930  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:50:50.0822 0x1930  TrustedInstaller - ok
20:50:50.0827 0x1930  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
20:50:50.0835 0x1930  tsusbflt - ok
20:50:50.0837 0x1930  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:50:50.0844 0x1930  TsUsbGD - ok
20:50:50.0848 0x1930  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
20:50:50.0858 0x1930  tunnel - ok
20:50:50.0862 0x1930  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
20:50:50.0870 0x1930  tzautoupdate - ok
20:50:50.0873 0x1930  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
20:50:50.0880 0x1930  uagp35 - ok
20:50:50.0883 0x1930  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:50:50.0889 0x1930  UASPStor - ok
20:50:50.0893 0x1930  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
20:50:50.0900 0x1930  UcmCx0101 - ok
20:50:50.0903 0x1930  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
20:50:50.0911 0x1930  UcmUcsi - ok
20:50:50.0915 0x1930  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
20:50:50.0923 0x1930  Ucx01000 - ok
20:50:50.0935 0x1930  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
20:50:50.0945 0x1930  UdeCx - ok
20:50:50.0951 0x1930  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:50:50.0966 0x1930  udfs - ok
20:50:50.0968 0x1930  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:50:50.0974 0x1930  UEFI - ok
20:50:50.0980 0x1930  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
20:50:50.0988 0x1930  Ufx01000 - ok
20:50:50.0992 0x1930  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
20:50:50.0999 0x1930  UfxChipidea - ok
20:50:51.0003 0x1930  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
20:50:51.0010 0x1930  ufxsynopsys - ok
20:50:51.0014 0x1930  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:50:51.0023 0x1930  UI0Detect - ok
20:50:51.0027 0x1930  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
20:50:51.0033 0x1930  uliagpkx - ok
20:50:51.0036 0x1930  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:50:51.0044 0x1930  umbus - ok
20:50:51.0047 0x1930  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:50:51.0052 0x1930  UmPass - ok
20:50:51.0058 0x1930  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:50:51.0071 0x1930  UmRdpService - ok
20:50:51.0088 0x1930  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
20:50:51.0118 0x1930  UnistoreSvc - ok
20:50:51.0157 0x1930  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:50:51.0174 0x1930  upnphost - ok
20:50:51.0178 0x1930  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
20:50:51.0184 0x1930  UrsChipidea - ok
20:50:51.0186 0x1930  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:50:51.0194 0x1930  UrsCx01000 - ok
20:50:51.0197 0x1930  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
20:50:51.0203 0x1930  UrsSynopsys - ok
20:50:51.0206 0x1930  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:50:51.0214 0x1930  USBAAPL64 - ok
20:50:51.0218 0x1930  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

moha · 14.04.2016, 15:07

Part 2:

Code:

ATTFilter

20:50:51.0227 0x1930  usbaudio - ok
20:50:51.0231 0x1930  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:50:51.0238 0x1930  usbccgp - ok
20:50:51.0241 0x1930  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:50:51.0250 0x1930  usbcir - ok
20:50:51.0253 0x1930  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:50:51.0260 0x1930  usbehci - ok
20:50:51.0268 0x1930  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:50:51.0281 0x1930  usbhub - ok
20:50:51.0290 0x1930  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:50:51.0303 0x1930  USBHUB3 - ok
20:50:51.0305 0x1930  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:50:51.0313 0x1930  usbohci - ok
20:50:51.0316 0x1930  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:50:51.0322 0x1930  usbprint - ok
20:50:51.0326 0x1930  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:50:51.0333 0x1930  usbscan - ok
20:50:51.0346 0x1930  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
20:50:51.0362 0x1930  usbser - ok
20:50:51.0365 0x1930  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:50:51.0372 0x1930  USBSTOR - ok
20:50:51.0375 0x1930  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:50:51.0383 0x1930  usbuhci - ok
20:50:51.0389 0x1930  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:50:51.0401 0x1930  USBXHCI - ok
20:50:51.0422 0x1930  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
20:50:51.0456 0x1930  UserDataSvc - ok
20:50:51.0485 0x1930  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
20:50:51.0510 0x1930  UserManager - ok
20:50:51.0518 0x1930  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
20:50:51.0533 0x1930  UsoSvc - ok
20:50:51.0536 0x1930  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:50:51.0547 0x1930  VaultSvc - ok
20:50:51.0571 0x1930  [ 01F4BF9AA7612171C3ACBAF212B2DE6B, 52A683281E8B7EBA80951704C9CE41A287FEB3394960EBA919E0B81FBAD90F96 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
20:50:51.0586 0x0c48  Object send P2P result: true
20:50:51.0588 0x1930  VBoxDrv - ok
20:50:51.0590 0x0c48  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
20:50:51.0598 0x1930  [ B3B21BE1BBD5F0C7B9593C41A1E8CA77, CF5812A68F0F2A228393B5503049BC37D68ACF43297E2815CF06715BFFEA148E ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
20:50:51.0603 0x1930  VBoxNetAdp - ok
20:50:51.0607 0x1930  [ C6C57C5540FB8F48EEBF6C342CE01D01, E6243F9BCD25A13CF37B94C100D7C7D064E81554441641528DB5578C0E997D6D ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
20:50:51.0613 0x1930  VBoxNetLwf - ok
20:50:51.0616 0x1930  [ C664D738A6876590E063C012FCBD8709, 5CC5D3900642BAEE788D735F36507F4EB7FF1AD2F24C1E8367A01BD25D6C70D6 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
20:50:51.0621 0x1930  VBoxUSBMon - ok
20:50:51.0624 0x1930  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:50:51.0631 0x1930  vdrvroot - ok
20:50:51.0642 0x1930  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
20:50:51.0665 0x1930  vds - ok
20:50:51.0670 0x1930  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:50:51.0678 0x1930  VerifierExt - ok
20:50:51.0689 0x1930  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:50:51.0704 0x1930  vhdmp - ok
20:50:51.0707 0x1930  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
20:50:51.0715 0x1930  vhf - ok
20:50:51.0718 0x1930  [ 1014531BC5B8C5C0F25282B83BC74607, 5F56E47704291F7FCF629490BFB6E1FA56D34038C007FAB6E7B4670B19AFD3F8 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
20:50:51.0722 0x1930  VMAuthdService - ok
20:50:51.0727 0x1930  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:50:51.0734 0x1930  vmbus - ok
20:50:51.0738 0x1930  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:50:51.0757 0x1930  VMBusHID - ok
20:50:51.0762 0x1930  [ 23B3E571717D59C8B0A6963B79061B57, B41BF84972DE78FDD9FA1D69D0514FEABB238321A29608A5304D97EB6CC02B3F ] vmci            C:\WINDOWS\system32\drivers\vmci.sys
20:50:51.0767 0x1930  vmci - ok
20:50:51.0775 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:50:51.0792 0x1930  vmicguestinterface - ok
20:50:51.0800 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
20:50:51.0816 0x1930  vmicheartbeat - ok
20:50:51.0824 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:50:51.0840 0x1930  vmickvpexchange - ok
20:50:51.0849 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
20:50:51.0864 0x1930  vmicrdv - ok
20:50:51.0873 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
20:50:51.0888 0x1930  vmicshutdown - ok
20:50:51.0896 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
20:50:51.0913 0x1930  vmictimesync - ok
20:50:51.0921 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
20:50:51.0937 0x1930  vmicvmsession - ok
20:50:51.0951 0x1930  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
20:50:51.0970 0x1930  vmicvss - ok
20:50:51.0973 0x1930  [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter    C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
20:50:51.0978 0x1930  VMnetAdapter - ok
20:50:51.0981 0x1930  [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge     C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
20:50:51.0985 0x1930  VMnetBridge - ok
20:50:51.0999 0x1930  [ 340F5D9AE97ECE891DD6AE19F2DBFBE2, 5480E7E27AAC5C5CD2E3AB2F226AD1AA57BE73762595F91D49532EFDFA5D88A5 ] VMnetDHCP       C:\WINDOWS\SysWOW64\vmnetdhcp.exe
20:50:52.0006 0x1930  VMnetDHCP - ok
20:50:52.0010 0x1930  [ CF9F5249481E732F71E209BD84E59AF7, 42BC499031DD8EDAC9942B3BC74B48EBCA0EB0E7C2CDEA102EA40A023483288F ] VMnetuserif     C:\WINDOWS\system32\drivers\vmnetuserif.sys
20:50:52.0014 0x1930  VMnetuserif - ok
20:50:52.0027 0x1930  [ 8CBD1A361CAD99C0C3294054CFE4B35A, 577F0EE458B1C613F6AC49138246A78E39DC2C265417AF64527E2AAA39089D1C ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
20:50:52.0042 0x1930  VMUSBArbService - ok
20:50:52.0051 0x1930  [ BBC9253E7F064791F389852DA6C855E5, D7DE15033CD0C88ACFB4007011CE6671670A141535E909B21E908DFF37CA3021 ] VMware NAT Service C:\WINDOWS\SysWOW64\vmnat.exe
20:50:52.0060 0x1930  VMware NAT Service - ok
20:50:52.0064 0x1930  [ 63466F923C1253AFBEA2B9AC319680D8, 99DF58822ABE2C0308FC1AE005EAC8B1AF061A37854456200D8EFF7363755355 ] vmx86           C:\WINDOWS\system32\drivers\vmx86.sys
20:50:52.0067 0x1930  vmx86 - ok
20:50:52.0070 0x1930  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:50:52.0077 0x1930  volmgr - ok
20:50:52.0084 0x1930  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:50:52.0095 0x1930  volmgrx - ok
20:50:52.0103 0x1930  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:50:52.0114 0x1930  volsnap - ok
20:50:52.0117 0x1930  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:50:52.0123 0x1930  vpci - ok
20:50:52.0129 0x1930  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:50:52.0136 0x1930  vsmraid - ok
20:50:52.0140 0x1930  [ 7639A7B4A8E5204BB37B479C2D1C8934, 2A35B3A7B20EE3F5888A089D1E46A7FD7B2D86AB36D3401A224F7CD39ABE7F27 ] vsock           C:\WINDOWS\system32\drivers\vsock.sys
20:50:52.0145 0x1930  vsock - ok
20:50:52.0170 0x1930  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
20:50:52.0206 0x1930  VSS - ok
20:50:52.0215 0x1930  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:50:52.0225 0x1930  VSTXRAID - ok
20:50:52.0229 0x1930  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:50:52.0237 0x1930  vwifibus - ok
20:50:52.0240 0x1930  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
20:50:52.0250 0x1930  vwififlt - ok
20:50:52.0259 0x1930  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
20:50:52.0279 0x1930  W32Time - ok
20:50:52.0283 0x1930  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
20:50:52.0290 0x1930  w3logsvc - ok
20:50:52.0301 0x1930  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:50:52.0319 0x1930  W3SVC - ok
20:50:52.0322 0x1930  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:50:52.0331 0x1930  WacomPen - ok
20:50:52.0340 0x1930  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
20:50:52.0368 0x1930  WalletService - ok
20:50:52.0379 0x1930  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:50:52.0388 0x1930  wanarp - ok
20:50:52.0390 0x1930  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:50:52.0399 0x1930  wanarpv6 - ok
20:50:52.0409 0x1930  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:50:52.0426 0x1930  WAS - ok
20:50:52.0449 0x1930  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:50:52.0484 0x1930  wbengine - ok
20:50:52.0495 0x1930  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:50:52.0514 0x1930  WbioSrvc - ok
20:50:52.0524 0x1930  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:50:52.0543 0x1930  Wcmsvc - ok
20:50:52.0552 0x1930  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:50:52.0574 0x1930  wcncsvc - ok
20:50:52.0578 0x1930  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:50:52.0588 0x1930  WcsPlugInService - ok
20:50:52.0590 0x1930  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:50:52.0597 0x1930  WdBoot - ok
20:50:52.0609 0x1930  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:50:52.0624 0x1930  Wdf01000 - ok
20:50:52.0631 0x1930  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:50:52.0640 0x1930  WdFilter - ok
20:50:52.0644 0x1930  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:50:52.0656 0x1930  WdiServiceHost - ok
20:50:52.0659 0x1930  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:50:52.0670 0x1930  WdiSystemHost - ok
20:50:52.0681 0x1930  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
20:50:52.0701 0x1930  wdiwifi - ok
20:50:52.0704 0x1930  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:50:52.0712 0x1930  WdNisDrv - ok
20:50:52.0714 0x1930  WdNisSvc - ok
20:50:52.0719 0x1930  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:50:52.0733 0x1930  WebClient - ok
20:50:52.0738 0x1930  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:50:52.0750 0x1930  Wecsvc - ok
20:50:52.0753 0x1930  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:50:52.0776 0x1930  WEPHOSTSVC - ok
20:50:52.0780 0x1930  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:50:52.0793 0x1930  wercplsupport - ok
20:50:52.0797 0x1930  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:50:52.0810 0x1930  WerSvc - ok
20:50:52.0814 0x1930  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
20:50:52.0821 0x1930  WFPLWFS - ok
20:50:52.0825 0x1930  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:50:52.0834 0x1930  WiaRpc - ok
20:50:52.0837 0x1930  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:50:52.0843 0x1930  WIMMount - ok
20:50:52.0844 0x1930  WinDefend - ok
20:50:52.0849 0x1930  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:50:52.0856 0x1930  WindowsTrustedRT - ok
20:50:52.0859 0x1930  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:50:52.0865 0x1930  WindowsTrustedRTProxy - ok
20:50:52.0877 0x1930  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:50:52.0899 0x1930  WinHttpAutoProxySvc - ok
20:50:52.0902 0x1930  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
20:50:52.0908 0x1930  WinMad - ok
20:50:52.0915 0x1930  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:50:52.0926 0x1930  Winmgmt - ok
20:50:52.0960 0x1930  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:50:53.0020 0x1930  WinRM - ok
20:50:53.0029 0x1930  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
20:50:53.0037 0x1930  WINUSB - ok
20:50:53.0040 0x1930  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
20:50:53.0047 0x1930  WinVerbs - ok
20:50:53.0076 0x1930  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:50:53.0125 0x1930  WlanSvc - ok
20:50:53.0155 0x1930  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:50:53.0209 0x1930  wlidsvc - ok
20:50:53.0214 0x1930  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:50:53.0220 0x1930  WmiAcpi - ok
20:50:53.0227 0x1930  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:50:53.0236 0x1930  wmiApSrv - ok
20:50:53.0238 0x1930  WMPNetworkSvc - ok
20:50:53.0243 0x1930  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:50:53.0251 0x1930  Wof - ok
20:50:53.0276 0x1930  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:50:53.0317 0x1930  workfolderssvc - ok
20:50:53.0322 0x1930  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:50:53.0330 0x1930  wpcfltr - ok
20:50:53.0333 0x1930  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:50:53.0342 0x1930  WPDBusEnum - ok
20:50:53.0345 0x1930  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:50:53.0351 0x1930  WpdUpFltr - ok
20:50:53.0353 0x1930  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
20:50:53.0362 0x1930  WpnService - ok
20:50:53.0364 0x1930  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:50:53.0379 0x1930  ws2ifsl - ok
20:50:53.0387 0x1930  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:50:53.0397 0x1930  wscsvc - ok
20:50:53.0400 0x1930  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
20:50:53.0406 0x1930  WSDPrintDevice - ok
20:50:53.0409 0x1930  [ 3A3294E2E5CBFC51999180C06051DDE9, 2EEE0A5BEBB366E4C12245E8175685CF2173E260B482A8EEB7F8255BA43C6CE3 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
20:50:53.0417 0x1930  WSDScan - ok
20:50:53.0419 0x1930  WSearch - ok
20:50:53.0461 0x1930  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\WINDOWS\System32\WSService.dll
20:50:53.0516 0x1930  WSService - ok
20:50:53.0549 0x1930  [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:50:53.0607 0x1930  wuauserv - ok
20:50:53.0614 0x1930  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:50:53.0622 0x1930  WudfPf - ok
20:50:53.0628 0x1930  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
20:50:53.0638 0x1930  WUDFRd - ok
20:50:53.0643 0x1930  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:50:53.0652 0x1930  wudfsvc - ok
20:50:53.0657 0x1930  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:50:53.0668 0x1930  WUDFWpdFs - ok
20:50:53.0672 0x1930  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:50:53.0683 0x1930  WUDFWpdMtp - ok
20:50:53.0700 0x1930  [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:50:53.0730 0x1930  WwanSvc - ok
20:50:53.0746 0x1930  [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
20:50:53.0771 0x1930  XblAuthManager - ok
20:50:53.0795 0x1930  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
20:50:53.0825 0x1930  XblGameSave - ok
20:50:53.0831 0x1930  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
20:50:53.0842 0x1930  xboxgip - ok
20:50:53.0857 0x1930  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
20:50:53.0884 0x1930  XboxNetApiSvc - ok
20:50:53.0887 0x1930  [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
20:50:53.0894 0x1930  xinputhid - ok
20:50:53.0898 0x1930  [ D31088A8A99556B89A6BAE9482861981, B1157DA31A8B4B477C119AEE79102F9A3927C10BE4B72013D9B92B70224CAE0C ] XTU3SERVICE     C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
20:50:53.0901 0x1930  XTU3SERVICE - ok
20:50:53.0914 0x1930  ================ Scan global ===============================
20:50:53.0916 0x1930  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
20:50:53.0921 0x1930  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
20:50:53.0927 0x1930  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
20:50:53.0935 0x1930  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
20:50:53.0940 0x1930  [ Global ] - ok
20:50:53.0940 0x1930  ================ Scan MBR ==================================
20:50:53.0942 0x1930  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:50:54.0069 0x0c48  Object send P2P result: true
20:50:54.0069 0x0c48  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
20:50:54.0341 0x1930  \Device\Harddisk0\DR0 - ok
20:50:54.0345 0x1930  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:50:54.0354 0x1930  \Device\Harddisk1\DR1 - ok
20:50:54.0356 0x1930  [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk2\DR2
20:50:54.0430 0x1930  \Device\Harddisk2\DR2 - ok
20:50:54.0432 0x1930  [ 08B26729634452D0C2889C002B1BB97C ] \Device\Harddisk3\DR3
20:50:54.0490 0x1930  \Device\Harddisk3\DR3 - ok
20:50:54.0495 0x1930  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
20:50:54.0553 0x300c  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
20:50:54.0637 0x1930  \Device\Harddisk4\DR4 - ok
20:50:54.0637 0x1930  ================ Scan VBR ==================================
20:50:54.0638 0x1930  [ F5A807460EAB719985FCC7EA6F99D6D9 ] \Device\Harddisk0\DR0\Partition1
20:50:54.0699 0x1930  \Device\Harddisk0\DR0\Partition1 - ok
20:50:54.0701 0x1930  [ 0302DBF1333574567E56CBF2C5B281E0 ] \Device\Harddisk0\DR0\Partition2
20:50:54.0766 0x1930  \Device\Harddisk0\DR0\Partition2 - ok
20:50:54.0767 0x1930  [ 575B672EB958FEF0732C9E0912C19F89 ] \Device\Harddisk0\DR0\Partition3
20:50:54.0801 0x1930  \Device\Harddisk0\DR0\Partition3 - ok
20:50:54.0810 0x1930  [ F853104BF6FEF8AC171053790CE13F72 ] \Device\Harddisk0\DR0\Partition4
20:50:54.0811 0x1930  \Device\Harddisk0\DR0\Partition4 - ok
20:50:54.0813 0x1930  [ 10CC5F681752BF97B24F33EE4159E994 ] \Device\Harddisk1\DR1\Partition1
20:50:54.0814 0x1930  \Device\Harddisk1\DR1\Partition1 - ok
20:50:54.0816 0x1930  [ C859AB553D9AE51A5D148E0BB851DA38 ] \Device\Harddisk2\DR2\Partition1
20:50:54.0817 0x1930  \Device\Harddisk2\DR2\Partition1 - ok
20:50:54.0818 0x1930  [ EEF67415C441F07030205F645D849FC0 ] \Device\Harddisk2\DR2\Partition2
20:50:54.0819 0x1930  \Device\Harddisk2\DR2\Partition2 - ok
20:50:54.0821 0x1930  [ DA1EFE40F9D1738988FFF6043704C8BF ] \Device\Harddisk3\DR3\Partition1
20:50:54.0822 0x1930  \Device\Harddisk3\DR3\Partition1 - ok
20:50:54.0824 0x1930  [ 3B27790D15A4C2B8769524A800EE49E3 ] \Device\Harddisk4\DR4\Partition1
20:50:54.0825 0x1930  \Device\Harddisk4\DR4\Partition1 - ok
20:50:54.0826 0x1930  ================ Scan generic autorun ======================
20:50:54.0829 0x1930  [ C9900177A954E22C84A696075A40A173, 33E32173FF811DF1B687916CB3CADAE2907DAF5AC4B80F559039D3B61553C48F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:50:54.0832 0x1930  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:50:56.0547 0x0c48  Object send P2P result: true
20:50:57.0019 0x300c  Object send P2P result: true
20:50:57.0023 0x300c  Object required for P2P: [ 4F2B65FA16319BBA3A309EC2964920A1 ] nvsvc
20:50:57.0234 0x1930  Detect skipped due to KSN trusted
20:50:57.0234 0x1930  IAStorIcon - ok
20:50:57.0245 0x1930  [ 2DBCA4E4BB09FF7F8F171CC364DFAF67, D884B06DBB81541EE05D18F7AA24EBF0FB3920A6A649AB2CFA211ED4111A7AFA ] C:\WINDOWS\syswow64\RunDll32.exe
20:50:57.0255 0x1930  Cmaudio8788 - ok
20:50:57.0259 0x1930  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\WINDOWS\syswow64\HsMgr.exe
20:50:57.0273 0x1930  Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
20:50:59.0481 0x300c  Object send P2P result: true
20:50:59.0481 0x300c  Object required for P2P: [ EABD6FC38504B46913E2B1B739DAD185 ] Origin Client Service
20:50:59.0649 0x1930  Detect skipped due to KSN trusted
20:50:59.0649 0x1930  Cmaudio8788GX - ok
20:50:59.0655 0x1930  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\WINDOWS\system\HsMgr64.exe
20:50:59.0663 0x1930  Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
20:51:01.0753 0x2238  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
20:51:01.0942 0x300c  Object send P2P result: true
20:51:01.0946 0x300c  Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
20:51:02.0006 0x1930  Detect skipped due to KSN trusted
20:51:02.0006 0x1930  Cmaudio8788GX64 - ok
20:51:02.0044 0x1930  [ BC293F3C9621D40E1924A5715417F77C, 3EB1B0040566CE0DBA3FC65C5005B0F1E79BE9AB39CAD1398A45AAC3AB7AD733 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:51:02.0080 0x1930  NvBackend - ok
20:51:02.0085 0x1930  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\WINDOWS\system32\rundll32.exe
20:51:02.0098 0x1930  ShadowPlay - ok
20:51:02.0103 0x1930  [ 3B1C6FDA44883B810BF48BACFFEE862D, F0AFF9FAEA9D2912F5ACD40ADAA97A920848243B36BE9B0297D8622B76B44FB8 ] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
20:51:02.0110 0x1930  SamsungRapidApp - ok
20:51:02.0234 0x1930  [ 898A9A279556B6F4872D43E788672B5C, 0D43A99EE4F7BC76848E9DBD56693993418A5D881DB7BA642D9F841EF7ECEE18 ] c:\program files\emsisoft anti-malware\a2guard.exe
20:51:02.0352 0x1930  emsisoft anti-malware - ok
20:51:02.0361 0x1930  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
20:51:02.0366 0x1930  iTunesHelper - ok
20:51:02.0372 0x1930  [ E4E7B29D050F5480071984FE6543C311, 9A4D8D1702AE74AB4FE4367EAF4AD6500F59D4F25B3CCACE3EF07613B7B5853C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
20:51:02.0380 0x1930  USB3MON - ok
20:51:02.0382 0x1930  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
20:51:02.0386 0x1930  UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
20:51:04.0217 0x2238  Object send P2P result: true
20:51:04.0401 0x300c  Object send P2P result: true
20:51:04.0402 0x300c  Object required for P2P: [ 3763C406CB735D044373C50FF95167E3 ] SamsungRapidSvc
20:51:04.0855 0x1930  Detect skipped due to KSN trusted
20:51:04.0855 0x1930  UpdReg - ok
20:51:04.0875 0x1930  [ F85C8852B663E1D1A69E9A59677AD393, 7065140F76ED16A760E6AC6386C47AD27A09CDAFD889DAA07A726819FDCAF34F ] C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
20:51:04.0900 0x1930  Sound Blaster Recon3Di SBX Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
20:51:06.0855 0x300c  Object send P2P result: true
20:51:06.0857 0x300c  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
20:51:07.0255 0x1930  Detect skipped due to KSN trusted
20:51:07.0255 0x1930  Sound Blaster Recon3Di SBX Control Panel - ok
20:51:07.0264 0x1930  [ EB9596C3D95ED4BB59BE1F68CD40CC79, 328A953062FF94B91A1AC30013DC39ECE6EB79B7BC5542C01AA79B71AB440E19 ] C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE
20:51:07.0278 0x1930  RoccatKoneXTD - detected UnsignedFile.Multi.Generic ( 1 )
20:51:07.0635 0x248c  Object required for P2P: [ 3B1C6FDA44883B810BF48BACFFEE862D ] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
20:51:09.0347 0x300c  Object send P2P result: true
20:51:09.0349 0x300c  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
20:51:09.0733 0x1930  RoccatKoneXTD ( UnsignedFile.Multi.Generic ) - warning
20:51:10.0096 0x248c  Object send P2P result: true
20:51:10.0096 0x248c  Object required for P2P: [ 898A9A279556B6F4872D43E788672B5C ] c:\program files\emsisoft anti-malware\a2guard.exe
20:51:11.0809 0x300c  Object send P2P result: true
20:51:12.0213 0x1930  [ 3ADAEB3EEF3EEDD48B120D6F32CFF595, 96DA6921AE69934A7DA6EF91D0725749262A0A65E9C3CB72FE1BCA60B0F0F045 ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
20:51:12.0244 0x1930  EaseUS EPM tray - ok
20:51:12.0253 0x1930  [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:51:12.0265 0x1930  SunJavaUpdateSched - ok
20:51:12.0277 0x1930  [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:51:12.0288 0x1930  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:51:12.0570 0x248c  Object send P2P result: true
20:51:14.0654 0x1930  Detect skipped due to KSN trusted
20:51:14.0654 0x1930  QuickTime Task - ok
20:51:14.0679 0x1930  [ 73973EC1548F70B877A5DFDF66684028, DEBF654B91DE250C24AF774C9649DFB0407F9D9187CB62328DDB2D9614A3A13A ] C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe
20:51:14.0720 0x1930  COLADA - detected UnsignedFile.Multi.Generic ( 1 )
20:51:17.0070 0x1930  COLADA ( UnsignedFile.Multi.Generic ) - warning
20:51:17.0070 0x1930  Force sending object to P2P due to detect: C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe
20:51:19.0551 0x1930  Object send P2P result: true
20:51:22.0033 0x1930  [ E5255D63DD01AA9F1CC4355FE366E2D3, 2E28C14DC1FEAE10626D37FF4C1DAE27F3801A40EA973E02E42B48185CBBC89B ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
20:51:22.0101 0x1930  LogMeIn Hamachi Ui - ok
20:51:22.0274 0x1930  [ 13056FB12E1874C2B9FF40D98677128B, 4DC71D686071DC91B5D140B40622DC6C0A40092FB2A8F767D0D1AD436E8972C6 ] C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
20:51:22.0451 0x1930  Corsair Utility Engine - ok
20:51:22.0463 0x1930  Dropbox - ok
20:51:22.0468 0x1930  [ 53C6C41356D532FEFD8056AB2906D129, C5E54C571FA44AF7FD1974464CC5D5DD30BA0D31ED20CF6B3DBB5A49FC5F0AC7 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
20:51:22.0473 0x1930  Lightshot - ok
20:51:22.0584 0x1930  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:51:22.0699 0x1930  OneDriveSetup - ok
20:51:22.0802 0x1930  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:51:22.0897 0x1930  OneDriveSetup - ok
20:51:22.0930 0x1930  [ 00B8939C3E74A7C0D86852D0B6C18104, BF0471D4FECD074B27E6531F72F940AF39F1174A2AF9B14799199CD3A3443B32 ] C:\Users\Moha´s PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:51:22.0968 0x1930  Spotify Web Helper - ok
20:51:22.0980 0x1930  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:51:22.0991 0x1930  OneDrive - ok
20:51:22.0994 0x1930  MediaFire Tray - ok
20:51:23.0030 0x1930  [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] C:\Program Files (x86)\Steam\steam.exe
20:51:23.0070 0x1930  Steam - ok
20:51:23.0182 0x1930  [ 40335C8877B6B84842AF03A40E1BB206, 33433ED8961B1AEEBD30F8DD53A541C711C403D019F1074406FF9C9D1E9F4113 ] C:\Program Files\CCleaner\CCleaner64.exe
20:51:23.0284 0x1930  CCleaner Monitoring - ok
20:51:23.0296 0x1930  [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
20:51:23.0307 0x1930  RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
20:51:25.0664 0x1930  Detect skipped due to KSN trusted
20:51:25.0664 0x1930  RocketDock - ok
20:51:25.0709 0x1930  [ FE4071F6BCDA00B06F80E83AB3969586, 30BF77BDDDA466DC280A96B49746325B00FE2726BE5E744960F2BB38F124D6E5 ] C:\Program Files (x86)\Origin\Origin.exe
20:51:25.0755 0x1930  EADM - ok
20:51:25.0762 0x1930  [ 5D47E37C1E1F03C1E7E8DCEDD4A4BCDF, 72F9675AEA8ED5ACF19161E8FDD481460BE158A65EF2B998AE4E93A7804B2172 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
20:51:25.0767 0x1930  iCloudServices - ok
20:51:25.0783 0x1930  [ A71A3361AE28DDA0F016B9E72D0FD770, F10B3D5621B20DBBB7F28EB1A59107F10C700D1CE522D926924792BE7D6ECA54 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
20:51:25.0799 0x1930  AppleIEDAV - ok
20:51:25.0802 0x1930  [ 8C5A712AA2C4A0F106965D199D8B73B8, AED43CD6E85CC92AD72AE344842F47E39E288BEC78168CBF8BB6A6B9105FBFB8 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
20:51:25.0806 0x1930  iCloudDrive - ok
20:51:25.0836 0x1930  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
20:51:25.0849 0x1930  Uninstall C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64 - ok
20:51:25.0857 0x1930  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
20:51:25.0870 0x1930  Uninstall C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64 - ok
20:51:25.0972 0x1930  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:51:26.0081 0x1930  OneDriveSetup - ok
20:51:26.0094 0x1930  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
20:51:26.0113 0x1930  WAB Migrate - ok
20:51:26.0114 0x1930  Waiting for KSN requests completion. In queue: 17
20:51:27.0114 0x1930  Waiting for KSN requests completion. In queue: 17
20:51:28.0115 0x1930  Waiting for KSN requests completion. In queue: 17
20:51:28.0465 0x2d64  Object required for P2P: [ E5255D63DD01AA9F1CC4355FE366E2D3 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
20:51:29.0115 0x1930  Waiting for KSN requests completion. In queue: 17
20:51:30.0115 0x1930  Waiting for KSN requests completion. In queue: 17
20:51:30.0942 0x2d64  Object send P2P result: true
20:51:30.0942 0x2d64  Object required for P2P: [ FE4071F6BCDA00B06F80E83AB3969586 ] C:\Program Files (x86)\Origin\Origin.exe
20:51:31.0116 0x1930  Waiting for KSN requests completion. In queue: 7
20:51:32.0116 0x1930  Waiting for KSN requests completion. In queue: 7
20:51:33.0116 0x1930  Waiting for KSN requests completion. In queue: 7
20:51:34.0117 0x1930  Waiting for KSN requests completion. In queue: 7
20:51:35.0117 0x1930  Waiting for KSN requests completion. In queue: 7
20:51:36.0117 0x1930  Waiting for KSN requests completion. In queue: 7
20:51:36.0705 0x2d64  Object send P2P result: true
20:51:36.0705 0x2d64  Object required for P2P: [ A71A3361AE28DDA0F016B9E72D0FD770 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
20:51:37.0120 0x1930  Waiting for KSN requests completion. In queue: 5
20:51:38.0121 0x1930  Waiting for KSN requests completion. In queue: 5
20:51:39.0122 0x1930  Waiting for KSN requests completion. In queue: 5
20:51:39.0183 0x2d64  Object send P2P result: true
20:51:39.0183 0x2d64  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
20:51:40.0122 0x1930  Waiting for KSN requests completion. In queue: 3
20:51:41.0123 0x1930  Waiting for KSN requests completion. In queue: 3
20:51:41.0652 0x2d64  Object send P2P result: true
20:51:41.0652 0x2d64  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
20:51:42.0123 0x1930  Waiting for KSN requests completion. In queue: 2
20:51:43.0124 0x1930  Waiting for KSN requests completion. In queue: 2
20:51:44.0111 0x2d64  Object send P2P result: true
20:51:44.0132 0x1930  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe ( 11.6.1.6315 ), 0x41000 ( enabled : updated )
20:51:44.0132 0x1930  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
20:51:44.0134 0x1930  Win FW state via NFP2: enabled ( trusted )
20:51:46.0540 0x1930  ============================================================
20:51:46.0540 0x1930  Scan finished
20:51:46.0540 0x1930  ============================================================
20:51:46.0546 0x32a0  Detected object count: 3
20:51:46.0546 0x32a0  Actual detected object count: 3
20:52:32.0337 0x32a0  Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:32.0337 0x32a0  Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:52:32.0338 0x32a0  RoccatKoneXTD ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:32.0338 0x32a0  RoccatKoneXTD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:52:32.0338 0x32a0  COLADA ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:32.0338 0x32a0  COLADA ( UnsignedFile.Multi.Generic ) - User select action: Skip

moha · 14.04.2016, 15:08

FRST Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Moha´s PC (2016-04-13 20:58:30)
Gestartet von C:\Users\Moha´s PC\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-06 10:37:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1815034600-3101877025-2237350249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1815034600-3101877025-2237350249-503 - Limited - Disabled)
Gast (S-1-5-21-1815034600-3101877025-2237350249-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1815034600-3101877025-2237350249-1002 - Limited - Enabled)
Moha´s PC (S-1-5-21-1815034600-3101877025-2237350249-1000 - Administrator - Enabled) => C:\Users\Moha´s PC
SophosSAUMOHASPC0 (S-1-5-21-1815034600-3101877025-2237350249-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
4K Video Downloader 3.8 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.8.1.1870 - Open Media LLC)
7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AlienFX for KoneXTD (Version: 1.02 - Roccat GmbH) Hidden
Amazon Cloud Drive (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Amazon Cloud Drive) (Version: 3.2.1.29 - Amazon.com, Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.0 - Arduino LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version:   - ASUSTeK Computer Inc.)
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.00.14 - ASUSTeK Computer Inc.)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 7.9 - Codeusa Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CAT Interstellar (HKLM\...\Steam App 384740) (Version:  - Ionized Games)
Catzilla 1.3 (HKLM\...\{41EE0CB2-75DE-4FE0-AEB2-4CBC30624FA6}_is1) (Version: 1.3 - ALLPlayer Group Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
COLADA Gaming-Tastatur (HKLM-x32\...\{A23DDF8C-EF6D-4C3C-B66A-A05EDB904832}}_is1) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corsair Utility Engine (HKLM-x32\...\{68AA0FFC-4EAC-4C7D-8859-2DF65A566A01}) (Version: 1.15.36 - Corsair)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMG Extractor (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\DMG Extractor) (Version: 1.3.15.0 - Reincubate Ltd)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.35.1 - Dropbox, Inc.) Hidden
EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Epic Games Launcher (HKLM-x32\...\{4620A9CA-A0D7-4F15-BA89-4545B5372345}) (Version: 1.1.60.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Download Manager 3.9.6 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free DVD Video Converter version 2.0.24.1215 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.24.1215 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.58.415 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.9.1029 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.415 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.415 - DVDVideoSoft Ltd.)
Full Combat Rebalance v1.6a (HKLM-x32\...\Full Combat Rebalance_is1) (Version: 1.6a - Andrzej Kwiatkowski)
Futuremark SystemInfo (HKLM-x32\...\{70690D9E-3D00-47D6-9CE9-BC3B6F900447}) (Version: 4.41.563.0 - Futuremark)
Geeks3D FurMark 1.14.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.78.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.78.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
G-Ignition (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 2.0.0.1 - EIZO Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gothic 3 Forsaken Gods Enhanced Edition (HKLM-x32\...\Steam App 65600) (Version:  - Trine Studios)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.2 - goldensoft.org)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWiNFO64 Version 4.50 (HKLM\...\HWiNFO64_is1) (Version: 4.50 - Martin Malík - REALiX)
iBackupBot 5.3.3 (HKLM-x32\...\iBackupBot) (Version: 5.3.3 - VOWSoft, Ltd.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Icons8 App (HKLM-x32\...\{195AC760-D5CE-47B9-99EE-E144CD7BF94A}_is1) (Version: 5.0 - Icons8)
IdleMaster (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.1.25 - Intel Corporation) Hidden
Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
KeePass Password Safe 1.30 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
Killer Bandwidth Control Filter Driver (Version: 1.1.54.1334 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.54.1334 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.54.1334 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{7335EB04-8B27-4CA9-AF83-A3851E894770}) (Version: 1.1.54.1334 - Qualcomm Atheros)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Monitor Calibration Wizard 1.0 (HKLM-x32\...\Monitor Calibration Wizard) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.7 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 36.0.2130.46 (HKLM-x32\...\Opera 36.0.2130.46) (Version: 36.0.2130.46 - Opera Software)
Oracle VM VirtualBox 5.0.8 (HKLM\...\{C1B8ECDB-4DB0-47ED-B9CE-61638F876B0F}) (Version: 5.0.8 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1046.0 - Passmark Software)
Personal Backup 5.7.4.1 (HKLM\...\Personal Backup 5_is1) (Version: 5.7.4.1 - Dr. J. Rathlev)
PhonerLite 2.35 (HKLM-x32\...\PhonerLite_is1) (Version: 2.35 - Heiko Sommerfeldt)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise And Fall (remove only) (HKLM-x32\...\Rise And Fall) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Rise of the White Wolf (HKLM-x32\...\Rise of the White Wolf 2.0) (Version: 2.0 - CD Projekt RED)
Rise of the White Wolf (x32 Version: 2.0 - CD Projekt RED) Hidden
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0011 - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.5 - Samsung Electronics)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{35F6AC62-F1A7-4BE2-A8AF-C909AC0B824D}) (Version: 1.03.11 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.2252 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storage Executive (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Storage Executive 3.15.112014.06) (Version: 3.15.112014.06 - Crucial)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TP-LINK PLC Utility (HKLM-x32\...\{4949B8DA-850B-485B-A32C-C4B3416A9D59}) (Version: 2.0.2077 - TP-LINK)
TreeSize Free V3.4.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.3 - JAM Software)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{49CDE7BF-ED37-4753-A02D-AE23F8CD9FF7}) (Version: 12.0.1 - VMware, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winmail Opener 1.4 (HKLM-x32\...\Winmail Opener) (Version: 1.4 - Eolsoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1815034600-3101877025-2237350249-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1815034600-3101877025-2237350249-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07AB9FA3-F0EC-4CCF-9CF2-DD7290D4D677} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {08560E4D-948E-48A1-A7D7-36BF6B5F2636} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {1279AED0-0176-4CD2-BB52-E30EAEFB05C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {12A75842-E07F-4E9E-9DB3-30F0ED870295} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {13971DFD-37BB-4823-A559-069CF493F33C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-05] (Dropbox, Inc.)
Task: {157EE0FE-C731-45CC-8880-1FC326D8D557} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {166A27EC-3C4A-40E6-A839-3FA763013E43} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {17F984DA-1B48-4E93-90F0-EFF2FF1B4CC9} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-01-07] (Samsung Electronics.)
Task: {1E6E2A22-74A6-4B68-A699-AE78D5AFED1D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {25C56F17-D609-464B-B3A0-34D2BBAFDE50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {32188788-E98B-49F5-9AAB-B3A5EC02CB46} - System32\Tasks\{FAA5F100-8C80-4847-BB4F-E6DAE08EF678} => pcalua.exe -a "C:\Users\Moha´s PC\Downloads\AppCenter\Install_APC.exe" -d "C:\Users\Moha´s PC\Downloads\AppCenter"
Task: {32292FD4-CC53-4FDB-ACCE-F021808371DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {367AECDA-0C20-46DA-843E-F7595A65562C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {38D7C4AE-4F28-4300-8746-4C1F7DAD090A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4375A762-58F0-4B8B-B1EA-ADFD10C12149} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {45BF3495-37B8-417C-822B-554E95175F73} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {49B158EB-4FE8-4351-A23D-ED16DF56B81A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {58E37856-C62E-47F5-B865-B92C8010A1FB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {5AA5D54B-7D53-4BA6-A359-B7F8064FBE52} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {5B0E7031-7FB4-4BA0-BD19-9F78469591F6} - System32\Tasks\{0A9C3E1C-CBD3-4BD6-ABF3-BD38D7DD1FCF} => pcalua.exe -a D:\Downloads\VirtualBox-4.3.20-96997-Win.exe -d D:\Downloads
Task: {5D7124F7-8BAB-4996-B156-D93D2D55B428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {68883680-C6BF-41A4-A0BE-641DD8987B9F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {6F9DC75A-5427-4814-AE50-DE3238BE3E53} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-05] (Dropbox, Inc.)
Task: {7E80DD98-588C-44AA-B826-8F3801E96CA7} - System32\Tasks\Opera scheduled Autoupdate 1414856039 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-24] (Opera Software)
Task: {7F25F6DC-A236-432E-A73E-6AD356F4D7A4} - System32\Tasks\{C3F97B67-1340-4B37-A23B-88B77835C6A3} => pcalua.exe -a "E:\Data Migration Software\Samsung_Data_Migration_Setup_v.2.7.exe" -d "E:\Data Migration Software"
Task: {812D7921-8419-4A01-9A16-43CDDF57D01A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {86A05895-CEBF-402F-8AFA-0C7A7133FE29} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {8C029721-BBBE-498E-A9CD-C20F6743A3AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8C725F8B-CA01-45D1-AF73-400DCDC0B261} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {93AF16F4-ACC0-4528-A461-F3CC692A4E59} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {95928923-B32C-4AF9-A095-1AF8692984C0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {992B8116-BBE5-434B-8974-2C91C1245F2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9BC4C803-8A2D-4239-BC4D-8874813E8656} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9E42D713-7986-480E-83BF-0857D7E9AFF8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {A8040DF4-63BB-49BB-AD28-6D9CC4987726} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A94E8641-1ABA-46B6-B1E5-2439DD1DD36E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {AEC5EF89-D556-4578-BBF2-7E02004B0F79} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B73A6590-B1E8-45D4-97A1-84B33923147E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-07] ()
Task: {BEBA55CC-A98F-4B41-B34D-6903351637F0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {CDA3B472-8114-4FD5-8A2C-44D9F9C3683A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {D3C6311B-9560-472D-9A0F-67DE399B5E50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D492005B-8C87-4CF3-A443-A131E2A034D2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DAA3F5D0-0DA3-4349-9FAC-01507E59C173} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E388DB8C-3046-421E-883F-0CA78B61453A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E569A23C-C550-4668-8655-F82F244D1BA1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E63D120B-7D1C-49C3-A8CE-59D8A0B7E55C} - System32\Tasks\{C2CC31AE-6565-4B13-BD66-A2F820D091A3} => pcalua.exe -a D:\Downloads\Arena106.exe -d D:\Downloads
Task: {E89EE70B-9F0F-4FCB-A748-CD5C4F2EA7EF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E8E81B6F-7920-468A-B624-EDD2EEC8C51B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {ED3D6188-AB32-4E69-BF1D-9F36C9E25245} - System32\Tasks\update-S-1-5-21-1815034600-3101877025-2237350249-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {EDD204CD-C38D-4964-89E4-6CABD7711BDD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F8817239-71CB-490D-97A2-8F5053B9B269} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {FD65C175-17CC-4354-A19B-0D913B58FA4F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {FD9B5CF5-468B-4305-9E80-E86FA383D09C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1815034600-3101877025-2237350249-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-17 15:28 - 2016-02-09 07:29 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-06 20:12 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-12-20 18:45 - 2015-12-20 18:45 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-02-24 19:51 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-17 15:29 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-24 19:51 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-03 14:19 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-12-07 04:37 - 2015-12-07 04:37 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-04-03 14:19 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2015-12-06 12:33 - 2015-12-06 12:33 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-01-14 17:09 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-03 14:19 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-01-17 13:24 - 2016-01-14 17:00 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-01-17 13:24 - 2016-01-13 14:49 - 00282112 _____ () C:\Windows\System\HsMgr64.exe
2016-02-19 15:22 - 2016-02-19 15:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-11 16:05 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2015-11-16 18:55 - 2015-11-16 18:55 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-02 11:19 - 2015-12-02 11:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 18:43 - 2015-11-23 18:43 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-02-17 18:36 - 2015-02-17 18:36 - 00013824 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtWebProcess.exe
2015-11-19 17:25 - 2014-04-25 19:34 - 01753600 _____ () C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00775872 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-03-05 06:35 - 2014-03-05 06:35 - 15306240 _____ () C:\Program Files (x86)\FAHClient\FAHClient.exe
2015-09-01 20:02 - 2015-09-05 16:41 - 02703360 _____ () C:\Program Files (x86)\Mod Organizer\ModOrganizer.exe
2016-02-14 17:26 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-14 17:26 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-24 14:49 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-24 14:49 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2016-03-24 00:15 - 2015-02-26 01:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2015-12-06 08:55 - 2015-12-06 08:55 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-06 08:55 - 2015-12-06 08:55 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-06 08:55 - 2015-12-06 08:55 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-06 08:55 - 2015-12-06 08:55 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-06 08:55 - 2015-12-06 08:55 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2016-02-17 15:29 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-11 16:05 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2016-01-08 19:36 - 2016-01-08 19:36 - 00143360 ____N () C:\Program Files\ASUS Xonar DGX Audio\Customapp\VmixP8.dll
2016-02-19 15:22 - 2016-02-19 15:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-19 15:22 - 2016-02-19 15:22 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-11-02 13:00 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-24 19:13 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-24 19:13 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-28 16:08 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-28 16:08 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-11-02 13:00 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-02 13:00 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-02 13:00 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-02 13:00 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-02 13:00 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-02 13:00 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 16:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-10-13 11:21 - 2016-04-03 14:02 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-02 13:00 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-02-24 14:52 - 2016-02-24 14:52 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-02-17 16:11 - 2015-02-17 16:11 - 00012288 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtQuick.2\qtquick2plugin.dll
2015-02-17 16:12 - 2015-02-17 16:12 - 00783872 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-02-17 16:11 - 2015-02-17 16:11 - 00012288 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtQuick\Window.2\windowplugin.dll
2015-02-17 16:13 - 2015-02-17 16:13 - 00055296 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-02-17 18:36 - 2015-02-17 18:36 - 00026624 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtWebKit\qmlwebkitplugin.dll
2015-02-17 18:36 - 2015-02-17 18:36 - 00037888 _____ () C:\Program Files (x86)\EIZO\G-Ignition\QtWebKit\experimental\qmlwebkitexperimentalplugin.dll
2014-11-30 16:17 - 2012-06-17 12:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2016-03-05 13:27 - 2016-01-07 21:45 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-02-03 17:57 - 2016-02-03 17:57 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-02-03 17:55 - 2016-02-03 17:55 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-02-03 17:54 - 2016-02-03 17:54 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-04-05 18:49 - 2016-02-23 20:19 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-05 18:49 - 2016-02-23 20:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-05 18:49 - 2016-02-23 20:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-04-05 18:49 - 2016-02-23 20:19 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-04-05 18:49 - 2016-02-23 20:19 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-05 18:49 - 2016-02-23 20:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-04-05 18:49 - 2016-03-12 02:18 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-04-05 18:49 - 2016-02-23 20:19 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-04-05 18:49 - 2016-02-23 20:20 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-05 18:49 - 2016-03-12 02:18 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-04-05 18:49 - 2016-02-13 02:24 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-04-05 18:49 - 2016-03-12 02:18 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-05 18:49 - 2016-02-23 20:19 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-05 18:49 - 2016-02-23 20:19 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-05 18:49 - 2016-02-23 20:20 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-04-05 18:49 - 2016-02-23 20:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-05 18:49 - 2016-03-12 02:18 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-04-05 18:49 - 2016-02-23 20:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-05 18:49 - 2016-02-23 20:23 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-05 18:49 - 2016-02-23 20:23 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-04-05 18:49 - 2016-03-12 02:18 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-05 18:49 - 2016-03-12 02:18 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-04-05 18:49 - 2016-02-23 20:25 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-04-03 14:03 - 2016-04-03 14:03 - 63828520 _____ () C:\Program Files (x86)\Opera\36.0.2130.46\opera.dll
2016-04-03 14:03 - 2016-04-03 14:03 - 00080424 _____ () C:\Program Files (x86)\Opera\36.0.2130.46\win10_utils.DLL
2016-04-03 14:03 - 2016-04-03 14:02 - 02134568 _____ () C:\Program Files (x86)\Opera\36.0.2130.46\libglesv2.dll
2016-04-03 14:03 - 2016-04-03 14:02 - 00082472 _____ () C:\Program Files (x86)\Opera\36.0.2130.46\libegl.dll
2015-09-01 19:52 - 2015-09-05 16:33 - 00232960 _____ () C:\Program Files (x86)\Mod Organizer\uibase.dll
2015-09-01 20:02 - 2015-09-05 16:41 - 00111616 _____ () C:\Program Files (x86)\Mod Organizer\dlls\archive.dll
2015-09-01 19:54 - 2015-09-05 16:35 - 00245248 _____ () C:\Program Files (x86)\Mod Organizer\plugins\bsaExtractor.dll
2015-09-01 19:54 - 2015-09-05 16:34 - 00053248 _____ () C:\Program Files (x86)\Mod Organizer\plugins\checkFNIS.dll
2015-09-01 19:54 - 2015-09-05 16:34 - 00318464 _____ () C:\Program Files (x86)\Mod Organizer\plugins\diagnoseBasic.dll
2015-09-01 19:54 - 2015-09-05 16:35 - 00084992 _____ () C:\Program Files (x86)\Mod Organizer\plugins\gameFallout3.dll
2015-09-01 19:54 - 2015-09-05 16:35 - 00084992 _____ () C:\Program Files (x86)\Mod Organizer\plugins\gameFalloutNV.dll
2015-09-01 19:54 - 2015-09-05 16:35 - 00085504 _____ () C:\Program Files (x86)\Mod Organizer\plugins\gameOblivion.dll
2015-09-01 19:54 - 2015-09-05 16:35 - 00085504 _____ () C:\Program Files (x86)\Mod Organizer\plugins\gameSkyrim.dll
2015-09-01 19:53 - 2015-09-05 16:33 - 00038400 _____ () C:\Program Files (x86)\Mod Organizer\plugins\iniEditor.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00078336 _____ () C:\Program Files (x86)\Mod Organizer\plugins\installerBAIN.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00022016 _____ () C:\Program Files (x86)\Mod Organizer\plugins\installerBundle.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00324096 _____ () C:\Program Files (x86)\Mod Organizer\plugins\installerFomod.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00095232 _____ () C:\Program Files (x86)\Mod Organizer\plugins\installerManual.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00178176 _____ () C:\Program Files (x86)\Mod Organizer\plugins\installerNCC.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00068096 _____ () C:\Program Files (x86)\Mod Organizer\plugins\installerQuick.dll
2015-09-01 19:53 - 2015-09-05 16:34 - 00226816 _____ () C:\Program Files (x86)\Mod Organizer\plugins\NMMImport.dll
2015-09-01 19:54 - 2015-09-05 16:35 - 00049152 _____ () C:\Program Files (x86)\Mod Organizer\plugins\previewBase.dll
2015-09-01 19:54 - 2015-09-05 16:34 - 00095744 _____ () C:\Program Files (x86)\Mod Organizer\plugins\proxyPython.dll
2015-09-01 19:53 - 2015-09-05 16:33 - 00694272 _____ () C:\Program Files (x86)\Mod Organizer\plugins\data\pythonRunner.dll
2015-08-09 14:33 - 2015-08-09 14:33 - 00210944 _____ () C:\Program Files (x86)\Mod Organizer\dlls\boost_python-vc120-mt-1_56.dll
2015-08-09 14:33 - 2015-08-09 14:33 - 01764352 _____ () C:\Program Files (x86)\Mod Organizer\plugins\data\PyQt5\QtCore.pyd
2015-08-09 14:33 - 2015-08-09 14:33 - 00077824 _____ () C:\Program Files (x86)\Mod Organizer\plugins\data\sip.pyd
2015-08-09 14:33 - 2015-08-09 14:33 - 01876992 _____ () C:\Program Files (x86)\Mod Organizer\plugins\data\PyQt5\QtGui.pyd
2015-08-09 14:33 - 2015-08-09 14:33 - 03852288 _____ () C:\Program Files (x86)\Mod Organizer\plugins\data\PyQt5\QtWidgets.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Mount:$WIMMOUNTDATA [818]
AlternateDataStreams: C:\Users\Moha´s PC\MediaFire:mf_x [92]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-09-14 11:28 - 00002214 ___RA C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	choice.microsoft.com
127.0.0.1	choice.microsoft.com.nstac.net
127.0.0.1	df.telemetry.microsoft.com
127.0.0.1	oca.telemetry.microsoft.com
127.0.0.1	oca.telemetry.microsoft.com.nsatc.net
127.0.0.1	redir.metaservices.microsoft.com
127.0.0.1	reports.wes.df.telemetry.microsoft.com
127.0.0.1	services.wes.df.telemetry.microsoft.com
127.0.0.1	settings-sandbox.data.microsoft.com
127.0.0.1	settings-win.data.microsoft.com
127.0.0.1	sqm.df.telemetry.microsoft.com
127.0.0.1	sqm.telemetry.microsoft.com
127.0.0.1	sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1	telecommand.telemetry.microsoft.com
127.0.0.1	telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1	telemetry.appex.bing.net
127.0.0.1	telemetry.microsoft.com
127.0.0.1	telemetry.urs.microsoft.com
127.0.0.1	vortex-sandbox.data.microsoft.com
127.0.0.1	vortex-win.data.microsoft.com
127.0.0.1	vortex.data.microsoft.com
127.0.0.1	watson.telemetry.microsoft.com
127.0.0.1	watson.telemetry.microsoft.com.nsatc.net
127.0.0.1	watson.ppe.telemetry.microsoft.com
127.0.0.1	wes.df.telemetry.microsoft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\Control Panel\Desktop\\Wallpaper -> F:\Bilder\waterfall_rocks_sky_trees_hdr_96337_3840x2400.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CTAudSvcService => 2
MSCONFIG\Services: CtHdaSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: XTU3SERVICE => 2

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{5C0D9AFE-0A3C-4BC1-981E-959832299339}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{0B2BBFF9-0671-4567-86C5-C6FE8C301F73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{4AF515CB-3639-465A-B3C5-0F80EBDAA2FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{FFA92373-2512-4BD2-94C9-BEE5B1D2D956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{A936189A-6782-4D88-AC0A-6D77A114325B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{A3497AC8-9C31-471A-82D6-7307E315F4C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [UDP Query User{E67F0CBF-2C69-44AC-A0A6-275E78F2D58A}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{F82B6541-C6DC-4D1C-A917-FF392FD54F00}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{DC709419-F4B6-41AF-BD45-CFADE52B86AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{ABFE42A8-3FFF-45FA-B406-64EA0B184D5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{B13DCEFD-112B-4088-A7CE-4C6CA8F1C931}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{65E318B7-23C3-4003-9D5B-9EA13B56DFA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{89082CF5-4C70-4BAF-B954-3857E5C97412}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{DEC9BB7C-4364-43DE-AA3B-FAACD0C263BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{34BBE052-F974-490B-B3D6-8B2F2AE873FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{420B36A9-2D60-45D6-AE65-C5A9168FCE5A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{114FEA5C-2D1B-4F57-B4D2-E70D0EAD3BF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{19E78A8F-DEE3-4A88-B151-091EC2EA7F1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{43D82A8C-1168-4805-B765-4628CE62CC4B}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{ED227F53-A5CF-4C8C-84AE-EE5FB6A5D8CD}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F0C5D584-7350-48E2-B1DF-51FEE9DED790}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{E0111228-BEAA-4729-9B73-1F5619D91C32}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [UDP Query User{A6D82CF7-2FF8-4030-86CF-148E4059105B}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{63C0FCD7-7637-4AE2-AEA8-0D3DD1B8A2B0}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{B60F2573-B9CE-43E7-861F-63B434AD2BCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{BC78E9F2-F3DB-42E0-9626-BF9462CC7CE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{3E375C85-9387-41CF-92D7-DA72EFF29E7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{97E2DDC4-A6E5-45A0-92CA-F92E7835F626}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{19B93699-48CA-4567-ACCF-0BA02FFAD65A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C4CCC004-B1B2-4ECB-BAB4-C82DE0C6789B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E171D7A8-8E9F-4B43-82D1-E724E12F7AC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DDFEFD57-3EF3-4FCA-9208-6CDC02E4E7BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{0A315B6A-11CA-49E6-BD3F-7AE28413DE0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{76F4CAF8-385A-4B10-92A6-56F3D3550CC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AC4C68BE-69AD-4035-9CB8-5F1F097129D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{77267DA2-3969-4509-BA6B-03B97204DC7C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [TCP Query User{E28F30A1-62A9-4EC0-8C1B-6AA3AC780E73}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [UDP Query User{7E91C2E4-3D91-4B92-852D-07422551BC63}F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{D9408513-C70F-4387-9827-296198366EB9}F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{B476D7EB-BD49-4C9F-989C-45A85E7E10A9}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{C59252A0-A5C4-4AD6-803F-89C7357692C4}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [{D624B61B-04E8-46C6-8038-4005CA7490AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ECFCC03E-C619-4B7E-9BC0-ADDAC94672F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{886C13F1-0D50-4B13-B02F-CF9C9FE66DFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{456DFA46-7E87-47D6-B575-940EBB4ED3FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{EC9EBA63-1180-4623-A1C6-66843C337653}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{41340D85-D708-4898-8A92-FCCD532318C9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{30886403-86F6-47B4-80D9-6462ACA30CEF}] => (Allow) LPort=8133
FirewallRules: [{49FFF652-F8F4-4E83-8D60-17B80E98EE9D}] => (Allow) LPort=1900
FirewallRules: [{FDB410E5-C32E-4FA1-831C-C293FC6E7243}] => (Allow) LPort=1900
FirewallRules: [{45827FC0-36CD-4EC0-8536-5490D430295A}] => (Allow) LPort=1980
FirewallRules: [{4BEC5372-3286-4B48-9AA8-2B0196496342}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{2CC04EBC-081C-4A8B-8181-BF93D3B14A23}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{1D2EC10E-A7E5-4A4F-A8E6-8D23A67F200F}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [TCP Query User{D9F27CC6-E6B2-4BDD-99AC-59801D377A5F}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [UDP Query User{C90E4255-7FFB-468E-9052-52A9E7DE6AB1}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [TCP Query User{7175A541-F788-42A2-963E-CC9165116068}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{09F60670-DE12-4010-B973-C51DD314264F}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{B2A516B7-74B6-4B96-BE50-45CE5D7E9CD7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A7A65E7-BA88-469D-AD08-4F5D54BECD38}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E31E7006-0AF6-4832-BEF5-F71CC72F967B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{356FA9AC-2C47-4E9E-A756-8691831209E7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{FFE2B4DE-7760-41F6-A081-C3B59111B6A6}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{AB6D09E0-5EFF-4C8E-9EBA-A8F406F5AFCF}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{10D1F617-D9A7-4041-B12B-932A5539F1D7}] => (Allow) LPort=54925
FirewallRules: [{680D0E68-D7AC-49B4-96EA-DC5055066249}] => (Allow) C:\Users\Moha´s PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{2FF2F44B-CB05-4559-9989-7E1D047F0D6E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4420D6CE-9561-4B84-875D-27AF7C92DCCB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{03740993-F770-4823-83F1-0671C440859A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9A63B417-D318-4516-BF01-C4EDF077D50D}] => (Allow) LPort=2869
FirewallRules: [{88E9F337-15AA-4C74-BEC8-A7A4F997A876}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{DF7444A4-55AC-48F9-B21C-CCDA82582A3B}C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A393CAF2-55B9-4D0C-B205-6CA8CE303C3D}C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B61DE0E9-37EC-41AD-AFAF-7FB9806F93FE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{0F8030C4-1C5B-4279-A31F-F0487026A287}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{DDB22002-DF3F-4FDA-A89D-DE4821585642}] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{B84D5B03-CF57-4709-8C72-E13129CC69F1}] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{B9E745DC-8009-460A-9A9B-0C380FC81D89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0D6C75B8-37DD-40C0-8C7A-A17970B38433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9D1B6748-3EE6-46F5-83FB-AF3066BF88F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2F7539E3-31FF-49F8-9FF5-7C357BBE1CE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7EA3752E-869C-445E-8C3D-D566FF95AFF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5B98A75B-23FB-4F5B-9FF5-CDC5EC831B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6E02DF8E-35D7-4707-8D1F-C1E6EC6071AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B50A9380-1B07-436B-81F0-C3479D57A97D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7AF31DAD-417F-4F2C-8A03-0C4FEE5E9809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2A57965E-1C6B-4BEA-894D-F14915277108}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{9606E370-018F-47E8-8AFA-13D5691C37B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B18E11C1-A588-4D49-822B-3771BD8CFB7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6039D732-6BE4-436B-B86D-9F5825B4D047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7B2CF10F-7A55-4318-B1B7-9AFC149EB2E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DFA1FC1A-4417-415B-9425-DF412AC30EA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{327886F3-2D5B-4628-B8C2-F2294D388FE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{7CA9D059-AAD1-42F1-B2D4-597748D95C7E}] => (Allow) C:\Users\Moha´s PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A311D5E4-712B-4018-B428-BA55C3FE3429}] => (Allow) C:\Users\Moha´s PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5B7DC267-C61B-411B-B75E-1FE1D8C9BE56}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{CF40F772-333A-42D7-BCC3-EA673613D139}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [{54A14BD6-B9DE-4853-9719-463A7F292BD6}] => (Block) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [{12C828CB-B5C7-4382-B991-D5FDD0D05F63}] => (Block) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{560DCAA7-41FD-4E9C-9341-2785413B4C46}D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{08ABA49B-D4FD-416A-B42C-405EBA0E63E6}D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{CF1134C6-7EDA-4F2A-BF45-1F83D04B4F17}] => (Block) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{8761CBF2-EB65-47D5-8973-EDE5BEC790AD}] => (Block) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{076B1962-7333-41D4-BF99-955DF2178F6E}C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{5CC2B51D-DC79-4FB0-B1BE-BDF80070B3F4}C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{A24D3731-B2B6-47E5-9796-B5F80A1230F1}] => (Block) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{B1BF48B5-221F-4BFC-8C00-D23D20ED62B5}] => (Block) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{AC88F479-4D4F-462C-BE16-CF92E790D5C0}D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{E6384520-7143-459E-BFC1-814E612C142D}D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{C078BD02-A945-4BA2-B1C7-2511839C59AB}] => (Block) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{2DFC287A-62B4-4204-BE1F-7F1F164EF9FC}] => (Block) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{276D015E-158F-48F8-82E7-A9839B1EA07A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{533B00C2-85B5-4937-84AA-99852DC53182}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8C52F368-4DE7-47D7-9A98-E5577032D535}C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe] => (Block) C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe
FirewallRules: [UDP Query User{629EB4DF-296F-4E8A-ABB5-4A8CF7C71CE2}C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe] => (Block) C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe
FirewallRules: [{3DAF44E3-B7D3-431B-9C25-45A77C679BEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{D6D67CDB-0D69-4C81-8AD4-75D58BE33B22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{A41D455E-3085-46FC-B711-0694E83D38A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CC2D5A7-5E8C-4EFC-B3B4-BB99F59BF514}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{87250846-65B6-4CAC-BEA5-F2244706E589}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{39E06354-792D-4496-BDE5-B7B78499BADE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5B66376-E314-485C-B789-995D823DC2BE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8D4F9CB7-926A-4F25-8A57-4DD72DF847EA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{EA14CFD2-6CE2-4F87-9821-1B1F1DB7C249}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{05CA482C-0F5A-423D-9745-7F27DE2EE635}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4977ECF6-9FA7-4669-A7D3-FF05910E47F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{704C8AA3-09A6-46F8-B1DF-097BE80CF671}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B57300F7-C75F-46CC-9A5B-978045BFFBEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3 Forsaken Gods\Gothic III Forsaken Gods.exe
FirewallRules: [{07E9D404-4FEA-4DFE-9A22-6A822B45255D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3 Forsaken Gods\Gothic III Forsaken Gods.exe
FirewallRules: [TCP Query User{0F7D7FCF-D872-450E-BF18-05FB4C8DD9DB}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{6D00F78E-C47A-4778-AC9E-6064BD9D1D81}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{69E5E00D-700B-4495-9E8B-6739EC093482}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{D25C2597-1FDC-433D-A634-06C99FA33E6F}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{312D8015-53E0-40FF-9A4E-A70513BFAE2B}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{D9239C9F-C3F2-43DB-A196-B8F6B38DB5DC}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{630FD47B-7EAE-4111-BE7F-106C39E5D2C6}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{32012AAE-8ADD-4D5C-8DE6-7E8B84F40580}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{0DC90FAE-D9F5-4034-A783-5192E2864A90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C5405F60-0DB7-4179-BDB8-E4093D50A5CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{8F9370FD-EE67-43DE-9473-4EFF8D3ADB01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{8FF2F044-4127-4546-B321-2FBCD4068CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [TCP Query User{A2508BB1-AAC2-4520-BA97-43FDA360C47E}F:\gta\grand theft auto v\gta5.exe] => (Allow) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E32AE9A0-7FE4-41E0-9CE6-FF41A96623A9}F:\gta\grand theft auto v\gta5.exe] => (Allow) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [{3EB671E7-2AA3-4704-8827-968F75562CA5}] => (Block) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [{C911E88F-6EAA-46EB-80A5-B60D9AAD5A2F}] => (Block) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [{618E8B2A-B924-4D28-95C1-23A624DDA0F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{98570441-08C5-4088-AE5B-D65C0EC37BB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{CDAC4C0A-D57E-424A-AE65-3D900FE41793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{50E0135A-C6BB-4328-8850-AFA4B7D705E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B495BDDB-3033-48C0-A5DE-550A828DE4C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4619C99-1D86-453E-8717-ABA72B086840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{47BA2F59-5137-4898-9A2A-5EEC841EF970}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{D01686D0-047E-4D6B-8B4A-DF6B40894767}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [TCP Query User{47A343C3-6761-46B9-B02F-912EC660BFB0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{014D9115-6D6B-49BF-A7FB-040070732BE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{01A985FD-1DD8-4436-99D5-2FF9BFAB3232}] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{91F011FD-1CD2-47C5-9A0B-CED1C88EB088}] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{7BEC5C09-1F1F-466E-9225-F8DF5A6D0F00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{4C62D833-8A86-4B8C-BFFE-68DFCD39ED0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{CD80BB2C-0C95-4BB9-807B-709492C2F48A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{6B39FC32-C725-48C1-82E9-121F642C7912}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{9A142E42-522C-4D19-99F8-9ED58D5B5773}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{2D6704D8-FF70-400A-8243-F348FF25D2A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{E6C5CAFB-0675-4B4A-B41C-796059425883}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{8E4BA713-7FDB-4EE6-8E69-3B2EC363F548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{62976311-4E68-48EC-BD34-E7619F150E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{80A1028F-BE99-4E4F-811C-0166588E2336}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{43E4E8FD-E7C2-4149-9BEB-26C47EC27939}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{52EB6887-7E87-4EB6-BE22-73BBA3573C1D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{06249FE8-59A6-48E0-A95B-ACE214775025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0C7825B2-A9B6-4943-8967-174FB8AC81C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C8C8E776-B4CC-40A2-82F7-C49D7CC6372E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5AE307E2-8CCD-477E-9296-8564775D39A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CFAFE75-94DB-495C-B114-11F2BB1ADA76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{98B22081-0386-4104-A192-B0CB79ED8437}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{757EC993-B55C-4024-A007-03E2EB73E939}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{6154F00D-FA6B-4CB0-AB49-15B8B8A9D1F8}] => (Block) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{AE5E2850-E534-4779-B019-09296734DCF8}] => (Block) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{8A92621F-7DF9-4D1A-B591-9BF9CC9C9C89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A7F30B62-BE09-4555-851D-F70BB19D7A19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E04702D5-E75C-4FFF-8CD2-F7F270919950}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{CED7DB9F-DB8D-40BF-A64F-5C817E63B035}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{03A997D1-EC1D-423C-80E7-8EC921BBF425}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{9846AC02-DEB8-47DE-9B53-D220B68DCE1C}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{8B9E5934-2004-4F26-8659-CA92A249081F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6596E58A-B542-4E22-8F6C-621CA8BF90D0}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{4E2C41CB-ABEE-4BCC-BEFB-E37E0BD05677}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{4372B345-C34D-4144-8087-87A073C9720F}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{DCE93842-4E14-48EC-9A4E-158E2C65F76C}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{E7726FB9-5CBB-4D98-8EB6-DC5D2C95ABF7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{41E3B849-BE3C-4A2F-95A4-31008357A42B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{4638D6BC-6220-4315-B724-EBA32C34DCBA}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{37F2EDAE-A04A-468D-9F41-F05801D1F199}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{9FDD3FEB-BF48-4F61-B567-808F47B5299E}F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{25F258A0-70E4-496C-BD93-64C90F2A1FF6}F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{79C47EB1-F5FF-43BB-99C8-EE5A92D92A8B}] => (Block) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{C8A87A0D-F078-47A6-BE7C-09CFE3C9ACBB}] => (Block) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{34DB8EA6-39C6-4293-A6DD-3394690936C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CAT Interstellar\CatInterstellar.exe
FirewallRules: [{7B0F8704-9038-46D4-9840-FE476E95DCAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CAT Interstellar\CatInterstellar.exe
FirewallRules: [{0B2D2858-F126-4DAF-9994-694329E6A135}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{6A209B5C-54C4-439A-A922-B420C6413F2A}C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [UDP Query User{D6589156-1D9C-4EFE-A566-18E75CCF8144}C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [{A18D54C0-4BBB-46AC-AB10-953950B08486}] => (Block) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [{863BF3C4-02D7-413E-A315-FFF8EA4BA301}] => (Block) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [{1BB339C1-0399-498C-9466-132FC3EDBA27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{78F5A515-3587-425E-A364-477AFADD78F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{690D26D9-5B4F-415A-9460-F3A53190AFAC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE577C0-8539-438E-B01D-347D92D1F4A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{777CFCA8-9402-44ED-AD9E-6220FA9BFE9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{D6BB5570-6601-4022-8116-FCBA3FE23C2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{2299733E-CCDE-4F68-871E-F4F325D176F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{615654BD-4A41-4478-B3F3-2ED402312DE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{90D67AFE-8191-41F1-97A6-4F0466225E3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{3A93EF3C-D07F-4B7D-A680-79B00134E317}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{B2F00D2E-1F49-43D7-8161-2CDE98144BAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe

==================== Wiederherstellungspunkte =========================

06-04-2016 21:07:44 Installed Blender
09-04-2016 19:01:49 DestroyWindowsSpying 09.04.2016 19:01:49
13-04-2016 13:51:55 Windows Update
13-04-2016 13:52:02 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/13/2016 01:52:08 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer - Update "Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (04/13/2016 01:52:08 PM) (Source: MsiInstaller) (EventID: 11324) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer -- Fehler 1324. Der Pfad Referat Geo! enthält ein ungültiges Zeichen.

Error: (04/13/2016 01:52:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/13/2016 01:52:02 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer - Update "Security Update for Microsoft Office 2010 (KB3114553) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (04/13/2016 01:52:02 PM) (Source: MsiInstaller) (EventID: 11324) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer -- Fehler 1324. Der Pfad Referat Geo! enthält ein ungültiges Zeichen.

Error: (04/13/2016 01:51:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/13/2016 01:45:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_OneSyncSvc_6cf9a, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6dc
ID des fehlerhaften Prozesses: 0x2e64
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_OneSyncSvc_6cf9a0
Pfad der fehlerhaften Anwendung: svchost.exe_OneSyncSvc_6cf9a1
Pfad des fehlerhaften Moduls: svchost.exe_OneSyncSvc_6cf9a2
Berichtskennung: svchost.exe_OneSyncSvc_6cf9a3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_OneSyncSvc_6cf9a4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_OneSyncSvc_6cf9a5

Error: (04/12/2016 05:57:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer - Update "Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (04/12/2016 05:57:22 PM) (Source: MsiInstaller) (EventID: 11324) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer -- Fehler 1324. Der Pfad Referat Geo! enthält ein ungültiges Zeichen.

Error: (04/12/2016 05:57:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft PowerPoint Viewer - Update "Security Update for Microsoft Office 2010 (KB3114553) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


Systemfehler:
=============
Error: (04/13/2016 01:52:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Office 2010 (KB3114750) 32-Bit-Edition

Error: (04/13/2016 01:52:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB3114553) 32-Bit-Edition

Error: (04/13/2016 01:45:26 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Synchronisierungshost_6cf9a" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/13/2016 01:45:26 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenzugriff_6cf9a" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/13/2016 01:45:26 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Kontaktdaten_6cf9a" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/13/2016 01:45:26 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _6cf9a" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/13/2016 01:45:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_6cf9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/13/2016 01:45:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _6cf9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/13/2016 01:45:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_6cf9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/13/2016 01:45:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_6cf9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-04-13 17:17:21.545
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:21.448
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:21.370
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:21.290
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:21.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:21.114
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:21.025
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:20.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:20.817
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2016-04-13 17:17:20.680
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 32629.32 MB
Verfügbarer physikalischer RAM: 25592.49 MB
Summe virtueller Speicher: 34191.87 MB
Verfügbarer virtueller Speicher: 25296.84 MB

==================== Laufwerke ================================

Drive a: (Daten-Fotos) (Fixed) (Total:500 GB) (Free:350.91 GB) NTFS
Drive c: (Windoof) (Fixed) (Total:464.98 GB) (Free:50.93 GB) NTFS
Drive d: (Alles und so :D) (Fixed) (Total:1112.92 GB) (Free:729.83 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Steam+Bibliotheken) (Fixed) (Total:238.47 GB) (Free:35.99 GB) NTFS
Drive i: (WINXPUSB) (Removable) (Total:7.46 GB) (Free:1.87 GB) FAT32
Drive j: () (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT
Drive y: (Volume) (Fixed) (Total:3.05 GB) (Free:2.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 19897DCE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1112.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=250 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=500 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 19897DC6)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: C7407E94)
Partition 1: (Active) - (Size=344 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 00DEA5AE)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 15.04.2016, 08:53

1.) 20:52:32.0337 0x32a0 Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user

2.) 20:52:32.0338 0x32a0 RoccatKoneXTD ( UnsignedFile.Multi.Generic ) - skipped by user

3.) 20:52:32.0338 0x32a0 COLADA ( UnsignedFile.Multi.Generic ) - skipped by user

zu 1):

Code:

ATTFilter

20:50:40.0322 0x1930  [ F76F554811FA679DAB3DA33D3258021F, F9F518BECB16125C9F0FECB427B05E640860EDB61987824B2AD4677645E56A21 ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe

Sauber => https://www.virustotal.com/de/file/f...6a21/analysis/

zu 2):

Code:

ATTFilter

20:51:07.0264 0x1930  [ EB9596C3D95ED4BB59BE1F68CD40CC79, 328A953062FF94B91A1AC30013DC39ECE6EB79B7BC5542C01AA79B71AB440E19 ] C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE

Sauber => https://www.virustotal.com/de/file/3...0e19/analysis/

zu 3):

Code:

ATTFilter

20:51:14.0679 0x1930  [ 73973EC1548F70B877A5DFDF66684028, DEBF654B91DE250C24AF774C9649DFB0407F9D9187CB62328DDB2D9614A3A13A ] C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe

Sauber => https://www.virustotal.com/de/file/D...A13A/analysis/

moha · 15.04.2016, 12:35

Danke!

Bin fast davon ausgegangen, aber wollte nur die Bestätigung dazu haben.
Also sonst ist der Rechner sauber oder?

cosinus · 18.04.2016, 22:12

So, hier kommt nun der Fleckenmagnet

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

moha · 19.04.2016, 16:25

Also

ADW:

Code:

ATTFilter

# AdwCleaner v5.112 - Bericht erstellt am 19/04/2016 um 17:02:58
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-19.4 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Moha´s PC - MOHASPC
# Gestartet von : C:\Users\Moha´s PC\Desktop\AdwCleaner_5.112.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [881 Bytes] - [19/04/2016 17:02:58]
C:\AdwCleaner\AdwCleaner[R0].txt - [920 Bytes] - [31/03/2015 12:35:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [978 Bytes] - [31/03/2015 12:36:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [951 Bytes] - [19/04/2016 17:02:13]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1169 Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Pro x64 
Ran by Mohaïs PC (Administrator) on 19.04.2016 at 17:04:39,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5 

Successfully deleted: C:\Users\Mohaïs PC\AppData\Roaming\wyupdate au (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-1815034600-3101877025-2237350249-1000 (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-1815034600-3101877025-2237350249-1000.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.04.2016 at 17:06:16,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Frst:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Moha´s PC (Administrator) auf MOHASPC (19-04-2016 17:22:46)
Gestartet von C:\Users\Moha´s PC\Desktop
Geladene Profile: Moha´s PC (Verfügbare Profile: Moha´s PC & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2016-01-14] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2016-01-13] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [1129984 2014-11-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [COLADA] => C:\Program Files (x86)\TESORO Gaming\COLADA Gaming Keyboard\HID.exe [1753600 2014-04-25] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13894472 2016-02-03] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [Spotify Web Helper] => C:\Users\Moha´s PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-13] (Spotify Ltd)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [MediaFire Tray] => "C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\mf_watch.exe"
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-04-03] (Electronic Arts)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-06-26] (Apple Inc.)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\RunOnce: [Uninstall C:\Users\Moha�s PC\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\RunOnce: [Uninstall C:\Users\Moha�s PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => Keine Datei
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileSyncShell64.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_98d12.dll [2015-08-20] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncShell.dll [2016-03-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\G-Ignition Ver1.0.2.lnk [2015-02-28]
ShortcutTarget: G-Ignition Ver1.0.2.lnk -> C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe (EIZO Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\G-Ignition Ver2.0.0.lnk [2015-11-15]
ShortcutTarget: G-Ignition Ver2.0.0.lnk -> C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe (EIZO Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-03-20]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-09-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2014-11-14]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Borderless Gaming.lnk [2015-01-14]
ShortcutTarget: Borderless Gaming.lnk -> C:\Program Files (x86)\Borderless Gaming\BorderlessGaming.exe (Codeusa Software)
Startup: C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2015-10-11]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe ()
Startup: C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-11]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2ee03ea9-3074-49ae-8ba3-86a485ddb484}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2ee03ea9-3074-49ae-8ba3-86a485ddb484}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{512e878b-a7ad-48d7-8186-edbe6236cd34}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{74a60767-3d94-49bb-9d8e-1303b5fba16e}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-16] (Microsoft Corporation)
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-16] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-16] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Moha´s PC\AppData\Roaming\Mozilla\Firefox\Profiles\9p2yriq5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17
FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17 [2015-10-28]

Chrome: 
=======
CHR Profile: C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-25]
CHR Extension: (Google Docs) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-25]
CHR Extension: (Google Drive) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google-Suche) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Tabellen) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-25]
CHR Extension: (Google Docs Offline) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]
CHR Extension: (Google Mail) - C:\Users\Moha´s PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

Opera: 
=======
OPR Extension: (Ghostery) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2016-02-23]
OPR Extension: (uBlock Origin) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2016-04-09]
OPR Extension: (History Eraser) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-12-19]
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2015-12-21]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2016-03-11]
OPR Extension: (Magic Actions for YouTube™) - C:\Users\Moha´s PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2015-12-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11334288 2016-04-07] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (AOMEI Tech Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2014-11-13] (Creative Technology Ltd) [Datei ist nicht signiert]
S4 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2014-08-29] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-05] (Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-04-08] (EasyAntiCheat Ltd)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-11-05] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [402432 2015-07-07] (Rivet Networks) [Datei ist nicht signiert]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-03] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-12-20] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel(R) Corporation)
S2 CsrBtOBEX-Dienst; "C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe" [X]
S3 MediaFire Desktop Updater Service; C:\Program Files (x86)\MediaFire Desktop\bin\UpdaterLocalCOM.exe [X]
S2 MF NTFS Monitor; C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [Datei ist nicht signiert]
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-26] () [Datei ist nicht signiert]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-26] () [Datei ist nicht signiert]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-11-06] ()
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [114736 2015-07-07] (Rivet Networks, LLC.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-12-17] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-12-17] (Corsair)
S3 CsrBtPort; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1051392 2014-08-29] (Creative Technology Ltd)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
S3 etocdrv; C:\WINDOWS\etocdrv.sys [15584 2013-10-30] (Giga-Byte Technology CO., LTD.)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 G3GKB; C:\Windows\system32\drivers\G3GKB.sys [25600 2012-10-23] ( )
S3 GPCIDrv; C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
S3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [124464 2015-04-27] (Qualcomm Atheros, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-11-06] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] ()
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-15] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-10-18] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\MOHASP~1\AppData\Local\Temp\GPU-Z.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 17:06 - 2016-04-19 17:08 - 00000976 _____ C:\Users\Moha´s PC\Desktop\JRT.txt
2016-04-19 16:59 - 2016-04-19 16:58 - 01610352 _____ (Malwarebytes) C:\Users\Moha´s PC\Desktop\JRT.exe
2016-04-19 16:58 - 2016-04-19 16:58 - 03683904 _____ C:\Users\Moha´s PC\Desktop\AdwCleaner_5.112.exe
2016-04-19 12:38 - 2016-04-19 16:01 - 00001141 _____ C:\Users\Moha´s PC\Desktop\nativelog.txt
2016-04-19 12:35 - 2016-04-19 12:35 - 00000000 ___HD C:\OneDriveTemp
2016-04-17 16:21 - 2016-04-17 16:21 - 00000000 ___RD C:\Users\Moha´s PC\3D Objects
2016-04-16 22:41 - 2016-04-16 22:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-16 22:41 - 2016-04-16 22:41 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Sun
2016-04-16 22:41 - 2016-04-16 22:41 - 00000000 ____D C:\Users\Moha´s PC\.oracle_jre_usage
2016-04-16 22:41 - 2016-04-16 22:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-16 22:03 - 2016-04-19 17:22 - 00035968 _____ C:\Users\Moha´s PC\Desktop\Addition.txt
2016-04-16 22:03 - 2016-04-19 17:22 - 00033498 _____ C:\Users\Moha´s PC\Desktop\FRST.txt
2016-04-16 20:41 - 2016-04-16 20:41 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Victory
2016-04-15 20:26 - 2016-04-15 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 16:14 - 2016-04-15 16:14 - 00001190 _____ C:\Users\Public\Desktop\Borderless Gaming.lnk
2016-04-13 20:49 - 2016-04-13 20:53 - 00319834 _____ C:\TDSSKiller.3.1.0.9_13.04.2016_20.49.29_log.txt
2016-04-13 20:38 - 2016-04-19 17:22 - 00000000 ____D C:\FRST
2016-04-13 20:38 - 2016-04-13 20:38 - 02375168 _____ (Farbar) C:\Users\Moha´s PC\Desktop\FRST64.exe
2016-04-09 18:53 - 2016-04-19 17:02 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-04-09 18:35 - 2016-04-09 18:35 - 00000424 _____ C:\Users\Moha´s PC\AppData\Local\UserProducts.xml
2016-04-09 18:35 - 2016-04-09 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-04-09 18:35 - 2016-04-09 18:35 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2016-04-08 15:45 - 2016-04-08 15:41 - 00243984 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2016-04-08 15:40 - 2016-04-08 15:40 - 00000222 _____ C:\Users\Moha´s PC\Desktop\The Culling.url
2016-04-08 15:34 - 2016-04-16 20:41 - 00316152 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-04-07 21:46 - 2016-04-07 22:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-06 21:10 - 2016-04-06 21:10 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2016-04-05 19:31 - 2016-04-05 19:31 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\HandBrake Team
2016-04-05 19:30 - 2016-04-05 19:30 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-04-05 19:30 - 2016-04-05 19:30 - 00000000 ____D C:\Program Files\Handbrake
2016-04-05 18:49 - 2016-04-16 20:39 - 00000000 ___RD C:\Users\Moha´s PC\Dropbox
2016-04-05 18:49 - 2016-04-05 18:49 - 00001310 _____ C:\Users\Moha´s PC\Desktop\Dropbox.lnk
2016-04-05 18:48 - 2016-04-19 17:03 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-05 18:48 - 2016-04-19 16:53 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-05 18:48 - 2016-04-15 20:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-05 18:48 - 2016-04-15 13:31 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Dropbox
2016-04-05 18:48 - 2016-04-05 18:48 - 00004296 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-04-05 18:48 - 2016-04-05 18:48 - 00004064 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-04-05 18:48 - 2016-04-05 18:48 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Dropbox
2016-04-05 18:48 - 2016-04-05 18:48 - 00000000 ____D C:\ProgramData\Dropbox
2016-04-05 13:47 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-05 13:47 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-05 13:47 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-05 13:47 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-05 13:47 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-05 13:47 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-05 13:47 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-05 13:47 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-05 13:47 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-05 13:47 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-05 13:47 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-05 13:47 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-05 13:47 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-05 13:47 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-05 13:47 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-05 13:47 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-05 13:47 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-05 13:47 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-05 13:47 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-05 13:47 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-05 13:47 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-05 13:47 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-05 13:47 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-05 13:47 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-05 13:47 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-05 13:47 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-05 13:47 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-05 13:47 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-05 13:47 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-05 13:47 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-05 13:47 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-05 13:47 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-05 13:47 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-05 13:47 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-05 13:47 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-05 13:47 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-05 13:47 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-05 13:47 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-05 13:47 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-05 13:47 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-05 13:47 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-05 13:47 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-05 13:47 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-05 13:47 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-05 13:47 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-05 13:47 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-05 13:47 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-05 13:47 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-05 13:47 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-05 13:47 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-05 13:47 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-05 13:47 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-05 13:47 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-05 13:47 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-05 13:47 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-05 13:47 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-05 13:47 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-05 13:47 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-05 13:47 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-05 13:47 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-05 13:47 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-05 13:47 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-05 13:47 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-05 13:47 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-05 13:47 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-05 13:47 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-05 13:47 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-05 13:47 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-05 13:47 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-05 13:47 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-05 13:47 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-05 13:47 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-05 13:47 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-05 13:47 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-05 13:47 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-05 13:47 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-05 13:47 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-05 13:47 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-05 13:47 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-05 13:47 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-05 13:47 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-05 13:47 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-05 13:47 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-05 13:47 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-05 13:47 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-05 13:47 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-05 13:47 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-05 13:47 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-05 13:47 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-05 13:47 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-05 13:47 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-05 13:47 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-05 13:47 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-05 13:46 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-05 13:46 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-05 13:46 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-05 13:46 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-05 13:46 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-05 13:46 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-05 13:46 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-05 13:46 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-05 13:46 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-05 13:46 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-05 13:46 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-05 13:46 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-05 13:46 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-05 13:46 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-05 13:46 - 2016-02-24 09:23 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-05 13:46 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-05 13:46 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-05 13:46 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-05 13:46 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-05 13:46 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-05 13:46 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-05 13:46 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-05 13:46 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-05 13:46 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-05 13:46 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-05 13:46 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-05 13:46 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-05 13:46 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-05 13:46 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-05 13:46 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-05 13:46 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-05 13:46 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-05 13:46 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-05 13:46 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-05 13:46 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-05 13:46 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-05 13:46 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-05 13:46 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-05 13:46 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-05 13:46 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-05 13:46 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-05 13:46 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-05 13:46 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-05 13:46 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-05 13:46 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-05 13:46 - 2016-02-24 08:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-05 13:46 - 2016-02-24 08:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-05 13:46 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-05 13:46 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-05 13:46 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-05 13:46 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-05 13:46 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-05 13:46 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-05 13:46 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-05 13:46 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-05 13:46 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-05 13:46 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-05 13:46 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-05 13:46 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-05 13:46 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-03 18:20 - 2016-04-13 17:06 - 00000000 ____D C:\Textures Backup
2016-04-03 18:20 - 2016-04-03 18:20 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\WinRAR
2016-04-03 14:19 - 2016-02-23 13:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-03 14:19 - 2016-02-23 13:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-03 14:19 - 2016-02-23 13:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-03 14:19 - 2016-02-23 13:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-03 14:19 - 2016-02-23 13:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-03 14:19 - 2016-02-23 13:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-03 14:19 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-03 14:19 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-03 14:19 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-03 14:19 - 2016-02-23 13:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-03 14:19 - 2016-02-23 12:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-03 14:19 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-03 14:19 - 2016-02-23 12:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-03 14:19 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-03 14:19 - 2016-02-23 12:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-03 14:19 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-03 14:19 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-03 14:19 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-03 14:19 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-03 14:19 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-03 14:19 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-03 14:19 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-03 14:19 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-03 14:19 - 2016-02-23 11:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-03 14:19 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-03 14:19 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-03 14:19 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-03 14:19 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-03 14:19 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-03 14:19 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-03 14:19 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-03 14:19 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-03 14:19 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-03 14:19 - 2016-02-23 11:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-03 14:19 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-03 14:19 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-03 14:19 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-03 14:19 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-03 14:19 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-03 14:19 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-03 14:19 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-03 14:19 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-03 14:19 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-03 14:19 - 2016-02-23 10:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-03 14:19 - 2016-02-23 10:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-03 14:19 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-03 14:19 - 2016-02-23 10:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-03 14:19 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-03 14:19 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-03 14:19 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-03 14:19 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-03 14:19 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-03 14:19 - 2016-02-23 10:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-03 14:19 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-03 14:19 - 2016-02-23 10:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-03 14:19 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-03 14:19 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-03 14:19 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-03 14:19 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-03 14:19 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-03 14:19 - 2016-02-23 10:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-03 14:19 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-03 14:19 - 2016-02-23 10:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-03 14:19 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-03 14:19 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-03 14:19 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-03 14:19 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-03 14:19 - 2016-02-23 10:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-03 14:19 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-03 14:19 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-03 14:19 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-03 14:19 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-03 14:19 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-03 14:19 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-03 14:19 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 10:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-03 14:19 - 2016-02-23 10:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-03 14:19 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-03 14:19 - 2016-02-23 10:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-03 14:19 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-03 14:19 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-03 14:19 - 2016-02-23 10:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-03 14:19 - 2016-02-23 10:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-03 14:19 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-03 14:19 - 2016-02-23 10:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-03 14:19 - 2016-02-23 10:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-03 14:19 - 2016-02-23 10:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-03 14:19 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-03 14:19 - 2016-02-23 10:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-03 14:19 - 2016-02-23 10:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-03 14:19 - 2016-02-23 10:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-03 14:19 - 2016-02-23 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-03 14:19 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-03 14:19 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-03 14:19 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-03 14:19 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-03 14:19 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-03 14:19 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-03 14:19 - 2016-02-23 10:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-03 14:19 - 2016-02-23 09:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-03 14:19 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-03 14:19 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-03 14:19 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-03 14:19 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-03 14:19 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-03 14:19 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-03 14:19 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-03 14:19 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-03 14:19 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-03 14:19 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-03 14:19 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-03 14:19 - 2016-02-23 09:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-03 14:19 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-03 14:19 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-03 14:19 - 2016-02-23 09:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-03 14:19 - 2016-02-23 09:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-03 14:19 - 2016-02-23 09:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-03 14:19 - 2016-02-23 09:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-03 14:19 - 2016-02-23 09:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-03 14:19 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-03 14:19 - 2016-02-23 09:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-03 14:19 - 2016-02-23 09:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-03 14:19 - 2016-02-23 09:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-03 14:19 - 2016-02-23 09:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-03 14:19 - 2016-02-23 09:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-03 14:19 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-03 14:19 - 2016-02-23 09:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-03 14:19 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-03 14:19 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-03 14:19 - 2016-02-23 08:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-03 14:19 - 2016-02-23 08:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-03 14:19 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-03 14:19 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-03 14:19 - 2016-02-23 08:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-03 14:19 - 2016-02-23 08:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-03 14:19 - 2016-02-23 08:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-03 14:19 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-03 14:19 - 2016-02-23 08:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-03 14:19 - 2016-02-23 08:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-03 14:19 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-03 14:19 - 2016-02-23 08:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-03 14:19 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-03 14:19 - 2016-02-23 08:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-03 14:19 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-03 14:19 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-03 14:19 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-03 14:19 - 2016-02-23 08:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-03 14:19 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-03 14:19 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-03 14:19 - 2016-02-09 06:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-03 14:19 - 2016-02-09 06:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-03 14:19 - 2016-02-09 05:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-03 14:19 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-03 14:19 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-03 14:19 - 2016-02-09 05:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-03 14:19 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-03 14:19 - 2016-02-09 05:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-25 22:26 - 2016-03-25 22:26 - 00001182 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-24 19:41 - 2016-03-24 19:50 - 00000000 ____D C:\TESVEDIT
2016-03-24 19:11 - 2016-03-24 19:11 - 00000222 _____ C:\Users\Moha´s PC\Desktop\CAT Interstellar.url
2016-03-24 00:26 - 2016-03-24 01:26 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\PersBackup5
2016-03-24 00:26 - 2016-03-24 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Backup
2016-03-24 00:26 - 2016-03-24 00:26 - 00000000 ____D C:\Program Files\Personal Backup 5
2016-03-24 00:15 - 2016-03-24 00:15 - 00001141 _____ C:\Users\Public\Desktop\AOMEI Backupper Standard.lnk
2016-03-24 00:15 - 2016-03-24 00:15 - 00001024 ____H C:\SYSTAG.BIN
2016-03-24 00:15 - 2016-03-24 00:15 - 00000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2016-03-24 00:15 - 2016-03-24 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2016-03-24 00:15 - 2016-03-24 00:15 - 00000000 ____D C:\ProgramData\AomeiBR
2016-03-24 00:15 - 2016-03-24 00:15 - 00000000 ____D C:\Program Files (x86)\AOMEI Backupper
2016-03-24 00:15 - 2015-02-26 01:00 - 00151480 _____ C:\WINDOWS\system32\ammntdrv.sys
2016-03-24 00:15 - 2015-02-26 01:00 - 00030648 _____ C:\WINDOWS\system32\ambakdrv.sys
2016-03-24 00:15 - 2015-02-26 01:00 - 00017848 _____ C:\WINDOWS\system32\amwrtdrv.sys
2016-03-23 22:09 - 2016-03-23 22:11 - 00002613 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-03-23 22:09 - 2016-03-23 22:11 - 00002601 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-03-23 22:09 - 2016-03-23 22:10 - 00000000 ____D C:\ProgramData\Epic
2016-03-23 22:09 - 2016-03-23 22:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\EpicGamesLauncher
2016-03-23 22:09 - 2016-03-23 22:09 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-03-23 11:58 - 2016-03-23 11:58 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\Program Files\iPod
2016-03-23 11:58 - 2016-03-23 11:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-23 11:57 - 2016-03-23 11:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-03-23 11:57 - 2016-03-23 11:57 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\licensecb
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\CrazyBump
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazybump
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\ProgramData\licensecb
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\ProgramData\CrazyBump
2016-03-22 14:56 - 2016-03-22 14:56 - 00000000 ____D C:\Program Files (x86)\Crazybump
2016-03-22 13:09 - 2016-03-22 13:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Corsair
2016-03-22 13:09 - 2016-03-22 13:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Corsair
2016-03-22 13:08 - 2016-03-22 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-03-22 13:07 - 2016-03-22 13:07 - 00000000 ____D C:\Program Files (x86)\Corsair
2016-03-21 01:25 - 2016-04-13 13:49 - 00009730 _____ C:\Users\Moha�s
2016-03-20 02:19 - 2016-03-20 02:19 - 00000000 ____D C:\ProgramData\Emsisoft
2016-03-20 02:14 - 2016-04-19 17:03 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-03-20 02:14 - 2016-03-20 02:14 - 00000944 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-03-20 02:14 - 2016-03-20 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 17:09 - 2015-12-06 12:32 - 01922188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-19 17:09 - 2015-10-30 20:35 - 00891730 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-19 17:09 - 2015-10-30 20:35 - 00198838 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-19 17:09 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-19 17:04 - 2016-03-05 20:22 - 00000000 ___RD C:\Users\Moha´s PC\iCloudDrive
2016-04-19 17:04 - 2016-01-02 23:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-19 17:04 - 2016-01-02 15:46 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\CrashDumps
2016-04-19 17:04 - 2015-10-13 11:20 - 00000000 ____D C:\ProgramData\Origin
2016-04-19 17:04 - 2015-10-11 14:30 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\FAHClient
2016-04-19 17:04 - 2014-11-06 20:31 - 00000000 ___RD C:\Users\Moha´s PC\OneDrive
2016-04-19 17:04 - 2014-11-02 12:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-19 17:03 - 2015-12-06 12:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-19 17:03 - 2015-12-06 12:32 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-19 17:03 - 2015-12-06 12:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-19 17:03 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-19 17:03 - 2014-11-01 18:11 - 00000000 __SHD C:\Users\Moha´s PC\IntelGraphicsProfiles
2016-04-19 17:03 - 2014-11-01 17:34 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 17:02 - 2015-03-31 12:33 - 00000000 ____D C:\AdwCleaner
2016-04-19 16:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-19 16:26 - 2014-11-01 17:34 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 16:01 - 2015-02-22 12:57 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\.minecraft
2016-04-19 13:23 - 2015-12-25 18:18 - 00000080 _____ C:\Users\Moha´s PC\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-04-19 13:23 - 2015-12-25 18:18 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-04-19 13:23 - 2015-12-25 18:17 - 00000000 ____D C:\Program Files\Rockstar Games
2016-04-19 13:01 - 2015-12-06 12:32 - 00000000 ____D C:\Users\DefaultAppPool
2016-04-19 12:47 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-19 12:46 - 2014-11-06 20:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-19 12:38 - 2015-10-31 21:47 - 00000219 _____ C:\Users\Moha´s PC\Desktop\Counter-Strike Global Offensive.url
2016-04-18 21:10 - 2016-01-30 14:54 - 00003134 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-04-18 15:33 - 2014-12-24 18:19 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\DVDVideoSoft
2016-04-18 15:30 - 2016-01-22 17:54 - 00000000 ____D C:\Users\Moha´s PC\Desktop\Blender
2016-04-18 14:57 - 2016-02-17 23:04 - 00000000 ____D C:\tmp
2016-04-17 16:21 - 2015-12-06 12:32 - 00000000 ____D C:\Users\Moha´s PC
2016-04-17 15:57 - 2014-11-14 21:48 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\vlc
2016-04-17 13:39 - 2015-09-01 18:13 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Packages
2016-04-17 00:59 - 2014-11-09 14:40 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Skype
2016-04-17 00:51 - 2015-12-09 19:04 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-16 22:47 - 2015-11-01 11:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-16 22:44 - 2015-03-22 21:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 22:41 - 2014-11-01 18:09 - 00000000 ____D C:\ProgramData\Oracle
2016-04-16 22:41 - 2014-11-01 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-16 22:40 - 2014-11-01 18:09 - 00000000 ____D C:\Program Files\Java
2016-04-16 22:38 - 2015-03-07 12:33 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Notepad++
2016-04-16 20:59 - 2014-11-01 21:18 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-04-16 20:41 - 2014-11-08 17:52 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\LogMeIn Hamachi
2016-04-16 20:37 - 2014-11-19 14:33 - 00000000 ____D C:\Users\Moha´s PC\AppData\LocalLow\Temp
2016-04-15 16:14 - 2015-01-11 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderless Gaming
2016-04-15 16:14 - 2015-01-11 12:00 - 00000000 ____D C:\Program Files (x86)\Borderless Gaming
2016-04-15 15:59 - 2015-01-31 22:02 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-04-14 16:04 - 2014-11-01 17:34 - 00003984 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1414856039
2016-04-14 16:04 - 2014-11-01 17:34 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-14 16:04 - 2014-11-01 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-14 01:45 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-13 19:51 - 2015-06-04 15:06 - 00000000 ____D C:\Program Files (x86)\Mod Organizer
2016-04-12 18:27 - 2014-11-01 17:34 - 00002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-09 23:16 - 2014-11-16 10:54 - 00007593 _____ C:\Users\Moha´s PC\AppData\Local\Resmon.ResmonCfg
2016-04-09 19:34 - 2015-01-18 12:25 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Spotify
2016-04-09 19:34 - 2015-01-18 12:25 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Spotify
2016-04-09 18:17 - 2015-11-28 23:10 - 00000000 ____D C:\Users\Moha´s PC\Desktop\PC
2016-04-09 18:17 - 2015-11-28 23:01 - 00000000 ___RD C:\Users\Moha´s PC\Desktop\Programme
2016-04-09 18:14 - 2015-06-11 13:30 - 00000000 ____D C:\Users\Moha´s PC\.gimp-2.8
2016-04-08 20:04 - 2015-12-09 19:04 - 00004028 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-08 19:04 - 2016-01-02 23:06 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-08 15:40 - 2014-11-02 13:06 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-07 21:45 - 2015-03-22 21:47 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-07 16:47 - 2015-06-11 13:09 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\UnrealEngine
2016-04-07 16:46 - 2014-11-01 17:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-06 15:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-06 14:04 - 2015-12-06 12:30 - 00276392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-05 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-05 19:32 - 2014-12-24 18:22 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\HandBrake
2016-04-05 18:46 - 2015-05-01 16:41 - 00000000 ____D C:\Users\Moha´s PC\AppData\Roaming\uTorrent
2016-04-05 15:23 - 2014-11-01 17:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-05 15:21 - 2014-11-01 17:58 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-05 14:00 - 2015-03-19 21:56 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-04-05 13:59 - 2015-03-19 21:55 - 00000000 ____D C:\Program Files\paint.net
2016-04-04 14:50 - 2015-09-01 18:13 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-04 14:50 - 2015-02-08 16:02 - 00000000 ___RD C:\Users\Moha´s PC\Virtual Machines
2016-04-03 21:04 - 2015-10-30 20:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-03 21:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-03 21:04 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-03 21:04 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-03 19:02 - 2014-11-09 16:13 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\ElevatedDiagnostics
2016-04-03 14:02 - 2015-10-13 11:20 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-03 14:01 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-03 14:01 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-25 22:26 - 2015-03-22 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-25 22:26 - 2015-03-22 21:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-24 19:32 - 2015-04-26 19:41 - 00000000 ____D C:\Program Files (x86)\LOOT
2016-03-24 15:38 - 2014-11-01 18:01 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\Adobe
2016-03-23 22:28 - 2015-09-25 18:26 - 00000000 ____D C:\Users\Moha´s PC\AppData\Local\UnrealTournament
2016-03-23 11:58 - 2014-11-09 14:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-23 11:57 - 2014-11-09 14:40 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-23 11:39 - 2015-12-19 23:58 - 00029184 ___SH C:\Users\Moha´s PC\Desktop\Thumbs.db
2016-03-21 01:26 - 2015-10-28 14:48 - 00000000 ____D C:\Users\Moha´s PC\AppData\LocalLow\uTorrent
2016-03-20 02:23 - 2016-01-02 23:05 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-20 02:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-20 02:21 - 2016-01-12 17:54 - 00000000 ____D C:\ProgramData\Sophos

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-01 19:05 - 2015-09-19 09:08 - 0000000 _____ () C:\Users\Moha´s PC\AppData\Local\Driver_LOM_8161Present.flag
2015-02-19 14:39 - 2016-01-22 18:38 - 2128896 _____ () C:\Users\Moha´s PC\AppData\Local\file__0.localstorage
2016-03-05 20:15 - 2016-03-05 20:15 - 0010270 _____ () C:\Users\Moha´s PC\AppData\Local\recently-used.xbel
2014-11-16 10:54 - 2016-04-09 23:16 - 0007593 _____ () C:\Users\Moha´s PC\AppData\Local\Resmon.ResmonCfg
2016-04-09 18:35 - 2016-04-09 18:35 - 0000003 _____ () C:\Users\Moha´s PC\AppData\Local\updater.log
2016-04-09 18:35 - 2016-04-09 18:35 - 0000424 _____ () C:\Users\Moha´s PC\AppData\Local\UserProducts.xml

Einige Dateien in TEMP:
====================
C:\Users\Moha´s PC\AppData\Local\Temp\libeay32.dll
C:\Users\Moha´s PC\AppData\Local\Temp\msvcr120.dll
C:\Users\Moha´s PC\AppData\Local\Temp\npp.6.9.1.Installer.exe
C:\Users\Moha´s PC\AppData\Local\Temp\sqlite3.dll
C:\Users\Moha´s PC\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-15 14:52

==================== Ende von FRST.txt ============================

moha · 19.04.2016, 16:26

Addition:
Emsi ist aus weil die Testphase ausgelaufen ist.

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Moha´s PC (2016-04-19 17:23:02)
Gestartet von C:\Users\Moha´s PC\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-06 10:37:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1815034600-3101877025-2237350249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1815034600-3101877025-2237350249-503 - Limited - Disabled)
Gast (S-1-5-21-1815034600-3101877025-2237350249-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1815034600-3101877025-2237350249-1002 - Limited - Enabled)
Moha´s PC (S-1-5-21-1815034600-3101877025-2237350249-1000 - Administrator - Enabled) => C:\Users\Moha´s PC
SophosSAUMOHASPC0 (S-1-5-21-1815034600-3101877025-2237350249-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
4K Video Downloader 3.8 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.8.1.1870 - Open Media LLC)
7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AlienFX for KoneXTD (Version: 1.02 - Roccat GmbH) Hidden
Amazon Cloud Drive (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Amazon Cloud Drive) (Version: 3.2.1.29 - Amazon.com, Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.0 - Arduino LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version:   - ASUSTeK Computer Inc.)
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.00.14 - ASUSTeK Computer Inc.)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.2 - Codeusa Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CAT Interstellar (HKLM\...\Steam App 384740) (Version:  - Ionized Games)
Catzilla 1.3 (HKLM\...\{41EE0CB2-75DE-4FE0-AEB2-4CBC30624FA6}_is1) (Version: 1.3 - ALLPlayer Group Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
COLADA Gaming-Tastatur (HKLM-x32\...\{A23DDF8C-EF6D-4C3C-B66A-A05EDB904832}}_is1) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corsair Utility Engine (HKLM-x32\...\{68AA0FFC-4EAC-4C7D-8859-2DF65A566A01}) (Version: 1.15.36 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMG Extractor (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\DMG Extractor) (Version: 1.3.15.0 - Reincubate Ltd)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.1.0.0 - pXc-coding.com)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.35.1 - Dropbox, Inc.) Hidden
EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Epic Games Launcher (HKLM-x32\...\{4620A9CA-A0D7-4F15-BA89-4545B5372345}) (Version: 1.1.60.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Download Manager 3.9.6 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free DVD Video Converter version 2.0.24.1215 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.24.1215 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.58.415 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.9.1029 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.415 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.415 - DVDVideoSoft Ltd.)
Full Combat Rebalance v1.6a (HKLM-x32\...\Full Combat Rebalance_is1) (Version: 1.6a - Andrzej Kwiatkowski)
Futuremark SystemInfo (HKLM-x32\...\{70690D9E-3D00-47D6-9CE9-BC3B6F900447}) (Version: 4.41.563.0 - Futuremark)
Geeks3D FurMark 1.14.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.78.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.78.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
G-Ignition (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 2.0.0.1 - EIZO Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gothic 3 Forsaken Gods Enhanced Edition (HKLM-x32\...\Steam App 65600) (Version:  - Trine Studios)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.2 - goldensoft.org)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HWiNFO64 Version 4.50 (HKLM\...\HWiNFO64_is1) (Version: 4.50 - Martin Malík - REALiX)
iBackupBot 5.3.3 (HKLM-x32\...\iBackupBot) (Version: 5.3.3 - VOWSoft, Ltd.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Icons8 App (HKLM-x32\...\{195AC760-D5CE-47B9-99EE-E144CD7BF94A}_is1) (Version: 5.0 - Icons8)
IdleMaster (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.1.25 - Intel Corporation) Hidden
Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
KeePass Password Safe 1.30 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
Killer Bandwidth Control Filter Driver (Version: 1.1.54.1334 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.54.1334 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.54.1334 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{7335EB04-8B27-4CA9-AF83-A3851E894770}) (Version: 1.1.54.1334 - Qualcomm Atheros)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Monitor Calibration Wizard 1.0 (HKLM-x32\...\Monitor Calibration Wizard) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.7 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
Oracle VM VirtualBox 5.0.8 (HKLM\...\{C1B8ECDB-4DB0-47ED-B9CE-61638F876B0F}) (Version: 5.0.8 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1046.0 - Passmark Software)
Personal Backup 5.7.4.1 (HKLM\...\Personal Backup 5_is1) (Version: 5.7.4.1 - Dr. J. Rathlev)
PhonerLite 2.35 (HKLM-x32\...\PhonerLite_is1) (Version: 2.35 - Heiko Sommerfeldt)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise And Fall (remove only) (HKLM-x32\...\Rise And Fall) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version:  - Crystal Dynamics)
Rise of the White Wolf (HKLM-x32\...\Rise of the White Wolf 2.0) (Version: 2.0 - CD Projekt RED)
Rise of the White Wolf (x32 Version: 2.0 - CD Projekt RED) Hidden
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0011 - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.5 - Samsung Electronics)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{35F6AC62-F1A7-4BE2-A8AF-C909AC0B824D}) (Version: 1.03.11 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.2252 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storage Executive (HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\Storage Executive 3.15.112014.06) (Version: 3.15.112014.06 - Crucial)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TP-LINK PLC Utility (HKLM-x32\...\{4949B8DA-850B-485B-A32C-C4B3416A9D59}) (Version: 2.0.2077 - TP-LINK)
TreeSize Free V3.4.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.3 - JAM Software)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM\...\{49CDE7BF-ED37-4753-A02D-AE23F8CD9FF7}) (Version: 12.0.1 - VMware, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winmail Opener 1.4 (HKLM-x32\...\Winmail Opener) (Version: 1.4 - Eolsoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1815034600-3101877025-2237350249-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Moha´s PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1815034600-3101877025-2237350249-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08560E4D-948E-48A1-A7D7-36BF6B5F2636} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {1279AED0-0176-4CD2-BB52-E30EAEFB05C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {12A75842-E07F-4E9E-9DB3-30F0ED870295} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {13971DFD-37BB-4823-A559-069CF493F33C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-05] (Dropbox, Inc.)
Task: {157EE0FE-C731-45CC-8880-1FC326D8D557} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {166A27EC-3C4A-40E6-A839-3FA763013E43} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {17F984DA-1B48-4E93-90F0-EFF2FF1B4CC9} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-01-07] (Samsung Electronics.)
Task: {1E6E2A22-74A6-4B68-A699-AE78D5AFED1D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {25C56F17-D609-464B-B3A0-34D2BBAFDE50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {32188788-E98B-49F5-9AAB-B3A5EC02CB46} - System32\Tasks\{FAA5F100-8C80-4847-BB4F-E6DAE08EF678} => pcalua.exe -a "C:\Users\Moha´s PC\Downloads\AppCenter\Install_APC.exe" -d "C:\Users\Moha´s PC\Downloads\AppCenter"
Task: {32292FD4-CC53-4FDB-ACCE-F021808371DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {367AECDA-0C20-46DA-843E-F7595A65562C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {38D7C4AE-4F28-4300-8746-4C1F7DAD090A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {3CA8D205-DDAB-4295-98CD-BE84BCF4AD2D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {4375A762-58F0-4B8B-B1EA-ADFD10C12149} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {49B158EB-4FE8-4351-A23D-ED16DF56B81A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {58E37856-C62E-47F5-B865-B92C8010A1FB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {590171B7-8590-49C5-BF4A-332B1F693E79} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {5AA5D54B-7D53-4BA6-A359-B7F8064FBE52} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {5B0E7031-7FB4-4BA0-BD19-9F78469591F6} - System32\Tasks\{0A9C3E1C-CBD3-4BD6-ABF3-BD38D7DD1FCF} => pcalua.exe -a D:\Downloads\VirtualBox-4.3.20-96997-Win.exe -d D:\Downloads
Task: {5D7124F7-8BAB-4996-B156-D93D2D55B428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6F9DC75A-5427-4814-AE50-DE3238BE3E53} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-05] (Dropbox, Inc.)
Task: {7F25F6DC-A236-432E-A73E-6AD356F4D7A4} - System32\Tasks\{C3F97B67-1340-4B37-A23B-88B77835C6A3} => pcalua.exe -a "E:\Data Migration Software\Samsung_Data_Migration_Setup_v.2.7.exe" -d "E:\Data Migration Software"
Task: {812D7921-8419-4A01-9A16-43CDDF57D01A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {86A05895-CEBF-402F-8AFA-0C7A7133FE29} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {8C029721-BBBE-498E-A9CD-C20F6743A3AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8C725F8B-CA01-45D1-AF73-400DCDC0B261} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {93AF16F4-ACC0-4528-A461-F3CC692A4E59} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {95928923-B32C-4AF9-A095-1AF8692984C0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {97CAEE48-6C46-4491-9BB9-0269DE266356} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-07] ()
Task: {992B8116-BBE5-434B-8974-2C91C1245F2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9BC4C803-8A2D-4239-BC4D-8874813E8656} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A8040DF4-63BB-49BB-AD28-6D9CC4987726} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A94E8641-1ABA-46B6-B1E5-2439DD1DD36E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {AEC5EF89-D556-4578-BBF2-7E02004B0F79} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BEBA55CC-A98F-4B41-B34D-6903351637F0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {CD9E0646-8A5E-4C32-A248-B07725C407FB} - System32\Tasks\Opera scheduled Autoupdate 1414856039 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {CDA3B472-8114-4FD5-8A2C-44D9F9C3683A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {D3C6311B-9560-472D-9A0F-67DE399B5E50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D492005B-8C87-4CF3-A443-A131E2A034D2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DAA3F5D0-0DA3-4349-9FAC-01507E59C173} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E388DB8C-3046-421E-883F-0CA78B61453A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E569A23C-C550-4668-8655-F82F244D1BA1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E63D120B-7D1C-49C3-A8CE-59D8A0B7E55C} - System32\Tasks\{C2CC31AE-6565-4B13-BD66-A2F820D091A3} => pcalua.exe -a D:\Downloads\Arena106.exe -d D:\Downloads
Task: {E89EE70B-9F0F-4FCB-A748-CD5C4F2EA7EF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E8E81B6F-7920-468A-B624-EDD2EEC8C51B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {EDD204CD-C38D-4964-89E4-6CABD7711BDD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F8817239-71CB-490D-97A2-8F5053B9B269} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {FD65C175-17CC-4354-A19B-0D913B58FA4F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {FD9B5CF5-468B-4305-9E80-E86FA383D09C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-06 20:12 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-12-20 18:45 - 2015-12-20 18:45 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-02-24 19:51 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-17 15:29 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-24 19:51 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-03 14:19 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-03 14:19 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2015-11-14 11:24 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Moha´s PC\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2015-12-06 12:33 - 2015-12-06 12:33 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2016-03-28 20:07 - 2016-03-28 20:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-11-16 18:55 - 2015-11-16 18:55 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-14 17:09 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-03 14:19 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-14 17:26 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-14 17:26 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-24 14:49 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-24 14:49 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-19 15:22 - 2016-02-19 15:22 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-24 00:15 - 2015-09-15 18:56 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2016-03-24 00:15 - 2015-02-26 01:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2016-03-24 00:15 - 2015-09-15 18:56 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-19 15:22 - 2016-02-19 15:22 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-19 15:22 - 2016-02-19 15:22 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-17 15:29 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-14 16:04 - 2016-04-14 16:04 - 63830568 _____ () C:\Program Files (x86)\Opera\36.0.2130.65\opera.dll
2016-04-14 16:04 - 2016-04-14 16:03 - 02134568 _____ () C:\Program Files (x86)\Opera\36.0.2130.65\libglesv2.dll
2016-04-14 16:04 - 2016-04-14 16:03 - 00082472 _____ () C:\Program Files (x86)\Opera\36.0.2130.65\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Mount:$WIMMOUNTDATA [818]
AlternateDataStreams: C:\Users\Moha´s PC\MediaFire:mf_x [92]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-09-14 11:28 - 00002214 ___RA C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	choice.microsoft.com
127.0.0.1	choice.microsoft.com.nstac.net
127.0.0.1	df.telemetry.microsoft.com
127.0.0.1	oca.telemetry.microsoft.com
127.0.0.1	oca.telemetry.microsoft.com.nsatc.net
127.0.0.1	redir.metaservices.microsoft.com
127.0.0.1	reports.wes.df.telemetry.microsoft.com
127.0.0.1	services.wes.df.telemetry.microsoft.com
127.0.0.1	settings-sandbox.data.microsoft.com
127.0.0.1	settings-win.data.microsoft.com
127.0.0.1	sqm.df.telemetry.microsoft.com
127.0.0.1	sqm.telemetry.microsoft.com
127.0.0.1	sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1	telecommand.telemetry.microsoft.com
127.0.0.1	telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1	telemetry.appex.bing.net
127.0.0.1	telemetry.microsoft.com
127.0.0.1	telemetry.urs.microsoft.com
127.0.0.1	vortex-sandbox.data.microsoft.com
127.0.0.1	vortex-win.data.microsoft.com
127.0.0.1	vortex.data.microsoft.com
127.0.0.1	watson.telemetry.microsoft.com
127.0.0.1	watson.telemetry.microsoft.com.nsatc.net
127.0.0.1	watson.ppe.telemetry.microsoft.com
127.0.0.1	wes.df.telemetry.microsoft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\Control Panel\Desktop\\Wallpaper -> F:\Bilder\waterfall_rocks_sky_trees_hdr_96337_3840x2400.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CTAudSvcService => 2
MSCONFIG\Services: CtHdaSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: XTU3SERVICE => 2
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1815034600-3101877025-2237350249-1000\...\StartupApproved\StartupFolder: => "Borderless Gaming.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{5C0D9AFE-0A3C-4BC1-981E-959832299339}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{0B2BBFF9-0671-4567-86C5-C6FE8C301F73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{4AF515CB-3639-465A-B3C5-0F80EBDAA2FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{FFA92373-2512-4BD2-94C9-BEE5B1D2D956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{A936189A-6782-4D88-AC0A-6D77A114325B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{A3497AC8-9C31-471A-82D6-7307E315F4C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [UDP Query User{E67F0CBF-2C69-44AC-A0A6-275E78F2D58A}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{F82B6541-C6DC-4D1C-A917-FF392FD54F00}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{DC709419-F4B6-41AF-BD45-CFADE52B86AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{ABFE42A8-3FFF-45FA-B406-64EA0B184D5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{B13DCEFD-112B-4088-A7CE-4C6CA8F1C931}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{65E318B7-23C3-4003-9D5B-9EA13B56DFA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{89082CF5-4C70-4BAF-B954-3857E5C97412}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{DEC9BB7C-4364-43DE-AA3B-FAACD0C263BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{34BBE052-F974-490B-B3D6-8B2F2AE873FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{420B36A9-2D60-45D6-AE65-C5A9168FCE5A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{114FEA5C-2D1B-4F57-B4D2-E70D0EAD3BF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{19E78A8F-DEE3-4A88-B151-091EC2EA7F1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{43D82A8C-1168-4805-B765-4628CE62CC4B}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{ED227F53-A5CF-4C8C-84AE-EE5FB6A5D8CD}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F0C5D584-7350-48E2-B1DF-51FEE9DED790}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{E0111228-BEAA-4729-9B73-1F5619D91C32}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [UDP Query User{A6D82CF7-2FF8-4030-86CF-148E4059105B}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{63C0FCD7-7637-4AE2-AEA8-0D3DD1B8A2B0}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{B60F2573-B9CE-43E7-861F-63B434AD2BCA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{BC78E9F2-F3DB-42E0-9626-BF9462CC7CE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{3E375C85-9387-41CF-92D7-DA72EFF29E7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{97E2DDC4-A6E5-45A0-92CA-F92E7835F626}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{19B93699-48CA-4567-ACCF-0BA02FFAD65A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C4CCC004-B1B2-4ECB-BAB4-C82DE0C6789B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E171D7A8-8E9F-4B43-82D1-E724E12F7AC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DDFEFD57-3EF3-4FCA-9208-6CDC02E4E7BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{0A315B6A-11CA-49E6-BD3F-7AE28413DE0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{76F4CAF8-385A-4B10-92A6-56F3D3550CC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AC4C68BE-69AD-4035-9CB8-5F1F097129D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{77267DA2-3969-4509-BA6B-03B97204DC7C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [TCP Query User{E28F30A1-62A9-4EC0-8C1B-6AA3AC780E73}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe
FirewallRules: [UDP Query User{7E91C2E4-3D91-4B92-852D-07422551BC63}F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{D9408513-C70F-4387-9827-296198366EB9}F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) F:\downloads\elemental_demo_dx12 (1)\elemental demo dx12\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{B476D7EB-BD49-4C9F-989C-45A85E7E10A9}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{C59252A0-A5C4-4AD6-803F-89C7357692C4}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [{D624B61B-04E8-46C6-8038-4005CA7490AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ECFCC03E-C619-4B7E-9BC0-ADDAC94672F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{886C13F1-0D50-4B13-B02F-CF9C9FE66DFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{456DFA46-7E87-47D6-B575-940EBB4ED3FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{EC9EBA63-1180-4623-A1C6-66843C337653}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{41340D85-D708-4898-8A92-FCCD532318C9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{30886403-86F6-47B4-80D9-6462ACA30CEF}] => (Allow) LPort=8133
FirewallRules: [{49FFF652-F8F4-4E83-8D60-17B80E98EE9D}] => (Allow) LPort=1900
FirewallRules: [{FDB410E5-C32E-4FA1-831C-C293FC6E7243}] => (Allow) LPort=1900
FirewallRules: [{45827FC0-36CD-4EC0-8536-5490D430295A}] => (Allow) LPort=1980
FirewallRules: [{4BEC5372-3286-4B48-9AA8-2B0196496342}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{2CC04EBC-081C-4A8B-8181-BF93D3B14A23}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{1D2EC10E-A7E5-4A4F-A8E6-8D23A67F200F}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [TCP Query User{D9F27CC6-E6B2-4BDD-99AC-59801D377A5F}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [UDP Query User{C90E4255-7FFB-468E-9052-52A9E7DE6AB1}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [TCP Query User{7175A541-F788-42A2-963E-CC9165116068}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{09F60670-DE12-4010-B973-C51DD314264F}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{B2A516B7-74B6-4B96-BE50-45CE5D7E9CD7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A7A65E7-BA88-469D-AD08-4F5D54BECD38}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E31E7006-0AF6-4832-BEF5-F71CC72F967B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{356FA9AC-2C47-4E9E-A756-8691831209E7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{FFE2B4DE-7760-41F6-A081-C3B59111B6A6}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{AB6D09E0-5EFF-4C8E-9EBA-A8F406F5AFCF}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{10D1F617-D9A7-4041-B12B-932A5539F1D7}] => (Allow) LPort=54925
FirewallRules: [{680D0E68-D7AC-49B4-96EA-DC5055066249}] => (Allow) C:\Users\Moha´s PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{2FF2F44B-CB05-4559-9989-7E1D047F0D6E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4420D6CE-9561-4B84-875D-27AF7C92DCCB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{03740993-F770-4823-83F1-0671C440859A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9A63B417-D318-4516-BF01-C4EDF077D50D}] => (Allow) LPort=2869
FirewallRules: [{88E9F337-15AA-4C74-BEC8-A7A4F997A876}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{DF7444A4-55AC-48F9-B21C-CCDA82582A3B}C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A393CAF2-55B9-4D0C-B205-6CA8CE303C3D}C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moha´s pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B61DE0E9-37EC-41AD-AFAF-7FB9806F93FE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{0F8030C4-1C5B-4279-A31F-F0487026A287}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{DDB22002-DF3F-4FDA-A89D-DE4821585642}] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{B84D5B03-CF57-4709-8C72-E13129CC69F1}] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{B9E745DC-8009-460A-9A9B-0C380FC81D89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0D6C75B8-37DD-40C0-8C7A-A17970B38433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9D1B6748-3EE6-46F5-83FB-AF3066BF88F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2F7539E3-31FF-49F8-9FF5-7C357BBE1CE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7EA3752E-869C-445E-8C3D-D566FF95AFF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5B98A75B-23FB-4F5B-9FF5-CDC5EC831B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6E02DF8E-35D7-4707-8D1F-C1E6EC6071AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B50A9380-1B07-436B-81F0-C3479D57A97D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7AF31DAD-417F-4F2C-8A03-0C4FEE5E9809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2A57965E-1C6B-4BEA-894D-F14915277108}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{9606E370-018F-47E8-8AFA-13D5691C37B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B18E11C1-A588-4D49-822B-3771BD8CFB7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6039D732-6BE4-436B-B86D-9F5825B4D047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7B2CF10F-7A55-4318-B1B7-9AFC149EB2E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DFA1FC1A-4417-415B-9425-DF412AC30EA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{327886F3-2D5B-4628-B8C2-F2294D388FE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{7CA9D059-AAD1-42F1-B2D4-597748D95C7E}] => (Allow) C:\Users\Moha´s PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A311D5E4-712B-4018-B428-BA55C3FE3429}] => (Allow) C:\Users\Moha´s PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5B7DC267-C61B-411B-B75E-1FE1D8C9BE56}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{CF40F772-333A-42D7-BCC3-EA673613D139}C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [{54A14BD6-B9DE-4853-9719-463A7F292BD6}] => (Block) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [{12C828CB-B5C7-4382-B991-D5FDD0D05F63}] => (Block) C:\program files\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{560DCAA7-41FD-4E9C-9341-2785413B4C46}D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{08ABA49B-D4FD-416A-B42C-405EBA0E63E6}D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{CF1134C6-7EDA-4F2A-BF45-1F83D04B4F17}] => (Block) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{8761CBF2-EB65-47D5-8973-EDE5BEC790AD}] => (Block) D:\dokumente\unreal projects\myproject\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{076B1962-7333-41D4-BF99-955DF2178F6E}C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{5CC2B51D-DC79-4FB0-B1BE-BDF80070B3F4}C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{A24D3731-B2B6-47E5-9796-B5F80A1230F1}] => (Block) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{B1BF48B5-221F-4BFC-8C00-D23D20ED62B5}] => (Block) C:\program files\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{AC88F479-4D4F-462C-BE16-CF92E790D5C0}D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{E6384520-7143-459E-BFC1-814E612C142D}D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{C078BD02-A945-4BA2-B1C7-2511839C59AB}] => (Block) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [{2DFC287A-62B4-4204-BE1F-7F1F164EF9FC}] => (Block) D:\dokumente\unreal projects\myproject2\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{276D015E-158F-48F8-82E7-A9839B1EA07A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{533B00C2-85B5-4937-84AA-99852DC53182}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8C52F368-4DE7-47D7-9A98-E5577032D535}C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe] => (Block) C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe
FirewallRules: [UDP Query User{629EB4DF-296F-4E8A-ABB5-4A8CF7C71CE2}C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe] => (Block) C:\users\moha´s pc\desktop\kitedemo_runtime\kitedemo\binaries\win64\kitedemo-win64-shipping.exe
FirewallRules: [{3DAF44E3-B7D3-431B-9C25-45A77C679BEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{D6D67CDB-0D69-4C81-8AD4-75D58BE33B22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{A41D455E-3085-46FC-B711-0694E83D38A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CC2D5A7-5E8C-4EFC-B3B4-BB99F59BF514}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{87250846-65B6-4CAC-BEA5-F2244706E589}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{39E06354-792D-4496-BDE5-B7B78499BADE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5B66376-E314-485C-B789-995D823DC2BE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8D4F9CB7-926A-4F25-8A57-4DD72DF847EA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{EA14CFD2-6CE2-4F87-9821-1B1F1DB7C249}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{05CA482C-0F5A-423D-9745-7F27DE2EE635}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4977ECF6-9FA7-4669-A7D3-FF05910E47F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{704C8AA3-09A6-46F8-B1DF-097BE80CF671}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B57300F7-C75F-46CC-9A5B-978045BFFBEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3 Forsaken Gods\Gothic III Forsaken Gods.exe
FirewallRules: [{07E9D404-4FEA-4DFE-9A22-6A822B45255D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3 Forsaken Gods\Gothic III Forsaken Gods.exe
FirewallRules: [TCP Query User{0F7D7FCF-D872-450E-BF18-05FB4C8DD9DB}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{6D00F78E-C47A-4778-AC9E-6064BD9D1D81}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{69E5E00D-700B-4495-9E8B-6739EC093482}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{D25C2597-1FDC-433D-A634-06C99FA33E6F}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{312D8015-53E0-40FF-9A4E-A70513BFAE2B}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{D9239C9F-C3F2-43DB-A196-B8F6B38DB5DC}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{630FD47B-7EAE-4111-BE7F-106C39E5D2C6}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{32012AAE-8ADD-4D5C-8DE6-7E8B84F40580}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{0DC90FAE-D9F5-4034-A783-5192E2864A90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C5405F60-0DB7-4179-BDB8-E4093D50A5CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{8F9370FD-EE67-43DE-9473-4EFF8D3ADB01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{8FF2F044-4127-4546-B321-2FBCD4068CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [TCP Query User{A2508BB1-AAC2-4520-BA97-43FDA360C47E}F:\gta\grand theft auto v\gta5.exe] => (Allow) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E32AE9A0-7FE4-41E0-9CE6-FF41A96623A9}F:\gta\grand theft auto v\gta5.exe] => (Allow) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [{3EB671E7-2AA3-4704-8827-968F75562CA5}] => (Block) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [{C911E88F-6EAA-46EB-80A5-B60D9AAD5A2F}] => (Block) F:\gta\grand theft auto v\gta5.exe
FirewallRules: [{618E8B2A-B924-4D28-95C1-23A624DDA0F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{98570441-08C5-4088-AE5B-D65C0EC37BB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{CDAC4C0A-D57E-424A-AE65-3D900FE41793}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{50E0135A-C6BB-4328-8850-AFA4B7D705E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B495BDDB-3033-48C0-A5DE-550A828DE4C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4619C99-1D86-453E-8717-ABA72B086840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{47BA2F59-5137-4898-9A2A-5EEC841EF970}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{D01686D0-047E-4D6B-8B4A-DF6B40894767}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [TCP Query User{47A343C3-6761-46B9-B02F-912EC660BFB0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{014D9115-6D6B-49BF-A7FB-040070732BE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{01A985FD-1DD8-4436-99D5-2FF9BFAB3232}] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{91F011FD-1CD2-47C5-9A0B-CED1C88EB088}] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{7BEC5C09-1F1F-466E-9225-F8DF5A6D0F00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{4C62D833-8A86-4B8C-BFFE-68DFCD39ED0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{CD80BB2C-0C95-4BB9-807B-709492C2F48A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{6B39FC32-C725-48C1-82E9-121F642C7912}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{9A142E42-522C-4D19-99F8-9ED58D5B5773}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{2D6704D8-FF70-400A-8243-F348FF25D2A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{E6C5CAFB-0675-4B4A-B41C-796059425883}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{8E4BA713-7FDB-4EE6-8E69-3B2EC363F548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{62976311-4E68-48EC-BD34-E7619F150E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{80A1028F-BE99-4E4F-811C-0166588E2336}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{43E4E8FD-E7C2-4149-9BEB-26C47EC27939}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{52EB6887-7E87-4EB6-BE22-73BBA3573C1D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{06249FE8-59A6-48E0-A95B-ACE214775025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0C7825B2-A9B6-4943-8967-174FB8AC81C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C8C8E776-B4CC-40A2-82F7-C49D7CC6372E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5AE307E2-8CCD-477E-9296-8564775D39A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CFAFE75-94DB-495C-B114-11F2BB1ADA76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{98B22081-0386-4104-A192-B0CB79ED8437}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{757EC993-B55C-4024-A007-03E2EB73E939}C:\program files (x86)\phonerlite\phonerlite.exe] => (Allow) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{6154F00D-FA6B-4CB0-AB49-15B8B8A9D1F8}] => (Block) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{AE5E2850-E534-4779-B019-09296734DCF8}] => (Block) C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{8A92621F-7DF9-4D1A-B591-9BF9CC9C9C89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A7F30B62-BE09-4555-851D-F70BB19D7A19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E04702D5-E75C-4FFF-8CD2-F7F270919950}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{CED7DB9F-DB8D-40BF-A64F-5C817E63B035}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{03A997D1-EC1D-423C-80E7-8EC921BBF425}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{9846AC02-DEB8-47DE-9B53-D220B68DCE1C}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{8B9E5934-2004-4F26-8659-CA92A249081F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6596E58A-B542-4E22-8F6C-621CA8BF90D0}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{4E2C41CB-ABEE-4BCC-BEFB-E37E0BD05677}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{4372B345-C34D-4144-8087-87A073C9720F}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{DCE93842-4E14-48EC-9A4E-158E2C65F76C}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{E7726FB9-5CBB-4D98-8EB6-DC5D2C95ABF7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{41E3B849-BE3C-4A2F-95A4-31008357A42B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{4638D6BC-6220-4315-B724-EBA32C34DCBA}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{37F2EDAE-A04A-468D-9F41-F05801D1F199}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{9FDD3FEB-BF48-4F61-B567-808F47B5299E}F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{25F258A0-70E4-496C-BD93-64C90F2A1FF6}F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{79C47EB1-F5FF-43BB-99C8-EE5A92D92A8B}] => (Block) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{C8A87A0D-F078-47A6-BE7C-09CFE3C9ACBB}] => (Block) F:\unrealtournament\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{34DB8EA6-39C6-4293-A6DD-3394690936C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CAT Interstellar\CatInterstellar.exe
FirewallRules: [{7B0F8704-9038-46D4-9840-FE476E95DCAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CAT Interstellar\CatInterstellar.exe
FirewallRules: [TCP Query User{6A209B5C-54C4-439A-A922-B420C6413F2A}C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [UDP Query User{D6589156-1D9C-4EFE-A566-18E75CCF8144}C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [{A18D54C0-4BBB-46AC-AB10-953950B08486}] => (Block) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [{863BF3C4-02D7-413E-A315-FFF8EA4BA301}] => (Block) C:\program files (x86)\steam\steamapps\common\cat interstellar\catinterstellar\binaries\win32\catinterstellar.exe
FirewallRules: [{1BB339C1-0399-498C-9466-132FC3EDBA27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{78F5A515-3587-425E-A364-477AFADD78F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{690D26D9-5B4F-415A-9460-F3A53190AFAC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE577C0-8539-438E-B01D-347D92D1F4A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{777CFCA8-9402-44ED-AD9E-6220FA9BFE9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{D6BB5570-6601-4022-8116-FCBA3FE23C2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{2299733E-CCDE-4F68-871E-F4F325D176F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{615654BD-4A41-4478-B3F3-2ED402312DE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{90D67AFE-8191-41F1-97A6-4F0466225E3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{3A93EF3C-D07F-4B7D-A680-79B00134E317}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{B2F00D2E-1F49-43D7-8161-2CDE98144BAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{09B7127B-6B1F-4655-A799-E43234E5EDE9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{8A5D4698-3C3C-46F4-B9C5-0497DBCADFE7}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{5567035B-75A9-46BA-B667-9A53A906A285}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe

==================== Wiederherstellungspunkte =========================

06-04-2016 21:07:44 Installed Blender
09-04-2016 19:01:49 DestroyWindowsSpying 09.04.2016 19:01:49
13-04-2016 13:51:55 Windows Update
13-04-2016 13:52:02 Windows Update
15-04-2016 17:22:51 test
16-04-2016 22:33:16 Removed QuickTime 7
19-04-2016 17:04:40 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 05:04:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.37.92.83, Zeitstempel: 0x56fd763f
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2526.1348.0, Zeitstempel: 0x56b87a6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02055f0a
ID des fehlerhaften Prozesses: 0x2310
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (04/19/2016 05:04:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/19/2016 05:02:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.37.92.83, Zeitstempel: 0x56fd763f
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2526.1348.0, Zeitstempel: 0x56b87a6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02055f0a
ID des fehlerhaften Prozesses: 0x52c
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (04/19/2016 05:01:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x19f4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/19/2016 04:59:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x2ac4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/19/2016 04:57:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x2d38
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/19/2016 04:55:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x1960
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/19/2016 04:53:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x2290
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/19/2016 04:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x2470
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/19/2016 04:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000002144b
ID des fehlerhaften Prozesses: 0x5c0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5


Systemfehler:
=============
Error: (04/19/2016 05:04:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/19/2016 05:03:50 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "SPEEDPORT.IP" zum Namen "MOHASPC" auf Transport "NetBT_Tcpip_{2EE03EA9-3074-49AE-8BA3-86A485DDB484}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (04/19/2016 05:03:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/19/2016 05:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MF NTFS Monitor" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2016 05:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CsrBtOBEX-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2016 05:03:47 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153

Error: (04/19/2016 05:03:46 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT-AUTORITÄT)
Description: Fehler "126" beim Laden der Kennwortbenachrichtigungs-DLL "C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll". Stellen Sie sicher, dass der in der Registrierung definierte DLL-Pfad "HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages" sich auf einen korrekten und absoluten Pfad (<Laufwerk>:\<Pfad>\<Dateiname>.<Erw.>) bezieht und nicht auf einen relativen oder ungültigen Pfad. Wenn der DLL-Pfad falsch ist, stellen Sie sicher, dass sich alle Hilfsdateien im gleichen Verzeichnis befinden und dass das Systemkonto sowohl auf den DLL-Pfad als auch die Hilfsdateien Lesezugriff hat.  Wenden Sie sich an den Anbieter der Benachrichtigungs-DLL, um weitere Unterstützung zu erhalten. Weitere Informationen finden Sie im Internet unter "hxxp://go.microsoft.com/fwlink/?LinkId=245898".

Error: (04/19/2016 05:03:15 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {7006698D-2974-4091-A424-85DD0B909E23}

Error: (04/19/2016 05:03:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_89a2a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/19/2016 05:03:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _89a2a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-04-19 17:04:50.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 16:58:38.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-19 16:58:38.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-19 16:58:36.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-04-19 16:58:28.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 16:43:55.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-04-19 14:10:49.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-19 13:07:24.562
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-04-19 13:01:25.795
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-04-19 13:01:25.707
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume7\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 32629.32 MB
Verfügbarer physikalischer RAM: 27053.56 MB
Summe virtueller Speicher: 33653.32 MB
Verfügbarer virtueller Speicher: 27243.76 MB

==================== Laufwerke ================================

Drive a: (Daten-Fotos) (Fixed) (Total:500 GB) (Free:350.91 GB) NTFS
Drive c: (Windoof) (Fixed) (Total:464.98 GB) (Free:52.28 GB) NTFS
Drive d: (Alles und so :D) (Fixed) (Total:1112.92 GB) (Free:729.83 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Steam+Bibliotheken) (Fixed) (Total:238.47 GB) (Free:34.62 GB) NTFS
Drive i: (WINXPUSB) (Removable) (Total:7.46 GB) (Free:1.87 GB) FAT32
Drive j: () (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT
Drive y: (Volume) (Fixed) (Total:3.05 GB) (Free:2.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 19897DCE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1112.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=250 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=500 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 19897DC6)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: C7407E94)
Partition 1: (Active) - (Size=344 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 00DEA5AE)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 19.04.2016, 19:03

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Task: {1279AED0-0176-4CD2-BB52-E30EAEFB05C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1E6E2A22-74A6-4B68-A699-AE78D5AFED1D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {25C56F17-D609-464B-B3A0-34D2BBAFDE50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {812D7921-8419-4A01-9A16-43CDDF57D01A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {8C029721-BBBE-498E-A9CD-C20F6743A3AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8C725F8B-CA01-45D1-AF73-400DCDC0B261} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {992B8116-BBE5-434B-8974-2C91C1245F2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A8040DF4-63BB-49BB-AD28-6D9CC4987726} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D3C6311B-9560-472D-9A0F-67DE399B5E50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E388DB8C-3046-421E-883F-0CA78B61453A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EDD204CD-C38D-4964-89E4-6CABD7711BDD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

moha · 19.04.2016, 19:59

Hier:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Moha´s PC (2016-04-19 20:54:09) Run:3
Gestartet von C:\Users\Moha´s PC\Desktop
Geladene Profile: Moha´s PC (Verfügbare Profile: Moha´s PC & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {1279AED0-0176-4CD2-BB52-E30EAEFB05C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1E6E2A22-74A6-4B68-A699-AE78D5AFED1D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {25C56F17-D609-464B-B3A0-34D2BBAFDE50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {812D7921-8419-4A01-9A16-43CDDF57D01A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {8C029721-BBBE-498E-A9CD-C20F6743A3AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8C725F8B-CA01-45D1-AF73-400DCDC0B261} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {992B8116-BBE5-434B-8974-2C91C1245F2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A8040DF4-63BB-49BB-AD28-6D9CC4987726} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D3C6311B-9560-472D-9A0F-67DE399B5E50} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E388DB8C-3046-421E-883F-0CA78B61453A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EDD204CD-C38D-4964-89E4-6CABD7711BDD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
emptytemp:
         
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1279AED0-0176-4CD2-BB52-E30EAEFB05C2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1279AED0-0176-4CD2-BB52-E30EAEFB05C2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E6E2A22-74A6-4B68-A699-AE78D5AFED1D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E6E2A22-74A6-4B68-A699-AE78D5AFED1D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25C56F17-D609-464B-B3A0-34D2BBAFDE50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25C56F17-D609-464B-B3A0-34D2BBAFDE50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{812D7921-8419-4A01-9A16-43CDDF57D01A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{812D7921-8419-4A01-9A16-43CDDF57D01A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C029721-BBBE-498E-A9CD-C20F6743A3AB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C029721-BBBE-498E-A9CD-C20F6743A3AB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C725F8B-CA01-45D1-AF73-400DCDC0B261}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C725F8B-CA01-45D1-AF73-400DCDC0B261}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{992B8116-BBE5-434B-8974-2C91C1245F2B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{992B8116-BBE5-434B-8974-2C91C1245F2B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A8040DF4-63BB-49BB-AD28-6D9CC4987726}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8040DF4-63BB-49BB-AD28-6D9CC4987726}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3C6311B-9560-472D-9A0F-67DE399B5E50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3C6311B-9560-472D-9A0F-67DE399B5E50}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E388DB8C-3046-421E-883F-0CA78B61453A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E388DB8C-3046-421E-883F-0CA78B61453A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDD204CD-C38D-4964-89E4-6CABD7711BDD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDD204CD-C38D-4964-89E4-6CABD7711BDD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:54:23 ====

Was waren das eigentlich für geplante Tasks? Habe die bereits bei mehreren Usern hier gesehen.

cosinus · 19.04.2016, 22:21

Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:

1. Schritt: MBAM

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

2. Schritt: ESET

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

3. Schritt: SecurityCheck

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

moha · 21.04.2016, 19:20

Alles ohne Fund

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.04.2016
Suchlaufzeit: 16:19
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.21.03
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Moha´s PC

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 511631
Abgelaufene Zeit: 6 Min., 30 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6b57e98a590421418d7647694eccc4e0
# end=init
# utc_time=2016-04-21 02:37:00
# local_time=2016-04-21 04:37:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29176
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6b57e98a590421418d7647694eccc4e0
# end=updated
# utc_time=2016-04-21 02:38:53
# local_time=2016-04-21 04:38:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6b57e98a590421418d7647694eccc4e0
# engine=29176
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-21 04:21:42
# local_time=2016-04-21 06:21:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 170237 15069845 0 0
# scanned=667039
# found=0
# cleaned=0
# scan_time=6169

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Emsisoft Anti-Malware   
Windows Defender        
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 DoNotSpy10     
 Java 8 Update 77  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	21.0.0.213  
 Mozilla Firefox (44.0) 
 Google Chrome (49.0.2623.110) 
 Google Chrome (49.0.2623.112) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Emsisoft Anti-Malware a2service.exe   
 Emsisoft Anti-Malware a2guard.exe   
 EMSISOFT Anti-Malware a2start.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

cosinus · 21.04.2016, 21:19

Java 8 Update 77
Adobe Flash Player 21.0.0.213
Mozilla Firefox (44.0)
Google Chrome (49.0.2623.110)
Google Chrome (49.0.2623.112)

Firefox und Chrome müssen umgehend aktualisiert werden

Zudem solltest du Java und den Flash Player deinstallieren; Java spielt kaum noch eine Rolle. Fast nirgendwo werden mehr Java-Applets eingesetzt. Und was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen. In dem Teil werden ständig neue dicke Sicherheitslücken gefunden => Der Liebling aller Cyber-Kriminellen: Flash | heise Security

14.04.2016, 13:55	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	TDSS-Killer hat 3 Funde Log vom tdsskiller posten, sonst kann niemand was dazu sagen __________________ __________________

TDSS-Killer hat 3 Funde

Log-Analyse und Auswertung: TDSS-Killer hat 3 Funde