| |
| |||||||
Log-Analyse und Auswertung: Neuer ComputerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.09.2016, 18:51
| #1 |
 |  Neuer Computer Habe mir vor einiger Zeit eine neues System zusammengestellt. Wäre es möglich die Standart-Suchroutine nach Mal/Adware einmal durchzuführen? Wäre froh wenn ihr mir dabei helfen könntet. Freundliche Grüsse jillsy2k |
|
02.09.2016, 09:19
| #2 |
| /// TB-Ausbilder   | Neuer Computer Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
02.09.2016, 23:14
| #3 |
| | Neuer Computer Hier die Log Dateien;
__________________FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von jillsy (Administrator) auf JILLSY-PC (03-09-2016 00:11:47)
Gestartet von D:\Treiber
Geladene Profile: jillsy (Verfügbare Profile: jillsy)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\WINDOWS\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831576 2016-08-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar905.lnk [2016-09-02]
ShortcutTarget: Sidebar905.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{a1ec324e-2cbf-4f68-8d61-6dac07f260ab}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{cbc7d4b6-90ee-4a2d-a356-043bc244d4d6}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Extension: (Show MyIP) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-04-29]
FF Extension: (Download Statusbar Fixed) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-04-29]
FF Extension: (PDF Download) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-29]
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\artur.dubovoy@gmail.com [2016-07-31]
FF Extension: (Show my Password) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2016-07-31]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-08-24]
FF Extension: (NoScript) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-31]
FF Extension: (Avira Browser Safety) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\abs@avira.com [2016-07-15]
FF Extension: (Language Pack Install Helper) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\jid0-3qAYz7se7F3gEIA63LjbuEaPEDk@jetpack.xpi [2016-02-06]
FF Extension: (YouR IP) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2016-04-27]
FF Extension: (Personas Plus) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\personas@christopher.beard.xpi [2016-07-31]
FF Extension: (Download Status Bar) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-08-17]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-03-25]
FF Extension: (Video DownloadHelper) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-03]
FF Extension: (Adblock Plus) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [988184 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-05] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-03] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-07-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-07-09] (Avira Operations GmbH & Co. KG)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [27440 2016-07-17] () [Datei ist nicht signiert]
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-08-26] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-09-02] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-03 00:10 - 2016-09-03 00:11 - 00000000 ____D C:\FRST
2016-09-02 23:36 - 2016-09-02 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-02 18:30 - 2016-09-02 18:31 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2016-08-31 19:26 - 2016-08-31 19:26 - 00000000 ____D C:\Users\jillsy\Documents\Diverses
2016-08-31 19:06 - 2016-08-31 19:06 - 00000000 ____D C:\Program Files\ProcessExplorer
2016-08-31 00:30 - 2016-08-25 22:53 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-31 00:29 - 2016-08-26 01:27 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 35180992 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 34842680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 28238904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 20220928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10865888 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10746896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10288040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 09094048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 08875408 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 08687888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 02912192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 02549184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437270.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01586560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437270.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01020472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00958008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00894520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00802584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00801744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00686712 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00616648 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00576168 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00573424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00471608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00439352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-27 02:48 - 2016-08-27 02:54 - 371289601 _____ C:\Users\jillsy\Desktop\U-571.mp4
2016-08-27 02:45 - 2016-08-27 02:45 - 426863515 _____ C:\Users\jillsy\Desktop\Kesselschlacht in der Normandie (Action, Kriegsfilm, ganzer Spielfilm) Kriegsfilme deutsch.mp4
2016-08-26 23:15 - 2016-08-29 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-24 19:48 - 2016-08-24 19:48 - 00123198 _____ C:\Users\jillsy\Desktop\PDF1442775_20160805214545.pdf
2016-08-22 16:57 - 2016-08-22 16:57 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\NVIDIA
2016-08-18 19:07 - 2016-08-18 19:07 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2016-08-18 19:07 - 2016-08-18 19:07 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2016-08-17 11:40 - 2016-08-11 16:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 11:40 - 2016-08-11 16:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-16 19:17 - 2016-08-16 19:19 - 658247680 _____ C:\Users\jillsy\Desktop\rescue-system.iso
2016-08-13 22:27 - 2016-08-13 22:28 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-13 22:12 - 2016-08-13 22:12 - 00002321 _____ C:\Users\Public\Desktop\MIDEAST CRISIS 2.lnk
2016-08-13 22:12 - 2016-08-13 22:12 - 00000000 ____D C:\Users\jillsy\Documents\Command & Conquer 3 Tiberium Wars
2016-08-13 22:09 - 2016-08-27 21:52 - 14216760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-13 22:09 - 2016-08-26 01:27 - 23715064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 14477600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 03906992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 03448808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-13 22:00 - 2016-08-13 22:00 - 00000000 ___HD C:\$SysReset
2016-08-13 16:16 - 2016-08-13 16:16 - 00000129 _____ C:\Users\jillsy\Documents\Explorer Settings.xml
2016-08-13 16:04 - 2016-08-13 23:04 - 00000000 ____D C:\Users\jillsy\Desktop\Vorher_Nachher
2016-08-12 21:09 - 2016-08-12 21:09 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2016-08-12 19:28 - 2016-08-13 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus
2016-08-12 19:28 - 2016-08-12 19:28 - 00001541 _____ C:\Users\jillsy\Desktop\Lazarus.lnk
2016-08-12 15:26 - 2016-08-12 15:26 - 00001071 _____ C:\Users\jillsy\Desktop\Black Desert ScreenShot.lnk
2016-08-12 10:10 - 2016-07-28 19:55 - 00453334 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160812-101000.backup
2016-08-10 09:52 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 09:52 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 09:52 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 09:52 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 09:52 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 09:52 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 09:52 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 09:52 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 09:52 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 09:52 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 09:52 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 09:52 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 09:52 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 09:52 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 09:52 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-10 09:52 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-10 09:52 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-10 09:52 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 09:52 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 09:52 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 09:52 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 09:52 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 09:52 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 09:52 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 09:52 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 09:52 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 09:52 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 09:52 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 09:52 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 09:52 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-10 09:52 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-10 09:52 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 09:52 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 09:52 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 09:52 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 09:52 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 09:52 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 09:52 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 09:52 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 09:52 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 09:52 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 09:52 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 09:52 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 09:52 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 09:52 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 09:52 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 09:52 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 09:52 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 09:52 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 09:52 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 09:52 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 09:52 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 09:52 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 09:52 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 09:52 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 09:52 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 09:52 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 09:51 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 09:51 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 09:51 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 09:51 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 09:51 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 09:51 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 09:51 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 09:51 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 09:51 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 09:51 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 09:51 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 09:51 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 09:51 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 09:51 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 09:51 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 09:51 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 09:51 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 09:51 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 09:51 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 09:51 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 09:51 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 09:51 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 09:51 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 09:51 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 09:51 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 09:51 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 09:51 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 09:51 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 09:51 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 09:51 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 09:51 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 09:51 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 09:51 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 09:51 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 09:51 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 09:51 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 09:51 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 09:51 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 09:51 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 09:51 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 09:51 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 09:51 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 09:51 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 09:51 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 09:51 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 09:51 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 09:51 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 09:51 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 09:51 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 09:51 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 09:51 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 09:51 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 09:51 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 09:51 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 09:51 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 09:51 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 09:51 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 09:51 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 09:51 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 09:51 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 09:51 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 09:51 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-07 00:32 - 2016-08-07 00:32 - 00000012 _____ C:\Users\jillsy\AppData\Roaming\Network Meter_Usage.ini
2016-08-07 00:31 - 2016-08-07 00:31 - 00000041 _____ C:\Users\jillsy\IP_Log_Data.js
2016-08-05 21:13 - 2016-08-12 19:28 - 00000000 ____D C:\lazarus
2016-08-05 15:31 - 2016-08-13 09:45 - 00000000 ___RD C:\Users\jillsy\Dropbox
2016-08-05 15:29 - 2016-09-02 23:36 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-05 15:29 - 2016-09-02 23:36 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-05 15:29 - 2016-09-02 18:27 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-05 15:29 - 2016-08-05 15:32 - 00000000 ____D C:\Users\jillsy\AppData\Local\Dropbox
2016-08-05 15:29 - 2016-08-05 15:29 - 00004294 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-08-05 15:29 - 2016-08-05 15:29 - 00004062 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-08-05 15:29 - 2016-08-05 15:29 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Dropbox
2016-08-05 15:29 - 2016-08-05 15:29 - 00000000 ____D C:\ProgramData\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-03 00:06 - 2016-07-09 13:42 - 00000000 ____D C:\Users\jillsy\AppData\Local\ClassicShell
2016-09-03 00:06 - 2016-03-04 18:14 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\TS3Client
2016-09-02 21:04 - 2016-07-10 10:14 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F56EFC66-D523-4890-B05C-CF307D1A9C50}
2016-09-02 18:30 - 2016-07-09 13:20 - 02086308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-02 18:30 - 2016-04-27 07:13 - 00888192 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-02 18:30 - 2016-04-27 07:13 - 00197276 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-02 18:30 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-02 18:29 - 2016-07-09 22:04 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-09-02 18:28 - 2016-02-28 14:28 - 00000000 ____D C:\Users\jillsy\AppData\Local\BlackDesertOnline
2016-09-02 18:25 - 2016-04-27 07:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-02 18:25 - 2016-03-04 17:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-01 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 19:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 19:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-31 19:09 - 2016-07-15 19:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-31 18:58 - 2016-07-09 18:34 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-08-31 18:57 - 2016-03-27 03:55 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\WiseUpdate
2016-08-31 18:54 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-31 01:03 - 2016-02-06 19:08 - 00000000 ____D C:\Users\jillsy\AppData\Local\Battle.net
2016-08-31 00:31 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-31 00:30 - 2016-03-11 17:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 00:30 - 2016-02-14 14:56 - 00000000 ____D C:\temp
2016-08-31 00:30 - 2016-02-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-31 00:30 - 2016-02-06 17:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 19:08 - 2016-02-09 21:04 - 00000000 ____D C:\Users\jillsy\AppData\Local\ElevatedDiagnostics
2016-08-29 17:15 - 2016-02-07 05:31 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Everything
2016-08-29 17:15 - 2016-02-06 19:54 - 00000000 ____D C:\ProgramData\Origin
2016-08-29 15:32 - 2016-02-06 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 23:47 - 2016-04-04 23:18 - 00000000 ____D C:\Users\jillsy\Desktop\Zwischen Speicher TV
2016-08-28 01:06 - 2016-02-13 02:08 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-26 01:27 - 2015-07-23 04:02 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-25 23:12 - 2016-03-04 17:50 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 02475064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 01362368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-25 23:12 - 2016-03-04 17:50 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-25 04:42 - 2016-02-06 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-23 22:01 - 2016-07-09 13:20 - 00000000 ____D C:\Users\jillsy
2016-08-22 17:17 - 2016-03-04 17:50 - 07320235 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-22 11:17 - 2016-07-09 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2016-08-22 11:16 - 2015-10-30 09:24 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2016-08-14 23:47 - 2016-02-20 13:14 - 00000000 ____D C:\Users\jillsy\Documents\Black Desert
2016-08-13 23:02 - 2016-08-01 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-08-13 23:02 - 2016-07-16 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SleepTimer Ultimate
2016-08-13 23:02 - 2016-07-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2016-08-13 23:02 - 2016-07-15 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-08-13 23:02 - 2016-07-09 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-13 23:02 - 2016-07-09 13:31 - 00000000 ____D C:\Users\jillsy\AppData\Local\TileDataLayer
2016-08-13 23:02 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-13 23:02 - 2016-04-27 07:13 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-08-13 23:02 - 2016-04-09 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor Pacific Assault™
2016-08-13 23:02 - 2016-03-19 01:08 - 00000000 ___SD C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-08-13 23:02 - 2016-03-05 23:19 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 23:02 - 2016-03-04 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-08-13 23:02 - 2016-03-04 18:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
2016-08-13 23:02 - 2016-02-20 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2016-08-13 23:02 - 2016-02-14 16:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-13 23:02 - 2016-02-13 02:08 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-08-13 23:02 - 2016-02-09 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-13 23:02 - 2016-02-09 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-13 23:02 - 2016-02-08 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Chat
2016-08-13 23:02 - 2016-02-08 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-08-13 23:02 - 2016-02-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2016-08-13 23:02 - 2016-02-07 05:31 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-08-13 23:02 - 2016-02-07 05:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2016-08-13 23:02 - 2016-02-07 05:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-08-13 23:02 - 2016-02-07 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-08-13 23:02 - 2016-02-07 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-08-13 23:02 - 2016-02-06 20:20 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-13 23:02 - 2016-02-06 20:20 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-13 23:02 - 2016-02-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2016-08-13 23:02 - 2016-02-06 19:48 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-13 23:02 - 2016-02-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-13 23:02 - 2016-02-06 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-13 23:02 - 2016-02-06 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-08-13 23:02 - 2016-02-06 19:04 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-08-13 23:02 - 2016-02-06 17:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-13 23:02 - 2016-02-06 17:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-13 23:02 - 2016-02-06 17:47 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Program Files\Windows Sidebar
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-13 23:02 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-13 23:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 22:28 - 2016-07-09 14:18 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-13 22:12 - 2016-07-16 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIDEAST CRISIS 2
2016-08-13 16:31 - 2016-02-06 19:16 - 00000000 ____D C:\Users\jillsy\Documents\StarCraft II
2016-08-12 23:19 - 2016-02-07 04:03 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2016-08-12 22:31 - 2016-03-20 16:14 - 00000000 ____D C:\Users\jillsy\AppData\Local\lazarus
2016-08-12 22:08 - 2016-07-09 13:32 - 00002386 _____ C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-12 22:08 - 2016-07-09 13:32 - 00000000 ___RD C:\Users\jillsy\OneDrive
2016-08-12 22:06 - 2016-07-09 11:19 - 00000000 ___HD C:\$GetCurrent
2016-08-12 22:06 - 2016-07-09 11:19 - 00000000 ____D C:\Windows10Upgrade
2016-08-12 22:03 - 2016-07-09 13:24 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-12 21:41 - 2016-02-10 12:49 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-08-12 21:41 - 2016-02-10 12:49 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-12 21:40 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-12 21:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-08-12 21:32 - 2016-07-09 11:33 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-12 12:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 16:33 - 2016-07-08 16:34 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 16:33 - 2016-07-08 16:34 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-10 18:51 - 2016-04-27 07:34 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 18:51 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 18:44 - 2016-02-06 20:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 18:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 18:42 - 2016-02-06 20:02 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-05 15:34 - 2016-02-08 02:15 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Foxit Software
2016-08-05 15:31 - 2016-02-06 17:31 - 00000000 ____D C:\Users\jillsy\AppData\Local\VirtualStore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-09 16:08 - 2016-04-09 23:42 - 0000624 _____ () C:\Users\jillsy\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-08-07 00:32 - 2016-08-07 00:32 - 0000012 _____ () C:\Users\jillsy\AppData\Roaming\Network Meter_Usage.ini
2016-07-09 13:19 - 2016-07-09 13:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\jillsy\IP_Log_Data.js
Einige Dateien in TEMP:
====================
C:\Users\jillsy\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\jillsy\AppData\Local\Temp\66ad7f4a1b4d000a5092f20cce0f6800.dll
C:\Users\jillsy\AppData\Local\Temp\avgnt.exe
C:\Users\jillsy\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\jillsy\AppData\Local\Temp\libeay32.dll
C:\Users\jillsy\AppData\Local\Temp\msvcr120.dll
C:\Users\jillsy\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\jillsy\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\jillsy\AppData\Local\Temp\nvStInst.exe
C:\Users\jillsy\AppData\Local\Temp\project1.exe
C:\Users\jillsy\AppData\Local\Temp\sfamcc00001.dll
C:\Users\jillsy\AppData\Local\Temp\SIntf16.dll
C:\Users\jillsy\AppData\Local\Temp\SIntf32.dll
C:\Users\jillsy\AppData\Local\Temp\SIntfNT.dll
C:\Users\jillsy\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-27 02:38
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von jillsy (03-09-2016 00:12:11)
Gestartet von D:\Treiber
Windows 10 Pro Version 1511 (X64) (2016-07-09 11:31:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-312126271-3749253831-833728702-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-312126271-3749253831-833728702-503 - Limited - Disabled)
Gast (S-1-5-21-312126271-3749253831-833728702-501 - Limited - Disabled)
jillsy (S-1-5-21-312126271-3749253831-833728702-1000 - Administrator - Enabled) => C:\Users\jillsy
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1914 - Die Schalen des Zorns (HKLM-x32\...\{404E1E52-9302-45D2-B4F8-50D2251C391E}) (Version: 1.00.0000 - Rondomedia)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{5D6CB70E-6FA7-4E5E-8A12-06612313E671}) (Version: 18.0.0 - Helmut Buhler)
Act of Aggression (HKLM-x32\...\Steam App 318020) (Version: - Eugen Systems)
Act of War: Direct Action (HKLM-x32\...\Steam App 2710) (Version: - Eugen Systems)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.1 - Daum Games EU)
C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version: - )
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{B9A7CCBE-48F7-4B3E-BD20-76ADDD4DC69F}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{78F60BDD-1923-4CF7-B6BD-087D06D7B5BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
Diablo (HKLM-x32\...\Diablo) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.45.1 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lazarus 1.6 (HKLM\...\lazarus_is1) (Version: 1.6 - Lazarus Team)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
MIDEAST CRISIS 2 version R2 (HKLM-x32\...\{A81B2C6E-A802-4818-990F-7F79406137DD}_is1) (Version: R2 - ISOTX)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
SleepTimer Ultimate 1.3 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Tropico 4 (HKLM\...\Steam App 57690) (Version: - Haemimont Games)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4D0776BB-71B7-49A2-A439-24791A4620E1}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{37BF2365-3EC7-45E4-9D88-61489F932A0B}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\so_activex_x64.dll ()
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\jillsy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {064AC6C9-67BD-45C6-8F39-56CA7AF82686} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {174D5D9D-46E8-4235-ACFA-EA9BF9EB9A3E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {20B94A30-CBD8-46B9-9595-670264DC5376} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {21F9C832-E96E-4600-B8F4-3D606AA21B23} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2D28D19F-B6CA-4587-84D9-E8CF7F67CF23} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {323A0982-F7B3-4197-9123-9FA232AC52C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {358BFA47-7A2C-40A4-8ADA-7A3D8D3F5925} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-05] (Dropbox, Inc.)
Task: {3CFCCA2B-94C2-4EA2-A3FD-E1D2EDAEFEB3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E07DE44-1508-4D69-AA14-850CE8DD3B39} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {3E1A6103-6074-4ECF-AE3A-9399908A2598} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4BD801F1-98F1-499C-8C67-EA9CFDA2F1B0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4C12F624-CD6E-4200-89AA-B50F98AFB759} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {56827C03-33B0-4ECA-BFF9-3CAFF8E92B29} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {5D2082D5-0538-4F93-AFB4-B7660BFCAE9B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5DABAA15-4C26-40D9-B303-9E674AA14BF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5F596DF6-0231-4F8E-955D-FD09C9032B51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {66FE4EE1-5180-4799-9F89-488E7FAE9085} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6D960A5E-88D4-457B-AB9D-F4507C6519F6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {709B1D72-55DC-4552-B423-871876EE9251} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-05] (Dropbox, Inc.)
Task: {70FF3EDA-2B7D-4FA2-B8C8-F3B1828A9DA9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {7633CC86-516D-45AE-A048-642AFE90EEF8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7A4D0F93-1C14-4DE6-B771-00C1D94E4F33} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7BE17038-C26F-47A3-854B-19798E95BAE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {7BF99AB2-3C95-4B63-A2E4-ADE6F5A0A0D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {832E8ED5-2F46-4C09-93C4-63E2B430C78E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8D024F7D-7620-4409-A17D-2940589DF870} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8D675281-6933-4CBC-88DF-AD617BECBB41} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9509CFC8-3697-4CF9-BC32-88B5C7954BEA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A1BE34D3-5264-4F1C-B4D1-314EBA0E9F98} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AA064424-4059-4080-90CE-2E23DA7ED549} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {ADB41004-8919-4A4B-A3DF-07B78E7A5102} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C0ACA51C-420B-4089-8AA3-332596AE6C15} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {CC1A6232-8A8C-40BE-849B-8E4635166083} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {DE47A6B6-E261-4533-B262-36F02C1D9FEC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E3ADED06-FA5B-41AF-8BC5-29E14A99FCE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E7D9221A-C774-4C26-990A-6400154BC98C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E8F30760-71B7-4C4E-B656-53117BCBB20A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EC4DABE1-AD8A-4E68-A8B6-A8E839D43998} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {F0972386-6C09-4F9C-8989-B2031F96C713} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {F36B1155-DB86-470D-8C4A-C8EBC83DADF5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F3C0F9DE-EBDE-4395-861D-94D7064A15FF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F42AE2B5-B8DF-4F89-8C77-E9A2784B8CAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F8DE3D6C-6F43-4131-A1B1-4F3CCA45ABC1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-04 17:50 - 2016-08-25 23:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-15 16:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-15 16:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-27 07:17 - 2016-04-27 07:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-15 16:58 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-15 16:58 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-15 16:58 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-15 16:58 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-15 16:58 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-19 18:33 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-02-19 18:33 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00012520 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00015080 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00014056 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2016-07-09 14:13 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-09 14:13 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-09 14:13 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-09 14:13 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-09 14:13 - 2016-07-09 14:13 - 00679624 _____ () C:\Users\jillsy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7915 mehr Seiten.
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7915 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-08-12 10:10 - 00453382 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15555 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-312126271-3749253831-833728702-1000\Control Panel\Desktop\\Wallpaper -> d:\bilder\sowjetischeplakate\schwert1.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: WarThunderLauncher => D:\WarThunder\launcher.exe
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\StartupApproved\Run: => "World of Tanks"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{AACDF63B-D40D-4F0A-8636-48873F6B0421}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8FABF8CE-37D1-4DBF-9F81-43800E786FA0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5E1C8A5E-45B1-458D-9909-4CD746544EDF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{962782A3-FA60-449A-AE9D-15CEF816D86E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{67748C26-4A6E-4FC3-8C40-9893A6A552B8}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{6A1E02F5-FADC-49B4-A238-98E04AC647B3}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C61EDE1A-91E9-4714-A1DE-E87E14210CC7}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{7F09FEC4-37E5-45E9-8F67-7A7A38E54001}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{AFDC21FB-1BC9-447D-B65A-7CC415D692DF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{35B5AA27-E645-4E1A-81C9-06D72588B47A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{FF590341-91BE-4757-8E52-CEAB1193D036}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{7618482C-B2B6-4A82-9AC7-8B8077163684}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{5511882F-C769-410D-B0E0-2B7ABD27C747}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{94F1E3C1-914F-4F92-97CE-2C77B43921F5}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{DB6BEFB9-A767-43C3-AB6C-5783FC1FF955}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [{3E77EE4E-6E5A-4ADC-AB69-64610006BD7B}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [UDP Query User{6D063738-BD5B-4FAD-A290-FA02AEFEC190}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [TCP Query User{1D3D431C-B549-49AE-991A-532D780F1DE9}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{9209E8EA-2BB9-4D82-BF75-0E0A1A2D533A}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{205F8B49-8A93-4F18-AAF9-4F4B6953544A}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{E0A403D2-090C-465A-9F6C-95A24B29560E}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{E3690EB0-5D6E-4A4E-AD86-099822FE738D}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{8AE1BB22-242C-4C02-9CF7-818228182564}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{37C1C86D-7AAD-4F76-B47D-AF8680E618A6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{D6BC6C3A-0D64-4D73-9966-E78FFA096493}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{5CC528AD-E341-4591-97A4-1CCDF88E79DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{52995D18-FCCA-45B0-A5E6-36BBFD1EF3B1}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{883599A2-5B54-4042-AAF2-B2170841FF29}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [UDP Query User{03FE5F30-F354-45EA-A15E-BA33C32130CB}D:\programme\diablo iii\diablo iii.exe] => (Allow) D:\programme\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6F6B4E3C-9384-4E6C-948D-4FCE09A156B2}D:\programme\diablo iii\diablo iii.exe] => (Allow) D:\programme\diablo iii\diablo iii.exe
FirewallRules: [{DEBCCFD7-DB82-4ACA-B427-D8CA91A76E0E}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{97FB9579-476D-46EB-BE3F-F71CE81BED77}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{1531CF88-EF03-4DAC-93D4-BE3CDE102383}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{00E6566D-1B9A-49FD-A3AB-CFA4F0B26260}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{8FF2DC62-6AD7-4D45-A117-F7ABA70A6A31}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{F49A8781-0C66-4911-93B7-868E331F8521}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{5F3D7D78-B75B-4171-8249-DBB80350C164}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{8A6B5A0F-72DA-4280-B78C-C60E3E556C04}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [UDP Query User{461B8AB0-44F0-45DF-A8EA-A8DCBCE1BF5B}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{00BA6E45-4791-4434-9A56-00786B6E0A50}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [{D7CBB0F1-EEA4-4AAA-BB4B-0DFA89C50840}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{73F893B3-6B56-4FED-8EAD-EB81940F9DF2}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{F3C02990-B2F6-42C6-BEF0-3F242DA35AA0}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{93E5F605-849D-4190-B392-0BEB00367C48}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{B0ABB26D-C703-47A8-8467-598DC165C564}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{5575D054-B00A-4130-B647-521F19905DE0}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [UDP Query User{DFEAFEF5-D247-4A92-908C-04001182C60C}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [TCP Query User{C769BDA3-2F5C-487D-BC53-4B2CFC7D81DC}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [{13893BF9-AB9F-40B0-B94B-82B2FAEF3C0A}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{0F1CC654-D2DE-4750-BFB8-AA306364FD19}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{516B9B6F-467F-4815-8FDF-58CDE0C2DDBB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{44B95D1A-9549-4B1F-B9F0-12EB362E10AA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3D7F2E91-1A99-40BB-8649-8B65C9954F55}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E23B3EAF-1123-45F5-ABEB-BE995AC21B49}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{58804AD4-FF69-485F-BF54-37BA48ADAF64}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD339C48-6AD6-4936-8B9D-946617204F43}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC2BC506-0032-4DCF-A9CC-2BD0414D1FD7}] => (Allow) LPort=8090
FirewallRules: [{8BC0BC66-AB15-4EA7-80FC-3F19CB553C93}] => (Allow) LPort=20443
FirewallRules: [{12C5B701-858F-447A-81E4-50EE710103E7}] => (Allow) LPort=33333
FirewallRules: [{8A7EF1FE-6A3A-48CC-9575-2C17170243C2}] => (Allow) LPort=6881
FirewallRules: [{85C629FC-42ED-4FC8-8C0F-58B5DB4679AB}] => (Allow) LPort=27022
FirewallRules: [{3339D352-EE52-4CB0-B6FF-AC843F8F03D7}] => (Allow) LPort=7853
FirewallRules: [{313C2E5B-3123-4164-B0CA-2DB138FCFC18}] => (Allow) LPort=7852
FirewallRules: [{C5562991-4E7B-4794-A169-A6CDFB4D9009}] => (Allow) LPort=7850
FirewallRules: [{EA8A0011-D4B1-44D7-9774-E865CAA4182D}] => (Allow) LPort=3478
FirewallRules: [{4E709B90-BD51-4EC4-B9CD-27FDD2A8730D}] => (Allow) LPort=20010
FirewallRules: [{8FE73A51-32F4-4CB7-8BF9-3A38A0BF83C4}] => (Allow) LPort=443
FirewallRules: [{EB3C80FC-F699-4660-BBF5-353BEBACB66C}] => (Allow) LPort=80
FirewallRules: [{954A91D5-8BC7-421D-AFA5-8C6546148A4C}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{F9510989-4D5B-4E83-B0A4-59437614C826}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{29B225A6-2A86-4248-A8E9-B29E93D042F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF17ADBD-2C18-4BD4-BE43-7C8E7E285D7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B66ED9E6-2BBA-4DEC-B105-5D023054EB06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0757FC4A-726E-4720-B231-F0A0779D5E1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59997915-8434-4E1E-9291-EEFED046D99A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4DA1FB18-3A1D-42ED-AE9E-792CD16211E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{68FB3B1F-1C5D-4106-BDC5-E7D4BDDAF137}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E63005B9-E27E-4E79-A3C9-8E78D6268DB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3ADCC28E-F23B-46D8-929B-CDEB7F6B1438}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{25F1A8AD-FD4E-4864-8779-C6D0C0F7FA6D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CDE65032-D32A-454F-9E27-645F154445C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{0F9323FB-F690-4CA9-B489-46E14BE83130}D:\programme\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) D:\programme\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{5244EB6E-FC50-4F96-9E0C-4C3FC6D3049D}D:\programme\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) D:\programme\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{CAC8D796-AAC4-4062-8D33-8F3874D2A0DF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
22-08-2016 17:14:23 22.August2016 Alees GUT
31-08-2016 00:28:07 30.aug, vor nvidia
31-08-2016 19:06:05 Sysinternals 1.6.12
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/02/2016 07:17:01 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/02/2016 06:31:41 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/01/2016 07:07:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (08/31/2016 07:06:16 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (08/31/2016 07:06:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (08/31/2016 07:06:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/31/2016 07:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x1d28
Startzeit der fehlerhaften Anwendung: 0x01d203a938d5f644
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: f9d087a0-31a0-4e34-b80e-237c120d0e78
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/31/2016 07:00:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x828
Startzeit der fehlerhaften Anwendung: 0x01d203a8b553cff0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 64e3dcc9-58bf-4d4b-ae8e-2a86ab83800f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/31/2016 06:57:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0x01d203a82e9ae5e9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: ec7dc221-0f05-4f53-a813-fd7d5d839fd0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/31/2016 06:53:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x145c
Startzeit der fehlerhaften Anwendung: 0x01d203a7b2b252fd
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: d78683c4-6d5b-425d-add9-81812511860b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/02/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (09/02/2016 06:25:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.09.2016 um 11:29:50 unerwartet heruntergefahren.
Error: (09/02/2016 06:25:00 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (09/02/2016 06:25:00 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841173312
Error: (09/01/2016 11:40:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_8f64f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/01/2016 11:40:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _8f64f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/01/2016 11:40:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_8f64f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/01/2016 11:40:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_8f64f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/31/2016 08:19:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/31/2016 08:19:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
CodeIntegrity:
===================================
Date: 2016-09-01 22:34:33.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-10 18:52:34.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 10:21:08.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-23 13:57:05.075
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 02:30:07.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 01:18:12.273
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 16:42:32.027
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 16:35:22.941
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 13:23:16.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 13:19:07.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16333.87 MB
Verfügbarer physikalischer RAM: 13738.01 MB
Summe virtueller Speicher: 32717.87 MB
Verfügbarer virtueller Speicher: 29744.98 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:446.47 GB) (Free:339.6 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1302.35 GB) (Free:979.13 GB) NTFS
Drive e: (My Book) (Fixed) (Total:1862.98 GB) (Free:378.93 GB) NTFS
Drive h: (Sicherung) (Fixed) (Total:560.66 GB) (Free:155.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 9371220B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
02.09.2016, 23:20
| #4 |
| | Neuer Computer Und TDSSKIller; Code:
ATTFilter 00:16:38.0038 0x2364 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
00:16:38.0038 0x2364 mouclass - ok
00:16:38.0038 0x2364 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
00:16:38.0038 0x2364 mouhid - ok
00:16:38.0038 0x2364 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
00:16:38.0038 0x2364 mountmgr - ok
00:16:38.0054 0x2364 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:16:38.0054 0x2364 MozillaMaintenance - ok
00:16:38.0054 0x2364 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
00:16:38.0054 0x2364 mpsdrv - ok
00:16:38.0070 0x2364 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
00:16:38.0085 0x2364 MpsSvc - ok
00:16:38.0085 0x2364 [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
00:16:38.0085 0x2364 MQAC - ok
00:16:38.0101 0x2364 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
00:16:38.0101 0x2364 MRxDAV - ok
00:16:38.0116 0x2364 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:16:38.0116 0x2364 mrxsmb - ok
00:16:38.0116 0x2364 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
00:16:38.0132 0x2364 mrxsmb10 - ok
00:16:38.0132 0x2364 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
00:16:38.0132 0x2364 mrxsmb20 - ok
00:16:38.0132 0x2364 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
00:16:38.0148 0x2364 MsBridge - ok
00:16:38.0148 0x2364 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
00:16:38.0148 0x2364 MSDTC - ok
00:16:38.0148 0x2364 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:16:38.0148 0x2364 Msfs - ok
00:16:38.0163 0x2364 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
00:16:38.0163 0x2364 msgpiowin32 - ok
00:16:38.0163 0x2364 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
00:16:38.0163 0x2364 mshidkmdf - ok
00:16:38.0163 0x2364 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
00:16:38.0163 0x2364 mshidumdf - ok
00:16:38.0163 0x2364 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
00:16:38.0163 0x2364 msisadrv - ok
00:16:38.0179 0x2364 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
00:16:38.0179 0x2364 MSiSCSI - ok
00:16:38.0179 0x2364 msiserver - ok
Code:
ATTFilter 00:16:38.0179 0x2364 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
00:16:38.0179 0x2364 MSKSSRV - ok
00:16:38.0179 0x2364 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
00:16:38.0179 0x2364 MsLldp - ok
00:16:38.0195 0x2364 [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
00:16:38.0195 0x2364 MSMQ - ok
00:16:38.0195 0x2364 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
00:16:38.0195 0x2364 MSPCLOCK - ok
00:16:38.0195 0x2364 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
00:16:38.0195 0x2364 MSPQM - ok
00:16:38.0195 0x2364 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
00:16:38.0210 0x2364 MsRPC - ok
00:16:38.0210 0x2364 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
00:16:38.0210 0x2364 mssmbios - ok
00:16:38.0210 0x2364 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
00:16:38.0210 0x2364 MSTEE - ok
00:16:38.0210 0x2364 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
00:16:38.0210 0x2364 MTConfig - ok
00:16:38.0226 0x2364 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
00:16:38.0226 0x2364 Mup - ok
00:16:38.0226 0x2364 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
00:16:38.0226 0x2364 mvumis - ok
00:16:38.0241 0x2364 [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
00:16:38.0241 0x2364 NativeWifiP - ok
00:16:38.0257 0x2364 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
00:16:38.0257 0x2364 NcaSvc - ok
00:16:38.0257 0x2364 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
00:16:38.0273 0x2364 NcbService - ok
00:16:38.0273 0x2364 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
00:16:38.0273 0x2364 NcdAutoSetup - ok
00:16:38.0273 0x2364 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
00:16:38.0273 0x2364 ndfltr - ok
00:16:38.0288 0x2364 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
00:16:38.0304 0x2364 NDIS - ok
00:16:38.0320 0x2364 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
00:16:38.0320 0x2364 NdisCap - ok
00:16:38.0320 0x2364 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
00:16:38.0320 0x2364 NdisImPlatform - ok
00:16:38.0320 0x2364 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:16:38.0320 0x2364 NdisTapi - ok
00:16:38.0320 0x2364 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
00:16:38.0320 0x2364 Ndisuio - ok
00:16:38.0335 0x2364 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
00:16:38.0335 0x2364 NdisVirtualBus - ok
00:16:38.0335 0x2364 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
00:16:38.0335 0x2364 NdisWan - ok
00:16:38.0351 0x2364 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:16:38.0351 0x2364 ndiswanlegacy - ok
00:16:38.0351 0x2364 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
00:16:38.0351 0x2364 ndproxy - ok
00:16:38.0351 0x2364 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
00:16:38.0351 0x2364 Ndu - ok
00:16:38.0366 0x2364 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
00:16:38.0366 0x2364 NetBIOS - ok
00:16:38.0366 0x2364 [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:16:38.0366 0x2364 NetBT - ok
00:16:38.0382 0x2364 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:16:38.0382 0x2364 Netlogon - ok
00:16:38.0382 0x2364 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
00:16:38.0382 0x2364 Netman - ok
00:16:38.0398 0x2364 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:16:38.0398 0x2364 NetMsmqActivator - ok
00:16:38.0398 0x2364 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:16:38.0398 0x2364 NetPipeActivator - ok
00:16:38.0413 0x2364 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
00:16:38.0413 0x2364 netprofm - ok
00:16:38.0429 0x2364 [ D8CAB1807EA429C2C647FBC33C30CC88, 8D7CD300A5345444ED39F7BD81B64DEDC4457AF66B5993E9F6A250AE6AD02130 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
00:16:38.0429 0x2364 NetSetupSvc - ok
00:16:38.0429 0x2364 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:16:38.0429 0x2364 NetTcpActivator - ok
00:16:38.0445 0x2364 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:16:38.0445 0x2364 NetTcpPortSharing - ok
00:16:38.0445 0x2364 [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
00:16:38.0445 0x2364 netvsc - ok
00:16:38.0460 0x2364 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
00:16:38.0460 0x2364 NgcCtnrSvc - ok
00:16:38.0476 0x2364 [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
00:16:38.0476 0x2364 NgcSvc - ok
00:16:38.0491 0x2364 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
00:16:38.0491 0x2364 NlaSvc - ok
00:16:38.0491 0x2364 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:16:38.0491 0x2364 Npfs - ok
00:16:38.0507 0x2364 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
00:16:38.0507 0x2364 npsvctrig - ok
00:16:38.0507 0x2364 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
00:16:38.0507 0x2364 nsi - ok
00:16:38.0507 0x2364 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
00:16:38.0507 0x2364 nsiproxy - ok
00:16:38.0538 0x2364 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
00:16:38.0570 0x2364 NTFS - ok
00:16:38.0570 0x2364 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
00:16:38.0570 0x2364 Null - ok
00:16:38.0585 0x2364 [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
00:16:38.0585 0x2364 NVHDA - ok
00:16:38.0804 0x2364 [ DB3FFDB8FB4D08E834B54B858D50DDBE, 3D6437E72FF96BACE0EC1C19C227800E3A6A89239630D71E1D46E0B3AA6CE40C ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
00:16:38.0960 0x2364 nvlddmkm - ok
00:16:39.0007 0x2364 [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
00:16:39.0023 0x2364 NvNetworkService - ok
00:16:39.0023 0x2364 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
00:16:39.0038 0x2364 nvraid - ok
00:16:39.0038 0x2364 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
00:16:39.0038 0x2364 nvstor - ok
00:16:39.0038 0x2364 [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
00:16:39.0038 0x2364 NvStreamKms - ok
00:16:39.0101 0x2364 [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
00:16:39.0132 0x2364 NvStreamNetworkSvc - ok
00:16:39.0179 0x2364 [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
00:16:39.0210 0x2364 NvStreamSvc - ok
00:16:39.0226 0x2364 [ 403522070F1C1020B9EB862ED989CD87, 01A63D0DA8B47DDE9D2FCF5923529FCA5ABF4154CFFA6D0E10087E3CA5477436 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:16:39.0257 0x2364 nvsvc - ok
00:16:39.0257 0x2364 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
00:16:39.0257 0x2364 nvvad_WaveExtensible - ok
00:16:39.0257 0x2364 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
00:16:39.0274 0x2364 nv_agp - ok
00:16:39.0285 0x2364 [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
00:16:39.0289 0x2364 OneSyncSvc - ok
00:16:39.0320 0x2364 [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
00:16:39.0358 0x2364 Origin Client Service - ok
00:16:39.0358 0x2364 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
00:16:39.0373 0x2364 p2pimsvc - ok
00:16:39.0373 0x2364 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
00:16:39.0389 0x2364 p2psvc - ok
00:16:39.0389 0x2364 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
00:16:39.0389 0x2364 Parport - ok
00:16:39.0389 0x2364 [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
00:16:39.0389 0x2364 partmgr - ok
00:16:39.0404 0x2364 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
00:16:39.0420 0x2364 PcaSvc - ok
00:16:39.0420 0x2364 [ 3F89E96BDA0A24A3D2DBB7CE1E625589, 63AAF83128B8AE279BC37331D2B27133EB9DE9C61392ADF18278A301697D0307 ] pci C:\WINDOWS\system32\drivers\pci.sys
00:16:39.0420 0x2364 pci - ok
00:16:39.0436 0x2364 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
00:16:39.0436 0x2364 pciide - ok
00:16:39.0436 0x2364 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
00:16:39.0436 0x2364 pcmcia - ok
00:16:39.0436 0x2364 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
00:16:39.0436 0x2364 pcw - ok
00:16:39.0451 0x2364 [ 34DDBE73E42A4EDED7BEFF66F270C1A4, 420D6EC5B514423C4583839D4E185F7D71989C7BC8A854B0FCC54EE03A972381 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
00:16:39.0451 0x2364 pdc - ok
00:16:39.0467 0x2364 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
00:16:39.0467 0x2364 PEAUTH - ok
00:16:39.0498 0x2364 [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
00:16:39.0530 0x2364 PeerDistSvc - ok
00:16:39.0530 0x2364 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
00:16:39.0530 0x2364 percsas2i - ok
00:16:39.0530 0x2364 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
00:16:39.0530 0x2364 percsas3i - ok
00:16:39.0545 0x2364 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
00:16:39.0545 0x2364 PerfHost - ok
00:16:39.0576 0x2364 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
00:16:39.0576 0x2364 PhoneSvc - ok
00:16:39.0592 0x2364 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
00:16:39.0592 0x2364 PimIndexMaintenanceSvc - ok
00:16:39.0623 0x2364 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
00:16:39.0639 0x2364 pla - ok
00:16:39.0639 0x2364 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
00:16:39.0639 0x2364 PlugPlay - ok
00:16:39.0639 0x2364 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
00:16:39.0639 0x2364 PNRPAutoReg - ok
00:16:39.0655 0x2364 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
00:16:39.0655 0x2364 PNRPsvc - ok
00:16:39.0670 0x2364 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
00:16:39.0670 0x2364 PolicyAgent - ok
00:16:39.0686 0x2364 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
00:16:39.0686 0x2364 Power - ok
00:16:39.0686 0x2364 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
00:16:39.0686 0x2364 PptpMiniport - ok
00:16:39.0748 0x2364 [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
00:16:39.0780 0x2364 PrintNotify - ok
00:16:39.0780 0x2364 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
00:16:39.0780 0x2364 Processor - ok
00:16:39.0795 0x2364 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
00:16:39.0795 0x2364 ProfSvc - ok
00:16:39.0811 0x2364 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
00:16:39.0811 0x2364 Psched - ok
00:16:39.0811 0x2364 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
00:16:39.0811 0x2364 QWAVE - ok
00:16:39.0826 0x2364 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
00:16:39.0826 0x2364 QWAVEdrv - ok
00:16:39.0826 0x2364 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:16:39.0826 0x2364 RasAcd - ok
00:16:39.0826 0x2364 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
00:16:39.0826 0x2364 RasAgileVpn - ok
00:16:39.0842 0x2364 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:16:39.0842 0x2364 RasAuto - ok
00:16:39.0842 0x2364 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
00:16:39.0842 0x2364 Rasl2tp - ok
00:16:39.0858 0x2364 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:16:39.0873 0x2364 RasMan - ok
00:16:39.0873 0x2364 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
00:16:39.0873 0x2364 RasPppoe - ok
00:16:39.0873 0x2364 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
00:16:39.0873 0x2364 RasSstp - ok
00:16:39.0889 0x2364 [ 1BB74617AE07539EC7C31C93F98644C7, 527F4F7ADA499814A97F68EE449F39D8A897A68B03AA24E2EE39A378D8D1DD27 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:16:39.0889 0x2364 rdbss - ok
00:16:39.0889 0x2364 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
00:16:39.0889 0x2364 rdpbus - ok
00:16:39.0905 0x2364 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
00:16:39.0905 0x2364 RDPDR - ok
00:16:39.0905 0x2364 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
00:16:39.0905 0x2364 RdpVideoMiniport - ok
00:16:39.0920 0x2364 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
00:16:39.0920 0x2364 rdyboost - ok
00:16:39.0936 0x2364 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
00:16:39.0951 0x2364 ReFSv1 - ok
00:16:39.0967 0x2364 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:16:39.0967 0x2364 RemoteAccess - ok
00:16:39.0983 0x2364 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:16:39.0983 0x2364 RemoteRegistry - ok
00:16:39.0998 0x2364 [ C439E5B6E3EB38C9C7611C393348503B, C9E3E3EDB134C2C5A3212CAD372A542DB1658A0263112E66EDF812FAE3F377BF ] RetailDemo C:\WINDOWS\system32\RDXService.dll
00:16:40.0014 0x2364 RetailDemo - ok
00:16:40.0014 0x2364 [ 5DCB6746E9880DED87EC2A239ED64EB4, 45ED65A9C103C07B202BAC6EB66C45F619B84F61C1E38C71CBF4F3C94E67FA3D ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
00:16:40.0014 0x2364 RFCOMM - ok
00:16:40.0030 0x2364 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
00:16:40.0030 0x2364 RpcEptMapper - ok
00:16:40.0030 0x2364 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:16:40.0030 0x2364 RpcLocator - ok
00:16:40.0061 0x2364 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:16:40.0061 0x2364 RpcSs - ok
00:16:40.0076 0x2364 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
00:16:40.0076 0x2364 rspndr - ok
00:16:40.0076 0x2364 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
00:16:40.0076 0x2364 s3cap - ok
00:16:40.0076 0x2364 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
00:16:40.0076 0x2364 SamSs - ok
00:16:40.0092 0x2364 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
00:16:40.0092 0x2364 sbp2port - ok
00:16:40.0092 0x2364 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
00:16:40.0092 0x2364 SCardSvr - ok
00:16:40.0108 0x2364 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
00:16:40.0108 0x2364 ScDeviceEnum - ok
00:16:40.0108 0x2364 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
00:16:40.0108 0x2364 scfilter - ok
00:16:40.0139 0x2364 [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:16:40.0139 0x2364 Schedule - ok
00:16:40.0155 0x2364 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
00:16:40.0155 0x2364 SCPolicySvc - ok
00:16:40.0155 0x2364 [ 1CDA6D0A2345AA589949AE9C83853913, 13E9164485BA7F7DB86CBA905C7F0E009488B03CC4F3F044EA37D04D0FB661C6 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
00:16:40.0170 0x2364 sdbus - ok
00:16:40.0170 0x2364 [ 723C6C3DE056D3EB76F7520BEF5947B4, 49FFDAD56BBD652404A587F282867161BAE6D9E61BC2C819DDC75CE10A8E3C63 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
00:16:40.0170 0x2364 SDRSVC - ok
00:16:40.0201 0x2364 [ 2100C3E7E1D060DE822677DDE41FCCCF, 82F645A981C91ABD237AA8DD730F4490EF566371946E56A498146B7C8FC3C44A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
00:16:40.0233 0x2364 SDScannerService - ok
00:16:40.0233 0x2364 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
00:16:40.0233 0x2364 sdstor - ok
00:16:40.0264 0x2364 [ B89DF0D2410759A6C826C136AEBC2416, 5EF86212BE1E075B2B7E0783FDA6EB2CA6938546145428FC7B39EE9D5817F0B1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
00:16:40.0295 0x2364 SDUpdateService - ok
00:16:40.0295 0x2364 [ 6B4E097AD063AEED188629CB9A542602, 0342CD807ADD430E4EC14308464EB0E1BF74F95AD0D32356210A832E6C3FE6CF ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
00:16:40.0311 0x2364 SDWSCService - ok
00:16:40.0311 0x2364 Secdrv - ok
00:16:40.0311 0x2364 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
00:16:40.0311 0x2364 seclogon - ok
00:16:40.0311 0x2364 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
00:16:40.0311 0x2364 SENS - ok
00:16:40.0342 0x2364 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
00:16:40.0358 0x2364 SensorDataService - ok
00:16:40.0373 0x2364 [ 3A96F324681545F135320A9E91793972, CD588AAF764705CAA8838776D20C88B60B9AC73EC3F4608FFCE63831AA80D3C4 ] SensorService C:\WINDOWS\system32\SensorService.dll
00:16:40.0373 0x2364 SensorService - ok
00:16:40.0373 0x2364 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
00:16:40.0373 0x2364 SensrSvc - ok
00:16:40.0389 0x2364 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
00:16:40.0389 0x2364 SerCx - ok
00:16:40.0389 0x2364 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
00:16:40.0389 0x2364 SerCx2 - ok
00:16:40.0389 0x2364 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
00:16:40.0389 0x2364 Serenum - ok
00:16:40.0405 0x2364 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys
00:16:40.0405 0x2364 Serial - ok
00:16:40.0405 0x2364 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
00:16:40.0405 0x2364 sermouse - ok
00:16:40.0420 0x2364 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
00:16:40.0420 0x2364 SessionEnv - ok
00:16:40.0420 0x2364 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
00:16:40.0420 0x2364 sfloppy - ok
00:16:40.0436 0x2364 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:16:40.0452 0x2364 SharedAccess - ok
00:16:40.0467 0x2364 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:16:40.0467 0x2364 ShellHWDetection - ok
00:16:40.0467 0x2364 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
00:16:40.0467 0x2364 SiSRaid2 - ok
00:16:40.0483 0x2364 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
00:16:40.0483 0x2364 SiSRaid4 - ok
00:16:40.0483 0x2364 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
00:16:40.0483 0x2364 smphost - ok
00:16:40.0498 0x2364 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
00:16:40.0498 0x2364 SmsRouter - ok
00:16:40.0514 0x2364 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
00:16:40.0514 0x2364 SNMPTRAP - ok
00:16:40.0530 0x2364 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
00:16:40.0530 0x2364 spaceport - ok
00:16:40.0530 0x2364 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
00:16:40.0530 0x2364 SpbCx - ok
00:16:40.0545 0x2364 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys
00:16:40.0545 0x2364 speedfan - ok
00:16:40.0561 0x2364 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
00:16:40.0576 0x2364 Spooler - ok
00:16:40.0688 0x2364 [ 49B666BCCF59226549F64656584318EA, D7751FB921CE526322DF8CD95430EEA5337E894CE76E0FAA47827CA3B2C953C5 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
00:16:40.0755 0x2364 sppsvc - ok
00:16:40.0771 0x2364 [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:16:40.0771 0x2364 srv - ok
00:16:40.0786 0x2364 [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
00:16:40.0802 0x2364 srv2 - ok
00:16:40.0802 0x2364 [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
00:16:40.0818 0x2364 srvnet - ok
00:16:40.0818 0x2364 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:16:40.0818 0x2364 SSDPSRV - ok
00:16:40.0833 0x2364 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
00:16:40.0833 0x2364 SstpSvc - ok
00:16:40.0833 0x2364 [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
00:16:40.0833 0x2364 ssudmdm - ok
00:16:40.0849 0x2364 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
00:16:40.0864 0x2364 ss_conn_service - ok
00:16:40.0911 0x2364 [ 99435AD1BC9E7E7CEA528868E5B1F9B2, 66C490EB12BFF8834842D28B1138E69180B972CCFDD3D33263A94A79DED0C6CB ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
00:16:40.0943 0x2364 StateRepository - ok
00:16:40.0974 0x2364 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:16:40.0989 0x2364 Steam Client Service - ok
00:16:41.0005 0x2364 [ 8AD39F3C6C0ACD29D875905C5F20E6DA, 414053EFA8F4730F5ABB25C5ECA10695A04087471754A22F6B25EED9955A3B09 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
00:16:41.0005 0x2364 Stereo Service - ok
00:16:41.0005 0x2364 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
00:16:41.0005 0x2364 stexstor - ok
00:16:41.0021 0x2364 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
00:16:41.0036 0x2364 stisvc - ok
00:16:41.0036 0x2364 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
00:16:41.0036 0x2364 storahci - ok
00:16:41.0036 0x2364 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
00:16:41.0036 0x2364 storflt - ok
00:16:41.0052 0x2364 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
00:16:41.0052 0x2364 stornvme - ok
00:16:41.0052 0x2364 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
00:16:41.0052 0x2364 storqosflt - ok
00:16:41.0068 0x2364 [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
00:16:41.0068 0x2364 StorSvc - ok
00:16:41.0083 0x2364 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
00:16:41.0083 0x2364 storufs - ok
00:16:41.0083 0x2364 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
00:16:41.0083 0x2364 storvsc - ok
00:16:41.0083 0x2364 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
00:16:41.0083 0x2364 svsvc - ok
00:16:41.0083 0x2364 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
00:16:41.0083 0x2364 swenum - ok
00:16:41.0099 0x2364 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
00:16:41.0114 0x2364 swprv - ok
00:16:41.0114 0x2364 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
00:16:41.0114 0x2364 Synth3dVsc - ok
00:16:41.0146 0x2364 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
00:16:41.0161 0x2364 SysMain - ok
00:16:41.0161 0x2364 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
00:16:41.0177 0x2364 SystemEventsBroker - ok
00:16:41.0177 0x2364 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
00:16:41.0177 0x2364 TabletInputService - ok
00:16:41.0193 0x2364 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:16:41.0193 0x2364 TapiSrv - ok
00:16:41.0365 0x2364 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
00:16:41.0396 0x2364 Tcpip - ok
00:16:41.0427 0x2364 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
00:16:41.0458 0x2364 Tcpip6 - ok
00:16:41.0474 0x2364 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
00:16:41.0474 0x2364 tcpipreg - ok
00:16:41.0474 0x2364 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
00:16:41.0474 0x2364 tdx - ok
00:16:41.0474 0x2364 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
00:16:41.0474 0x2364 terminpt - ok
00:16:41.0505 0x2364 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
00:16:41.0505 0x2364 TermService - ok
00:16:41.0521 0x2364 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
00:16:41.0521 0x2364 Themes - ok
00:16:41.0521 0x2364 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
00:16:41.0536 0x2364 TieringEngineService - ok
00:16:41.0536 0x2364 [ EAB476E252CE866727624B5224A054E4, 1F84A1A99FA07AA1A8F4BF2FFD778562AE59612D549C1CC911CEE74CBE71F831 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
00:16:41.0552 0x2364 tiledatamodelsvc - ok
00:16:41.0552 0x2364 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
00:16:41.0552 0x2364 TimeBroker - ok
00:16:41.0568 0x2364 [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
00:16:41.0568 0x2364 TPM - ok
00:16:41.0583 0x2364 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
00:16:41.0583 0x2364 TrkWks - ok
00:16:41.0583 0x2364 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
00:16:41.0583 0x2364 TrustedInstaller - ok
00:16:41.0583 0x2364 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
00:16:41.0583 0x2364 tsusbflt - ok
00:16:41.0599 0x2364 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
00:16:41.0599 0x2364 TsUsbGD - ok
00:16:41.0599 0x2364 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
00:16:41.0599 0x2364 tunnel - ok
00:16:41.0615 0x2364 [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
00:16:41.0615 0x2364 tzautoupdate - ok
00:16:41.0615 0x2364 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
00:16:41.0615 0x2364 uagp35 - ok
00:16:41.0615 0x2364 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
00:16:41.0615 0x2364 UASPStor - ok
00:16:41.0630 0x2364 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
00:16:41.0630 0x2364 UcmCx0101 - ok
00:16:41.0630 0x2364 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
00:16:41.0630 0x2364 UcmUcsi - ok
00:16:41.0630 0x2364 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
00:16:41.0630 0x2364 Ucx01000 - ok
00:16:41.0646 0x2364 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
00:16:41.0646 0x2364 UdeCx - ok
00:16:41.0646 0x2364 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
00:16:41.0646 0x2364 udfs - ok
00:16:41.0661 0x2364 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
00:16:41.0661 0x2364 UEFI - ok
00:16:41.0661 0x2364 [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
00:16:41.0661 0x2364 Ufx01000 - ok
00:16:41.0677 0x2364 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
00:16:41.0677 0x2364 UfxChipidea - ok
00:16:41.0677 0x2364 [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
00:16:41.0677 0x2364 ufxsynopsys - ok
00:16:41.0677 0x2364 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
00:16:41.0693 0x2364 UI0Detect - ok
00:16:41.0693 0x2364 [ 8593690D302AE73AAC8BBA9B19757352, 36F29C32A7E0D8D54533441C840E86C7C407815DD3568C6D44C043939E998FAF ] Uim_DEVIM C:\WINDOWS\system32\DRIVERS\uim_devim.sys
00:16:41.0693 0x2364 Uim_DEVIM - ok
00:16:41.0708 0x2364 [ 889788C1B850D1ED4027B675B9B8E5E2, D8CA795CAFFF803252E1B41D69F9B55C787E2633198BC322E07449408A58B083 ] Uim_IM C:\WINDOWS\system32\DRIVERS\uim_im.sys
00:16:41.0708 0x2364 Uim_IM - ok
00:16:41.0724 0x2364 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
00:16:41.0724 0x2364 uliagpkx - ok
00:16:41.0724 0x2364 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
00:16:41.0724 0x2364 umbus - ok
00:16:41.0724 0x2364 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
00:16:41.0724 0x2364 UmPass - ok
00:16:41.0740 0x2364 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
00:16:41.0740 0x2364 UmRdpService - ok
00:16:41.0755 0x2364 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
00:16:41.0771 0x2364 UnistoreSvc - ok
00:16:41.0786 0x2364 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
00:16:41.0786 0x2364 upnphost - ok
00:16:41.0802 0x2364 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
00:16:41.0802 0x2364 UrsChipidea - ok
00:16:41.0802 0x2364 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
00:16:41.0802 0x2364 UrsCx01000 - ok
00:16:41.0802 0x2364 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
00:16:41.0802 0x2364 UrsSynopsys - ok
00:16:41.0802 0x2364 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
00:16:41.0818 0x2364 usbccgp - ok
00:16:41.0818 0x2364 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
00:16:41.0818 0x2364 usbcir - ok
00:16:41.0818 0x2364 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
00:16:41.0818 0x2364 usbehci - ok
00:16:41.0833 0x2364 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
00:16:41.0833 0x2364 usbhub - ok
00:16:41.0849 0x2364 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
00:16:41.0865 0x2364 USBHUB3 - ok
00:16:41.0865 0x2364 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
00:16:41.0865 0x2364 usbohci - ok
00:16:41.0865 0x2364 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
00:16:41.0865 0x2364 usbprint - ok
00:16:41.0865 0x2364 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
00:16:41.0865 0x2364 usbser - ok
00:16:41.0880 0x2364 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
00:16:41.0880 0x2364 USBSTOR - ok
00:16:41.0880 0x2364 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
00:16:41.0880 0x2364 usbuhci - ok
00:16:41.0896 0x2364 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
00:16:41.0896 0x2364 USBXHCI - ok
00:16:41.0927 0x2364 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
00:16:41.0943 0x2364 UserDataSvc - ok
00:16:41.0958 0x2364 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
00:16:41.0974 0x2364 UserManager - ok
00:16:41.0974 0x2364 [ BF6C588423B2F856015AE8F61D93D01F, D45A3409E4EF026ECF1F8295EF9CFAA4C111776C2BA04171591744CDAB912479 ] UsoSvc C:\WINDOWS\system32\usocore.dll
00:16:41.0990 0x2364 UsoSvc - ok
00:16:41.0990 0x2364 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
00:16:41.0990 0x2364 VaultSvc - ok
00:16:41.0990 0x2364 [ 2CB7AEA800B614184238232FBA4430E1, 18F89E68241BE72A94AB3379141404BBE837FF5B303990DD44CF6238EE153566 ] VClone C:\WINDOWS\System32\drivers\VClone.sys
00:16:41.0990 0x2364 VClone - ok
00:16:42.0005 0x2364 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
00:16:42.0005 0x2364 vdrvroot - ok
00:16:42.0021 0x2364 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
00:16:42.0021 0x2364 vds - ok
00:16:42.0036 0x2364 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
00:16:42.0036 0x2364 VerifierExt - ok
00:16:42.0052 0x2364 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
00:16:42.0052 0x2364 vhdmp - ok
00:16:42.0052 0x2364 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
00:16:42.0052 0x2364 vhf - ok
00:16:42.0068 0x2364 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
00:16:42.0068 0x2364 vmbus - ok
00:16:42.0068 0x2364 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
00:16:42.0068 0x2364 VMBusHID - ok
00:16:42.0083 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
00:16:42.0083 0x2364 vmicguestinterface - ok
00:16:42.0099 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
00:16:42.0099 0x2364 vmicheartbeat - ok
00:16:42.0115 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
00:16:42.0115 0x2364 vmickvpexchange - ok
00:16:42.0130 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
00:16:42.0130 0x2364 vmicrdv - ok
00:16:42.0146 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
00:16:42.0146 0x2364 vmicshutdown - ok
00:16:42.0162 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
00:16:42.0162 0x2364 vmictimesync - ok
00:16:42.0177 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
00:16:42.0177 0x2364 vmicvmsession - ok
00:16:42.0193 0x2364 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
00:16:42.0193 0x2364 vmicvss - ok
00:16:42.0208 0x2364 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
00:16:42.0208 0x2364 volmgr - ok
00:16:42.0208 0x2364 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
00:16:42.0208 0x2364 volmgrx - ok
00:16:42.0224 0x2364 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
00:16:42.0224 0x2364 volsnap - ok
00:16:42.0240 0x2364 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
00:16:42.0240 0x2364 vpci - ok
00:16:42.0240 0x2364 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
00:16:42.0240 0x2364 vsmraid - ok
00:16:42.0271 0x2364 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
00:16:42.0287 0x2364 VSS - ok
00:16:42.0287 0x2364 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
00:16:42.0302 0x2364 VSTXRAID - ok
00:16:42.0302 0x2364 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
00:16:42.0302 0x2364 vwifibus - ok
00:16:42.0302 0x2364 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
00:16:42.0302 0x2364 vwififlt - ok
00:16:42.0318 0x2364 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
00:16:42.0333 0x2364 W32Time - ok
00:16:42.0333 0x2364 [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
00:16:42.0333 0x2364 w3logsvc - ok
00:16:42.0349 0x2364 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
00:16:42.0349 0x2364 W3SVC - ok
00:16:42.0349 0x2364 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
00:16:42.0349 0x2364 WacomPen - ok
00:16:42.0365 0x2364 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
00:16:42.0380 0x2364 WalletService - ok
00:16:42.0380 0x2364 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:16:42.0380 0x2364 wanarp - ok
00:16:42.0380 0x2364 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:16:42.0380 0x2364 wanarpv6 - ok
00:16:42.0396 0x2364 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
00:16:42.0396 0x2364 WAS - ok
00:16:42.0427 0x2364 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
00:16:42.0458 0x2364 wbengine - ok
00:16:42.0458 0x2364 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
00:16:42.0474 0x2364 WbioSrvc - ok
00:16:42.0490 0x2364 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
00:16:42.0490 0x2364 Wcmsvc - ok
00:16:42.0505 0x2364 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
00:16:42.0521 0x2364 wcncsvc - ok
00:16:42.0521 0x2364 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
00:16:42.0521 0x2364 WcsPlugInService - ok
00:16:42.0537 0x2364 [ C1324C0096AB72FA335A60F2212EF729, 287A546CA931491674701A1E0EC650337BCD844674FE2B97DEAA9D5DB102E43A ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
00:16:42.0552 0x2364 WDBackup - ok
00:16:42.0552 0x2364 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
00:16:42.0552 0x2364 WdBoot - ok
00:16:42.0568 0x2364 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
00:16:42.0568 0x2364 WDC_SAM - ok
00:16:42.0568 0x2364 [ A9579584C5111D9AD1DE374DA0C7D3EC, 5ED0DE615F9FF6EB0CE903D60F16502897FAB79C5B006CEF3266DD0A7E5E4E37 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
00:16:42.0568 0x2364 WDDriveService - ok
00:16:42.0583 0x2364 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
00:16:42.0599 0x2364 Wdf01000 - ok
00:16:42.0599 0x2364 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
00:16:42.0615 0x2364 WdFilter - ok
00:16:42.0615 0x2364 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
00:16:42.0615 0x2364 WdiServiceHost - ok
00:16:42.0615 0x2364 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
00:16:42.0615 0x2364 WdiSystemHost - ok
00:16:42.0630 0x2364 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
00:16:42.0646 0x2364 wdiwifi - ok
00:16:42.0646 0x2364 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
00:16:42.0646 0x2364 WdNisDrv - ok
00:16:42.0662 0x2364 WdNisSvc - ok
00:16:42.0662 0x2364 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:16:42.0662 0x2364 WebClient - ok
00:16:42.0677 0x2364 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
00:16:42.0677 0x2364 Wecsvc - ok
00:16:42.0677 0x2364 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
00:16:42.0677 0x2364 WEPHOSTSVC - ok
00:16:42.0693 0x2364 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
00:16:42.0693 0x2364 wercplsupport - ok
00:16:42.0693 0x2364 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
00:16:42.0693 0x2364 WerSvc - ok
00:16:42.0708 0x2364 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
00:16:42.0708 0x2364 WFPLWFS - ok
00:16:42.0708 0x2364 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
00:16:42.0708 0x2364 WiaRpc - ok
00:16:42.0708 0x2364 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
00:16:42.0724 0x2364 WIMMount - ok
00:16:42.0724 0x2364 WinDefend - ok
00:16:42.0724 0x2364 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
00:16:42.0724 0x2364 WindowsTrustedRT - ok
00:16:42.0724 0x2364 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
00:16:42.0724 0x2364 WindowsTrustedRTProxy - ok
00:16:42.0755 0x2364 [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
00:16:42.0755 0x2364 WinHttpAutoProxySvc - ok
00:16:42.0755 0x2364 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
00:16:42.0755 0x2364 WinMad - ok
00:16:42.0771 0x2364 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:16:42.0771 0x2364 Winmgmt - ok
00:16:42.0818 0x2364 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:16:42.0849 0x2364 WinRM - ok
00:16:42.0865 0x2364 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
00:16:42.0865 0x2364 WINUSB - ok
00:16:42.0865 0x2364 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
00:16:42.0865 0x2364 WinVerbs - ok
00:16:42.0912 0x2364 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
00:16:42.0927 0x2364 WlanSvc - ok
00:16:42.0974 0x2364 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
00:16:42.0990 0x2364 wlidsvc - ok
00:16:42.0990 0x2364 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
00:16:43.0005 0x2364 WmiAcpi - ok
00:16:43.0005 0x2364 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
00:16:43.0005 0x2364 wmiApSrv - ok
00:16:43.0005 0x2364 WMPNetworkSvc - ok
00:16:43.0021 0x2364 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
00:16:43.0021 0x2364 Wof - ok
00:16:43.0052 0x2364 [ 3B6CCFF7AD385842A9638DCF654ABCD4, 2E6605E5E1BD214D7F47F30E73481C07AE70CAE3A3B565FA37D1A551A58BFDB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
00:16:43.0068 0x2364 workfolderssvc - ok
00:16:43.0083 0x2364 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
00:16:43.0083 0x2364 wpcfltr - ok
00:16:43.0083 0x2364 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
00:16:43.0083 0x2364 WPDBusEnum - ok
00:16:43.0099 0x2364 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
00:16:43.0099 0x2364 WpdUpFltr - ok
00:16:43.0099 0x2364 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
00:16:43.0099 0x2364 WpnService - ok
00:16:43.0099 0x2364 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:16:43.0099 0x2364 ws2ifsl - ok
00:16:43.0115 0x2364 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll
00:16:43.0115 0x2364 wscsvc - ok
00:16:43.0115 0x2364 WSearch - ok
00:16:43.0162 0x2364 [ 1E099AE79C6D58063E0B4F538732B87F, 0EDA8AA7CA1946DFF651AF6FBCBEBEE904FB269E67F6AB6739247C5242BCDC7E ] WSService C:\WINDOWS\System32\WSService.dll
00:16:43.0208 0x2364 WSService - ok
00:16:43.0240 0x2364 [ BFB3F9076F9B6CBC540012842177DD63, 669C6BE8D7AF18FB8934267E713315F95B17AE6563352745FF594816BB581768 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
00:16:43.0271 0x2364 wuauserv - ok
00:16:43.0271 0x2364 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
00:16:43.0271 0x2364 WudfPf - ok
00:16:43.0287 0x2364 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
00:16:43.0287 0x2364 WUDFRd - ok
00:16:43.0287 0x2364 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
00:16:43.0287 0x2364 wudfsvc - ok
00:16:43.0302 0x2364 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:16:43.0302 0x2364 WUDFWpdFs - ok
00:16:43.0302 0x2364 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:16:43.0302 0x2364 WUDFWpdMtp - ok
00:16:43.0333 0x2364 [ A17D939E89831694963802A729191D1F, 5DE24F3A19BC83589D3FEE19C4E44ED04450AD2F3225745A45BA7B702E7DDFD6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
00:16:43.0349 0x2364 WwanSvc - ok
00:16:43.0365 0x2364 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
00:16:43.0380 0x2364 XblAuthManager - ok
00:16:43.0396 0x2364 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
00:16:43.0412 0x2364 XblGameSave - ok
00:16:43.0427 0x2364 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
00:16:43.0427 0x2364 xboxgip - ok
00:16:43.0443 0x2364 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
00:16:43.0458 0x2364 XboxNetApiSvc - ok
00:16:43.0458 0x2364 [ 7439DCAF71314B1D85E452B3F2E1138A, DAAF67C90C35DC1839CEC6962AD001961EFDE00DDFCDC702882AFA234D71248B ] xhunter1 C:\WINDOWS\xhunter1.sys
00:16:43.0458 0x2364 xhunter1 - ok
00:16:43.0458 0x2364 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
00:16:43.0458 0x2364 xinputhid - ok
00:16:43.0458 0x2364 ================ Scan global ===============================
00:16:43.0474 0x2364 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
00:16:43.0474 0x2364 [ 602060E8FD837EC184B10B32795D62AB, BC15589FF036A2FD2F598BA5D2E3F0D5EF348C73870F5CC763A3A04B8A9166F3 ] C:\WINDOWS\system32\winsrv.dll
00:16:43.0490 0x2364 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
00:16:43.0490 0x2364 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
00:16:43.0505 0x2364 [ Global ] - ok
00:16:43.0505 0x2364 ================ Scan MBR ==================================
00:16:43.0505 0x2364 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
00:16:43.0505 0x2364 \Device\Harddisk0\DR0 - ok
00:16:43.0505 0x2364 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
00:16:43.0505 0x2364 \Device\Harddisk1\DR1 - ok
00:16:43.0521 0x2364 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
00:16:43.0521 0x2364 \Device\Harddisk2\DR2 - ok
00:16:43.0521 0x2364 ================ Scan VBR ==================================
00:16:43.0521 0x2364 [ 678C4EFFF62E3BB051571838897A8089 ] \Device\Harddisk0\DR0\Partition1
00:16:43.0521 0x2364 \Device\Harddisk0\DR0\Partition1 - ok
00:16:43.0521 0x2364 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
00:16:43.0521 0x2364 \Device\Harddisk0\DR0\Partition2 - ok
00:16:43.0521 0x2364 [ 90859FD0BC9825085A2A252A8403F31D ] \Device\Harddisk0\DR0\Partition3
00:16:43.0521 0x2364 \Device\Harddisk0\DR0\Partition3 - ok
00:16:43.0521 0x2364 [ 9718C0290C2A54B140A927EF75CA50BC ] \Device\Harddisk0\DR0\Partition4
00:16:43.0537 0x2364 \Device\Harddisk0\DR0\Partition4 - ok
00:16:43.0537 0x2364 [ 1F3413A0EE43FCB2CAECBD020F70D3C0 ] \Device\Harddisk1\DR1\Partition1
00:16:43.0537 0x2364 \Device\Harddisk1\DR1\Partition1 - ok
00:16:43.0537 0x2364 [ 0400EB9E360F4E73EE5AF9D7F407C4FF ] \Device\Harddisk1\DR1\Partition2
00:16:43.0537 0x2364 \Device\Harddisk1\DR1\Partition2 - ok
00:16:43.0537 0x2364 [ E98C61614179C13B334C11E0A855394B ] \Device\Harddisk2\DR2\Partition1
00:16:43.0537 0x2364 \Device\Harddisk2\DR2\Partition1 - ok
00:16:43.0537 0x2364 ================ Scan generic autorun ======================
00:16:43.0662 0x2364 [ 890C5393F1E7775A38FA73DC554A379E, 16A01ABF2E6C070156E0A92642496F33BE9A5A923B41FD538C532A52B92E74C4 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
00:16:43.0755 0x2364 RTHDVCPL - ok
00:16:43.0755 0x2364 [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
00:16:43.0755 0x2364 Classic Start Menu - ok
00:16:43.0787 0x2364 [ ABE3CD91271DA8A9AFA62B9AF0E18F85, 59FCDEE6A0ECC300646CED15ECC80CEA0DB105C2C6140D8C9D8FAC9C13D92BEB ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
00:16:43.0787 0x2364 avgnt - ok
00:16:43.0787 0x2364 [ 97B71ADAABD4E9468FCFA58E99133C42, 03AFEBBA2257BC9457B7A3976174B1CD329AE84806F794DA1ADF389E3D87F132 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
00:16:43.0787 0x2364 Avira SystrayStartTrigger - ok
00:16:43.0802 0x2364 [ CB46168FFDEA91E2B3435E51BB436558, 848D12E11B79722B07C42D848D831C6B782E1338B8F844924CB8938FE11F379D ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
00:16:43.0802 0x2364 USB3MON - ok
00:16:43.0880 0x2364 [ 51A27200FDE64CB50C24BA53025EC344, 3D09E71953FAC133B1EFA1E103CD5B2DB4912474D19E8467EF379999206E913B ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
00:16:43.0943 0x2364 WD Quick View - ok
00:16:44.0021 0x2364 [ B58A7B5DB3944C25E3C1B9683647ACE7, 9F21A25D70F1DEDC93A039C30D22172FE85FE0CFB344BD053C127B1A2F6EB7DB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
00:16:44.0052 0x2364 SDTray - ok
00:16:44.0084 0x2364 [ E93FDA336764BBE2CB05C924AEF834B4, 2FE1443ED25708760CCB405AEFA26A4B0EE62CE20576AD31D8E4D2F4EDB13E92 ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
00:16:44.0115 0x2364 DriveUtilitiesHelper - ok
00:16:44.0115 0x2364 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
00:16:44.0115 0x2364 VirtualCloneDrive - ok
00:16:44.0130 0x2364 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:16:44.0130 0x2364 SunJavaUpdateSched - ok
00:16:44.0146 0x2364 Dropbox - ok
00:16:44.0271 0x2364 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
00:16:44.0365 0x2364 OneDriveSetup - ok
00:16:44.0474 0x2364 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
00:16:44.0552 0x2364 OneDriveSetup - ok
00:16:44.0584 0x2364 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
00:16:44.0584 0x2364 SpybotPostWindows10UpgradeReInstall - ok
00:16:44.0631 0x2364 [ AA7DDCE2175C6D58E83966DEF236F732, 2EA65CDD5096A0A88FAB788CEE29A6B0161856061C9C625D27A58BA987E1E38E ] D:\Games\World_of_Tanks\WargamingGameUpdater.exe
00:16:44.0662 0x2364 World of Tanks - ok
00:16:44.0677 0x2364 Waiting for KSN requests completion. In queue: 224
00:16:45.0709 0x2364 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.19.163 ), 0x41000 ( enabled : updated )
00:16:45.0709 0x2364 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
00:16:45.0724 0x2364 Win FW state via NFP2: enabled ( trusted )
00:16:45.0818 0x2364 ============================================================
00:16:45.0818 0x2364 Scan finished
00:16:45.0818 0x2364 ============================================================
00:16:45.0834 0x0f6c Detected object count: 0
00:16:45.0834 0x0f6c Actual detected object count: 0
00:16:48.0459 0x1adc Deinitialize success
|
|
03.09.2016, 16:13
| #5 | |
| /// TB-Ausbilder | Neuer Computer Servus, bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. FRST nochmal vom Desktop:
|
|
03.09.2016, 22:48
| #6 |
| | Neuer Computer Okay. Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von jillsy (03-09-2016 23:46:45)
Gestartet von C:\Users\jillsy\Desktop
Windows 10 Pro Version 1511 (X64) (2016-07-09 11:31:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-312126271-3749253831-833728702-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-312126271-3749253831-833728702-503 - Limited - Disabled)
Gast (S-1-5-21-312126271-3749253831-833728702-501 - Limited - Disabled)
jillsy (S-1-5-21-312126271-3749253831-833728702-1000 - Administrator - Enabled) => C:\Users\jillsy
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1914 - Die Schalen des Zorns (HKLM-x32\...\{404E1E52-9302-45D2-B4F8-50D2251C391E}) (Version: 1.00.0000 - Rondomedia)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{5D6CB70E-6FA7-4E5E-8A12-06612313E671}) (Version: 18.0.0 - Helmut Buhler)
Act of Aggression (HKLM-x32\...\Steam App 318020) (Version: - Eugen Systems)
Act of War: Direct Action (HKLM-x32\...\Steam App 2710) (Version: - Eugen Systems)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.1 - Daum Games EU)
C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version: - )
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{B9A7CCBE-48F7-4B3E-BD20-76ADDD4DC69F}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{78F60BDD-1923-4CF7-B6BD-087D06D7B5BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
Diablo (HKLM-x32\...\Diablo) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.45.1 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lazarus 1.6 (HKLM\...\lazarus_is1) (Version: 1.6 - Lazarus Team)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
MIDEAST CRISIS 2 version R2 (HKLM-x32\...\{A81B2C6E-A802-4818-990F-7F79406137DD}_is1) (Version: R2 - ISOTX)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
SleepTimer Ultimate 1.3 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Tropico 4 (HKLM\...\Steam App 57690) (Version: - Haemimont Games)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4D0776BB-71B7-49A2-A439-24791A4620E1}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{37BF2365-3EC7-45E4-9D88-61489F932A0B}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\so_activex_x64.dll ()
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\jillsy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {064AC6C9-67BD-45C6-8F39-56CA7AF82686} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {174D5D9D-46E8-4235-ACFA-EA9BF9EB9A3E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {20B94A30-CBD8-46B9-9595-670264DC5376} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {21F9C832-E96E-4600-B8F4-3D606AA21B23} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2D28D19F-B6CA-4587-84D9-E8CF7F67CF23} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {323A0982-F7B3-4197-9123-9FA232AC52C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {358BFA47-7A2C-40A4-8ADA-7A3D8D3F5925} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-05] (Dropbox, Inc.)
Task: {3CFCCA2B-94C2-4EA2-A3FD-E1D2EDAEFEB3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E07DE44-1508-4D69-AA14-850CE8DD3B39} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {3E1A6103-6074-4ECF-AE3A-9399908A2598} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4BD801F1-98F1-499C-8C67-EA9CFDA2F1B0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4C12F624-CD6E-4200-89AA-B50F98AFB759} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {56827C03-33B0-4ECA-BFF9-3CAFF8E92B29} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {5D2082D5-0538-4F93-AFB4-B7660BFCAE9B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5DABAA15-4C26-40D9-B303-9E674AA14BF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5F596DF6-0231-4F8E-955D-FD09C9032B51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {66FE4EE1-5180-4799-9F89-488E7FAE9085} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6D960A5E-88D4-457B-AB9D-F4507C6519F6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {709B1D72-55DC-4552-B423-871876EE9251} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-05] (Dropbox, Inc.)
Task: {70FF3EDA-2B7D-4FA2-B8C8-F3B1828A9DA9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {7633CC86-516D-45AE-A048-642AFE90EEF8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7A4D0F93-1C14-4DE6-B771-00C1D94E4F33} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7BE17038-C26F-47A3-854B-19798E95BAE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {7BF99AB2-3C95-4B63-A2E4-ADE6F5A0A0D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {832E8ED5-2F46-4C09-93C4-63E2B430C78E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8D024F7D-7620-4409-A17D-2940589DF870} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8D675281-6933-4CBC-88DF-AD617BECBB41} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9509CFC8-3697-4CF9-BC32-88B5C7954BEA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A1BE34D3-5264-4F1C-B4D1-314EBA0E9F98} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AA064424-4059-4080-90CE-2E23DA7ED549} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {ADB41004-8919-4A4B-A3DF-07B78E7A5102} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C0ACA51C-420B-4089-8AA3-332596AE6C15} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {CC1A6232-8A8C-40BE-849B-8E4635166083} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {DE47A6B6-E261-4533-B262-36F02C1D9FEC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E3ADED06-FA5B-41AF-8BC5-29E14A99FCE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E7D9221A-C774-4C26-990A-6400154BC98C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E8F30760-71B7-4C4E-B656-53117BCBB20A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EC4DABE1-AD8A-4E68-A8B6-A8E839D43998} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {F0972386-6C09-4F9C-8989-B2031F96C713} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {F36B1155-DB86-470D-8C4A-C8EBC83DADF5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F3C0F9DE-EBDE-4395-861D-94D7064A15FF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F42AE2B5-B8DF-4F89-8C77-E9A2784B8CAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F8DE3D6C-6F43-4131-A1B1-4F3CCA45ABC1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-02-19 18:33 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-02-19 18:33 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-04 17:50 - 2016-08-25 23:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-15 16:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-15 16:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-09 14:13 - 2016-07-09 14:13 - 00959168 _____ () C:\Users\jillsy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-27 07:17 - 2016-04-27 07:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-15 16:58 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-15 16:58 - 2016-07-01 05:49 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-07-15 16:58 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-15 16:58 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-15 16:58 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-15 16:58 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00012520 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00015080 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00014056 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-10-22 13:22 - 2016-07-22 19:16 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-10-22 13:21 - 2016-07-22 19:16 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-10-22 13:21 - 2016-07-22 19:16 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-10-22 13:22 - 2016-07-22 19:16 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-22 13:22 - 2016-07-22 19:16 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-04-20 20:27 - 2016-04-20 20:27 - 00068096 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe
2016-07-09 14:13 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-09 14:13 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-09 14:13 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-09 14:13 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-20 01:20 - 2016-02-20 01:20 - 00884736 _____ () D:\Program Files (x86)\Black Desert Online\bin64\host\libglesv2.dll
2016-02-20 01:20 - 2016-02-20 01:20 - 00104448 _____ () D:\Program Files (x86)\Black Desert Online\bin64\host\libegl.dll
2016-02-20 01:20 - 2016-02-20 01:20 - 00862208 _____ () D:\Program Files (x86)\Black Desert Online\bin64\host\ffmpegsumo.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7915 mehr Seiten.
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7915 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-08-12 10:10 - 00453382 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15555 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-312126271-3749253831-833728702-1000\Control Panel\Desktop\\Wallpaper -> d:\bilder\sowjetischeplakate\schwert1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: WarThunderLauncher => D:\WarThunder\launcher.exe
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\StartupApproved\Run: => "World of Tanks"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{AACDF63B-D40D-4F0A-8636-48873F6B0421}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8FABF8CE-37D1-4DBF-9F81-43800E786FA0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5E1C8A5E-45B1-458D-9909-4CD746544EDF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{962782A3-FA60-449A-AE9D-15CEF816D86E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{67748C26-4A6E-4FC3-8C40-9893A6A552B8}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{6A1E02F5-FADC-49B4-A238-98E04AC647B3}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C61EDE1A-91E9-4714-A1DE-E87E14210CC7}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{7F09FEC4-37E5-45E9-8F67-7A7A38E54001}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{AFDC21FB-1BC9-447D-B65A-7CC415D692DF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{35B5AA27-E645-4E1A-81C9-06D72588B47A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{FF590341-91BE-4757-8E52-CEAB1193D036}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{7618482C-B2B6-4A82-9AC7-8B8077163684}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{5511882F-C769-410D-B0E0-2B7ABD27C747}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{94F1E3C1-914F-4F92-97CE-2C77B43921F5}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{DB6BEFB9-A767-43C3-AB6C-5783FC1FF955}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [{3E77EE4E-6E5A-4ADC-AB69-64610006BD7B}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [UDP Query User{6D063738-BD5B-4FAD-A290-FA02AEFEC190}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [TCP Query User{1D3D431C-B549-49AE-991A-532D780F1DE9}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{9209E8EA-2BB9-4D82-BF75-0E0A1A2D533A}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{205F8B49-8A93-4F18-AAF9-4F4B6953544A}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{E0A403D2-090C-465A-9F6C-95A24B29560E}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{E3690EB0-5D6E-4A4E-AD86-099822FE738D}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{8AE1BB22-242C-4C02-9CF7-818228182564}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{37C1C86D-7AAD-4F76-B47D-AF8680E618A6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{D6BC6C3A-0D64-4D73-9966-E78FFA096493}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{5CC528AD-E341-4591-97A4-1CCDF88E79DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{52995D18-FCCA-45B0-A5E6-36BBFD1EF3B1}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{883599A2-5B54-4042-AAF2-B2170841FF29}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [UDP Query User{03FE5F30-F354-45EA-A15E-BA33C32130CB}D:\programme\diablo iii\diablo iii.exe] => (Allow) D:\programme\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6F6B4E3C-9384-4E6C-948D-4FCE09A156B2}D:\programme\diablo iii\diablo iii.exe] => (Allow) D:\programme\diablo iii\diablo iii.exe
FirewallRules: [{DEBCCFD7-DB82-4ACA-B427-D8CA91A76E0E}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{97FB9579-476D-46EB-BE3F-F71CE81BED77}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{1531CF88-EF03-4DAC-93D4-BE3CDE102383}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{00E6566D-1B9A-49FD-A3AB-CFA4F0B26260}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{8FF2DC62-6AD7-4D45-A117-F7ABA70A6A31}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{F49A8781-0C66-4911-93B7-868E331F8521}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{5F3D7D78-B75B-4171-8249-DBB80350C164}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{8A6B5A0F-72DA-4280-B78C-C60E3E556C04}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [UDP Query User{461B8AB0-44F0-45DF-A8EA-A8DCBCE1BF5B}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{00BA6E45-4791-4434-9A56-00786B6E0A50}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [{D7CBB0F1-EEA4-4AAA-BB4B-0DFA89C50840}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{73F893B3-6B56-4FED-8EAD-EB81940F9DF2}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{F3C02990-B2F6-42C6-BEF0-3F242DA35AA0}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{93E5F605-849D-4190-B392-0BEB00367C48}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{B0ABB26D-C703-47A8-8467-598DC165C564}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{5575D054-B00A-4130-B647-521F19905DE0}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [UDP Query User{DFEAFEF5-D247-4A92-908C-04001182C60C}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [TCP Query User{C769BDA3-2F5C-487D-BC53-4B2CFC7D81DC}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [{13893BF9-AB9F-40B0-B94B-82B2FAEF3C0A}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{0F1CC654-D2DE-4750-BFB8-AA306364FD19}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{516B9B6F-467F-4815-8FDF-58CDE0C2DDBB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{44B95D1A-9549-4B1F-B9F0-12EB362E10AA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3D7F2E91-1A99-40BB-8649-8B65C9954F55}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E23B3EAF-1123-45F5-ABEB-BE995AC21B49}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{58804AD4-FF69-485F-BF54-37BA48ADAF64}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD339C48-6AD6-4936-8B9D-946617204F43}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC2BC506-0032-4DCF-A9CC-2BD0414D1FD7}] => (Allow) LPort=8090
FirewallRules: [{8BC0BC66-AB15-4EA7-80FC-3F19CB553C93}] => (Allow) LPort=20443
FirewallRules: [{12C5B701-858F-447A-81E4-50EE710103E7}] => (Allow) LPort=33333
FirewallRules: [{8A7EF1FE-6A3A-48CC-9575-2C17170243C2}] => (Allow) LPort=6881
FirewallRules: [{85C629FC-42ED-4FC8-8C0F-58B5DB4679AB}] => (Allow) LPort=27022
FirewallRules: [{3339D352-EE52-4CB0-B6FF-AC843F8F03D7}] => (Allow) LPort=7853
FirewallRules: [{313C2E5B-3123-4164-B0CA-2DB138FCFC18}] => (Allow) LPort=7852
FirewallRules: [{C5562991-4E7B-4794-A169-A6CDFB4D9009}] => (Allow) LPort=7850
FirewallRules: [{EA8A0011-D4B1-44D7-9774-E865CAA4182D}] => (Allow) LPort=3478
FirewallRules: [{4E709B90-BD51-4EC4-B9CD-27FDD2A8730D}] => (Allow) LPort=20010
FirewallRules: [{8FE73A51-32F4-4CB7-8BF9-3A38A0BF83C4}] => (Allow) LPort=443
FirewallRules: [{EB3C80FC-F699-4660-BBF5-353BEBACB66C}] => (Allow) LPort=80
FirewallRules: [{954A91D5-8BC7-421D-AFA5-8C6546148A4C}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{F9510989-4D5B-4E83-B0A4-59437614C826}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{29B225A6-2A86-4248-A8E9-B29E93D042F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF17ADBD-2C18-4BD4-BE43-7C8E7E285D7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B66ED9E6-2BBA-4DEC-B105-5D023054EB06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0757FC4A-726E-4720-B231-F0A0779D5E1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59997915-8434-4E1E-9291-EEFED046D99A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4DA1FB18-3A1D-42ED-AE9E-792CD16211E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{68FB3B1F-1C5D-4106-BDC5-E7D4BDDAF137}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E63005B9-E27E-4E79-A3C9-8E78D6268DB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3ADCC28E-F23B-46D8-929B-CDEB7F6B1438}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{25F1A8AD-FD4E-4864-8779-C6D0C0F7FA6D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CDE65032-D32A-454F-9E27-645F154445C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{0F9323FB-F690-4CA9-B489-46E14BE83130}D:\programme\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) D:\programme\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{5244EB6E-FC50-4F96-9E0C-4C3FC6D3049D}D:\programme\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) D:\programme\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{CAC8D796-AAC4-4062-8D33-8F3874D2A0DF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
22-08-2016 17:14:23 22.August2016 Alees GUT
31-08-2016 00:28:07 30.aug, vor nvidia
31-08-2016 19:06:05 Sysinternals 1.6.12
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/03/2016 07:25:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/03/2016 04:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x21f0
Startzeit der fehlerhaften Anwendung: 0x01d205f1778964ca
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 289e6b0b-e3a2-422a-a888-47e1daf9bb75
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/02/2016 07:17:01 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/02/2016 06:31:41 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/01/2016 07:07:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (08/31/2016 07:06:16 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (08/31/2016 07:06:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (08/31/2016 07:06:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/31/2016 07:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x1d28
Startzeit der fehlerhaften Anwendung: 0x01d203a938d5f644
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: f9d087a0-31a0-4e34-b80e-237c120d0e78
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/31/2016 07:00:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x828
Startzeit der fehlerhaften Anwendung: 0x01d203a8b553cff0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 64e3dcc9-58bf-4d4b-ae8e-2a86ab83800f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/03/2016 07:51:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3e246" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/03/2016 07:51:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3e246" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/03/2016 07:51:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3e246" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/03/2016 07:51:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3e246" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/03/2016 04:46:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WD Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/03/2016 04:40:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (09/03/2016 04:40:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.09.2016 um 00:25:10 unerwartet heruntergefahren.
Error: (09/03/2016 04:40:31 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (09/03/2016 04:40:31 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841173440
Error: (09/03/2016 12:33:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_49db2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-09-01 22:34:33.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-10 18:52:34.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 10:21:08.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-23 13:57:05.075
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 02:30:07.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 01:18:12.273
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 16:42:32.027
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 16:35:22.941
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 13:23:16.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 13:19:07.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 16333.74 MB
Verfügbarer physikalischer RAM: 10086.83 MB
Summe virtueller Speicher: 32717.74 MB
Verfügbarer virtueller Speicher: 24977.15 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:446.47 GB) (Free:339.35 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1302.35 GB) (Free:979.96 GB) NTFS
Drive e: (My Book) (Fixed) (Total:1862.98 GB) (Free:378.93 GB) NTFS
Drive h: (Sicherung) (Fixed) (Total:560.66 GB) (Free:155.32 GB) NTFS
Drive k: () (Fixed) (Total:31.98 GB) (Free:1.3 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 9371220B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 0070A509)
Partition 1: (Not Active) - (Size=32 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
03.09.2016, 22:48
| #7 |
| | Neuer Computer FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von jillsy (Administrator) auf JILLSY-PC (03-09-2016 23:46:21)
Gestartet von C:\Users\jillsy\Desktop
Geladene Profile: jillsy (Verfügbare Profile: jillsy)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\WINDOWS\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe
() D:\Program Files (x86)\Black Desert Online\bin64\BlackDesert64.exe
(Wellbia.com Co., Ltd.) D:\Program Files (x86)\Black Desert Online\bin64\xc\na\2\xcoronahost.xem
(Wellbia.com) D:\Program Files (x86)\Black Desert Online\bin64\xc\na\2\xxd-0.xem
(Coherent Labs) D:\Program Files (x86)\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Coherent Labs) D:\Program Files (x86)\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Coherent Labs) D:\Program Files (x86)\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831576 2016-08-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar583.lnk [2016-09-03]
ShortcutTarget: Sidebar583.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a1ec324e-2cbf-4f68-8d61-6dac07f260ab}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{cbc7d4b6-90ee-4a2d-a356-043bc244d4d6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Extension: (Show MyIP) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-04-29]
FF Extension: (Download Statusbar Fixed) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-04-29]
FF Extension: (PDF Download) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-29]
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\artur.dubovoy@gmail.com [2016-07-31]
FF Extension: (Show my Password) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2016-07-31]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-08-24]
FF Extension: (NoScript) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-31]
FF Extension: (Avira Browser Safety) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\abs@avira.com [2016-07-15]
FF Extension: (Language Pack Install Helper) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\jid0-3qAYz7se7F3gEIA63LjbuEaPEDk@jetpack.xpi [2016-02-06]
FF Extension: (YouR IP) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2016-04-27]
FF Extension: (Personas Plus) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\personas@christopher.beard.xpi [2016-07-31]
FF Extension: (Download Status Bar) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-08-17]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-03-25]
FF Extension: (Video DownloadHelper) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-03]
FF Extension: (Adblock Plus) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [988184 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-05] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-03] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-07-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-07-09] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [27440 2016-07-17] () [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-08-26] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-09-03] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-03 23:46 - 2016-09-03 23:46 - 00022625 _____ C:\Users\jillsy\Desktop\FRST.txt
2016-09-03 16:49 - 2016-09-03 16:51 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2016-09-03 00:10 - 2016-09-03 23:46 - 00000000 ____D C:\FRST
2016-09-03 00:10 - 2016-09-03 00:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\jillsy\Desktop\tdsskiller.exe
2016-09-03 00:09 - 2016-09-03 00:10 - 02397696 _____ (Farbar) C:\Users\jillsy\Desktop\FRST64.exe
2016-09-02 23:36 - 2016-09-02 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-31 19:26 - 2016-08-31 19:26 - 00000000 ____D C:\Users\jillsy\Documents\Diverses
2016-08-31 19:06 - 2016-08-31 19:06 - 00000000 ____D C:\Program Files\ProcessExplorer
2016-08-31 00:30 - 2016-08-25 22:53 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-31 00:29 - 2016-08-26 01:27 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 35180992 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 34842680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 28238904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 20220928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10865888 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10746896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10288040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 09094048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 08875408 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 08687888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 02912192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 02549184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437270.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01586560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437270.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01020472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00958008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00894520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00802584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00801744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00686712 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00616648 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00576168 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00573424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00471608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00439352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-27 02:48 - 2016-08-27 02:54 - 371289601 _____ C:\Users\jillsy\Desktop\U-571.mp4
2016-08-27 02:45 - 2016-08-27 02:45 - 426863515 _____ C:\Users\jillsy\Desktop\Kesselschlacht in der Normandie (Action, Kriegsfilm, ganzer Spielfilm) Kriegsfilme deutsch.mp4
2016-08-26 23:15 - 2016-08-29 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-24 19:48 - 2016-09-03 13:47 - 00123198 _____ C:\Users\jillsy\Desktop\PDF1442775_20160805214545.pdf
2016-08-22 16:57 - 2016-08-22 16:57 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\NVIDIA
2016-08-18 19:07 - 2016-08-18 19:07 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2016-08-18 19:07 - 2016-08-18 19:07 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2016-08-17 11:40 - 2016-08-11 16:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 11:40 - 2016-08-11 16:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-16 19:17 - 2016-08-16 19:19 - 658247680 _____ C:\Users\jillsy\Desktop\rescue-system.iso
2016-08-13 22:27 - 2016-08-13 22:28 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-13 22:12 - 2016-08-13 22:12 - 00002321 _____ C:\Users\Public\Desktop\MIDEAST CRISIS 2.lnk
2016-08-13 22:12 - 2016-08-13 22:12 - 00000000 ____D C:\Users\jillsy\Documents\Command & Conquer 3 Tiberium Wars
2016-08-13 22:09 - 2016-08-27 21:52 - 14216760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-13 22:09 - 2016-08-26 01:27 - 23715064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 14477600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 03906992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 03448808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-13 22:00 - 2016-08-13 22:00 - 00000000 ___HD C:\$SysReset
2016-08-13 16:16 - 2016-08-13 16:16 - 00000129 _____ C:\Users\jillsy\Documents\Explorer Settings.xml
2016-08-13 16:04 - 2016-08-13 23:04 - 00000000 ____D C:\Users\jillsy\Desktop\Vorher_Nachher
2016-08-12 21:09 - 2016-08-12 21:09 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2016-08-12 19:28 - 2016-08-13 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus
2016-08-12 19:28 - 2016-08-12 19:28 - 00001541 _____ C:\Users\jillsy\Desktop\Lazarus.lnk
2016-08-12 15:26 - 2016-08-12 15:26 - 00001071 _____ C:\Users\jillsy\Desktop\Black Desert ScreenShot.lnk
2016-08-12 10:10 - 2016-07-28 19:55 - 00453334 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160812-101000.backup
2016-08-10 09:52 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 09:52 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 09:52 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 09:52 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 09:52 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 09:52 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 09:52 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 09:52 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 09:52 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 09:52 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 09:52 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 09:52 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 09:52 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 09:52 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 09:52 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-10 09:52 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-10 09:52 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-10 09:52 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 09:52 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 09:52 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 09:52 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 09:52 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 09:52 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 09:52 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 09:52 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 09:52 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 09:52 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 09:52 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 09:52 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 09:52 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-10 09:52 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-10 09:52 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 09:52 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 09:52 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 09:52 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 09:52 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 09:52 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 09:52 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 09:52 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 09:52 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 09:52 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 09:52 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 09:52 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 09:52 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 09:52 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 09:52 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 09:52 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 09:52 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 09:52 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 09:52 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 09:52 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 09:52 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 09:52 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 09:52 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 09:52 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 09:52 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 09:52 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 09:51 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 09:51 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 09:51 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 09:51 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 09:51 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 09:51 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 09:51 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 09:51 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 09:51 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 09:51 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 09:51 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 09:51 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 09:51 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 09:51 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 09:51 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 09:51 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 09:51 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 09:51 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 09:51 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 09:51 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 09:51 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 09:51 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 09:51 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 09:51 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 09:51 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 09:51 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 09:51 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 09:51 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 09:51 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 09:51 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 09:51 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 09:51 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 09:51 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 09:51 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 09:51 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 09:51 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 09:51 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 09:51 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 09:51 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 09:51 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 09:51 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 09:51 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 09:51 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 09:51 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 09:51 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 09:51 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 09:51 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 09:51 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 09:51 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 09:51 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 09:51 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 09:51 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 09:51 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 09:51 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 09:51 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 09:51 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 09:51 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 09:51 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 09:51 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 09:51 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 09:51 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 09:51 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-07 00:32 - 2016-08-07 00:32 - 00000012 _____ C:\Users\jillsy\AppData\Roaming\Network Meter_Usage.ini
2016-08-07 00:31 - 2016-08-07 00:31 - 00000041 _____ C:\Users\jillsy\IP_Log_Data.js
2016-08-05 21:13 - 2016-08-12 19:28 - 00000000 ____D C:\lazarus
2016-08-05 15:31 - 2016-08-13 09:45 - 00000000 ___RD C:\Users\jillsy\Dropbox
2016-08-05 15:29 - 2016-09-03 23:34 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-05 15:29 - 2016-09-03 21:39 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-05 15:29 - 2016-09-02 23:36 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-05 15:29 - 2016-08-05 15:32 - 00000000 ____D C:\Users\jillsy\AppData\Local\Dropbox
2016-08-05 15:29 - 2016-08-05 15:29 - 00004294 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-08-05 15:29 - 2016-08-05 15:29 - 00004062 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-08-05 15:29 - 2016-08-05 15:29 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Dropbox
2016-08-05 15:29 - 2016-08-05 15:29 - 00000000 ____D C:\ProgramData\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-03 23:44 - 2016-07-09 13:42 - 00000000 ____D C:\Users\jillsy\AppData\Local\ClassicShell
2016-09-03 23:18 - 2016-03-04 18:14 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\TS3Client
2016-09-03 23:16 - 2016-07-10 10:14 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F56EFC66-D523-4890-B05C-CF307D1A9C50}
2016-09-03 21:49 - 2016-07-09 22:04 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-09-03 21:48 - 2016-02-28 14:28 - 00000000 ____D C:\Users\jillsy\AppData\Local\BlackDesertOnline
2016-09-03 16:49 - 2016-07-09 13:20 - 02086308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-03 16:49 - 2016-04-27 07:13 - 00888192 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-03 16:49 - 2016-04-27 07:13 - 00197276 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-03 16:49 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-03 16:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-03 16:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-03 16:40 - 2016-04-27 07:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-03 16:40 - 2016-03-04 17:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-01 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 19:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 19:09 - 2016-07-15 19:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-31 18:58 - 2016-07-09 18:34 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-08-31 18:57 - 2016-03-27 03:55 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\WiseUpdate
2016-08-31 01:03 - 2016-02-06 19:08 - 00000000 ____D C:\Users\jillsy\AppData\Local\Battle.net
2016-08-31 00:31 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-31 00:30 - 2016-03-11 17:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 00:30 - 2016-02-14 14:56 - 00000000 ____D C:\temp
2016-08-31 00:30 - 2016-02-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-31 00:30 - 2016-02-06 17:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 19:08 - 2016-02-09 21:04 - 00000000 ____D C:\Users\jillsy\AppData\Local\ElevatedDiagnostics
2016-08-29 17:15 - 2016-02-07 05:31 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Everything
2016-08-29 17:15 - 2016-02-06 19:54 - 00000000 ____D C:\ProgramData\Origin
2016-08-29 15:32 - 2016-02-06 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 23:47 - 2016-04-04 23:18 - 00000000 ____D C:\Users\jillsy\Desktop\Zwischen Speicher TV
2016-08-28 01:06 - 2016-02-13 02:08 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-26 01:27 - 2015-07-23 04:02 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-25 23:12 - 2016-03-04 17:50 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 02475064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 01362368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-25 23:12 - 2016-03-04 17:50 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-25 04:42 - 2016-02-06 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-23 22:01 - 2016-07-09 13:20 - 00000000 ____D C:\Users\jillsy
2016-08-22 17:17 - 2016-03-04 17:50 - 07320235 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-22 11:17 - 2016-07-09 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2016-08-22 11:16 - 2015-10-30 09:24 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2016-08-14 23:47 - 2016-02-20 13:14 - 00000000 ____D C:\Users\jillsy\Documents\Black Desert
2016-08-13 23:02 - 2016-08-01 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-08-13 23:02 - 2016-07-16 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SleepTimer Ultimate
2016-08-13 23:02 - 2016-07-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2016-08-13 23:02 - 2016-07-15 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-08-13 23:02 - 2016-07-09 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-13 23:02 - 2016-07-09 13:31 - 00000000 ____D C:\Users\jillsy\AppData\Local\TileDataLayer
2016-08-13 23:02 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-13 23:02 - 2016-04-27 07:13 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-08-13 23:02 - 2016-04-09 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor Pacific Assault™
2016-08-13 23:02 - 2016-03-19 01:08 - 00000000 ___SD C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-08-13 23:02 - 2016-03-05 23:19 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 23:02 - 2016-03-04 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-08-13 23:02 - 2016-03-04 18:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
2016-08-13 23:02 - 2016-02-20 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2016-08-13 23:02 - 2016-02-14 16:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-13 23:02 - 2016-02-13 02:08 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-08-13 23:02 - 2016-02-09 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-13 23:02 - 2016-02-09 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-13 23:02 - 2016-02-08 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Chat
2016-08-13 23:02 - 2016-02-08 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-08-13 23:02 - 2016-02-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2016-08-13 23:02 - 2016-02-07 05:31 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-08-13 23:02 - 2016-02-07 05:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2016-08-13 23:02 - 2016-02-07 05:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-08-13 23:02 - 2016-02-07 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-08-13 23:02 - 2016-02-07 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-08-13 23:02 - 2016-02-06 20:20 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-13 23:02 - 2016-02-06 20:20 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-13 23:02 - 2016-02-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2016-08-13 23:02 - 2016-02-06 19:48 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-13 23:02 - 2016-02-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-13 23:02 - 2016-02-06 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-13 23:02 - 2016-02-06 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-08-13 23:02 - 2016-02-06 19:04 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-08-13 23:02 - 2016-02-06 17:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-13 23:02 - 2016-02-06 17:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-13 23:02 - 2016-02-06 17:47 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Program Files\Windows Sidebar
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-13 23:02 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-13 23:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 22:28 - 2016-07-09 14:18 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-13 22:12 - 2016-07-16 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIDEAST CRISIS 2
2016-08-13 16:31 - 2016-02-06 19:16 - 00000000 ____D C:\Users\jillsy\Documents\StarCraft II
2016-08-12 23:19 - 2016-02-07 04:03 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2016-08-12 22:31 - 2016-03-20 16:14 - 00000000 ____D C:\Users\jillsy\AppData\Local\lazarus
2016-08-12 22:08 - 2016-07-09 13:32 - 00002386 _____ C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-12 22:08 - 2016-07-09 13:32 - 00000000 ___RD C:\Users\jillsy\OneDrive
2016-08-12 22:06 - 2016-07-09 11:19 - 00000000 ___HD C:\$GetCurrent
2016-08-12 22:06 - 2016-07-09 11:19 - 00000000 ____D C:\Windows10Upgrade
2016-08-12 22:03 - 2016-07-09 13:24 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-12 21:41 - 2016-02-10 12:49 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-08-12 21:41 - 2016-02-10 12:49 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-12 21:40 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-12 21:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-08-12 21:32 - 2016-07-09 11:33 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-12 12:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 16:33 - 2016-07-08 16:34 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 16:33 - 2016-07-08 16:34 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-10 18:51 - 2016-04-27 07:34 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 18:51 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 18:44 - 2016-02-06 20:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 18:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 18:42 - 2016-02-06 20:02 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-05 15:34 - 2016-02-08 02:15 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Foxit Software
2016-08-05 15:31 - 2016-02-06 17:31 - 00000000 ____D C:\Users\jillsy\AppData\Local\VirtualStore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-09 16:08 - 2016-04-09 23:42 - 0000624 _____ () C:\Users\jillsy\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-08-07 00:32 - 2016-08-07 00:32 - 0000012 _____ () C:\Users\jillsy\AppData\Roaming\Network Meter_Usage.ini
2016-07-09 13:19 - 2016-07-09 13:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\jillsy\IP_Log_Data.js
Einige Dateien in TEMP:
====================
C:\Users\jillsy\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\jillsy\AppData\Local\Temp\66ad7f4a1b4d000a5092f20cce0f6800.dll
C:\Users\jillsy\AppData\Local\Temp\avgnt.exe
C:\Users\jillsy\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\jillsy\AppData\Local\Temp\libeay32.dll
C:\Users\jillsy\AppData\Local\Temp\msvcr120.dll
C:\Users\jillsy\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\jillsy\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\jillsy\AppData\Local\Temp\nvStInst.exe
C:\Users\jillsy\AppData\Local\Temp\project1.exe
C:\Users\jillsy\AppData\Local\Temp\sfamcc00001.dll
C:\Users\jillsy\AppData\Local\Temp\SIntf16.dll
C:\Users\jillsy\AppData\Local\Temp\SIntf32.dll
C:\Users\jillsy\AppData\Local\Temp\SIntfNT.dll
C:\Users\jillsy\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-27 02:38
==================== Ende von FRST.txt ============================
|
|
03.09.2016, 22:52
| #8 |
| | Neuer Computer TDSSKILLER; Code:
ATTFilter 23:50:59.0737 0x1564 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
23:50:59.0737 0x1564 UEFI system
23:51:04.0083 0x1564 ============================================================
23:51:04.0083 0x1564 Current date / time: 2016/09/03 23:51:04.0083
23:51:04.0083 0x1564 SystemInfo:
23:51:04.0083 0x1564
23:51:04.0083 0x1564 OS Version: 10.0.10586 ServicePack: 0.0
23:51:04.0083 0x1564 Product type: Workstation
23:51:04.0084 0x1564 ComputerName: JILLSY-PC
23:51:04.0084 0x1564 UserName: jillsy
23:51:04.0084 0x1564 Windows directory: C:\WINDOWS
23:51:04.0084 0x1564 System windows directory: C:\WINDOWS
23:51:04.0084 0x1564 Running under WOW64
23:51:04.0084 0x1564 Processor architecture: Intel x64
23:51:04.0084 0x1564 Number of processors: 4
23:51:04.0084 0x1564 Page size: 0x1000
23:51:04.0084 0x1564 Boot type: Normal boot
23:51:04.0084 0x1564 CodeIntegrityOptions = 0x00000001
23:51:04.0084 0x1564 ============================================================
23:51:04.0162 0x1564 KLMD registered as C:\WINDOWS\system32\drivers\86178252.sys
23:51:04.0162 0x1564 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.545, osProperties = 0x19
23:51:04.0226 0x1564 System UUID: {5256C8E3-A18D-CE3F-55BE-C4D819B04E74}
23:51:04.0459 0x1564 Drive \Device\Harddisk0\DR0 - Size: 0x6FC86D6000 ( 447.13 Gb ), SectorSize: 0x200, Cylinders: 0xE401, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:51:04.0468 0x1564 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:51:04.0470 0x1564 Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:51:04.0470 0x1564 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1115800 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:51:10.0356 0x1564 ============================================================
23:51:10.0356 0x1564 \Device\Harddisk0\DR0:
23:51:10.0368 0x1564 GPT partitions:
23:51:10.0369 0x1564 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F344EEF9-0408-45EB-8130-503D91127A38}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
23:51:10.0369 0x1564 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {855BC95D-ACC8-49CE-AA98-16E219FC87D6}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
23:51:10.0369 0x1564 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7D4FDF86-25C5-402F-9590-4F60512FDA5C}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x37CEF000
23:51:10.0369 0x1564 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {ACA916C4-75CD-442E-8FD2-BE9FD2B0A692}, Name: , StartLBA 0x37D61800, BlocksNum 0xE1000
23:51:10.0369 0x1564 MBR partitions:
23:51:10.0369 0x1564 \Device\Harddisk1\DR1:
23:51:10.0369 0x1564 GPT partitions:
23:51:10.0369 0x1564 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1E347183-0883-45F5-A24C-3C296AFEFDD0}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xA2CB4000
23:51:10.0369 0x1564 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {98F5CE1D-9B36-4E42-99D7-9709A4F59D64}, Name: Basic data partition, StartLBA 0xA2CB5000, BlocksNum 0x46153000
23:51:10.0369 0x1564 MBR partitions:
23:51:10.0369 0x1564 \Device\Harddisk2\DR2:
23:51:10.0369 0x1564 MBR partitions:
23:51:10.0369 0x1564 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
23:51:10.0369 0x1564 \Device\Harddisk3\DR3:
23:51:10.0369 0x1564 MBR partitions:
23:51:10.0369 0x1564 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3FFFFC1
23:51:10.0369 0x1564 ============================================================
23:51:10.0370 0x1564 C: <-> \Device\Harddisk0\DR0\Partition3
23:51:10.0377 0x1564 D: <-> \Device\Harddisk1\DR1\Partition1
23:51:10.0948 0x1564 E: <-> \Device\Harddisk2\DR2\Partition1
23:51:10.0971 0x1564 H: <-> \Device\Harddisk1\DR1\Partition2
23:51:10.0972 0x1564 K: <-> \Device\Harddisk3\DR3\Partition1
23:51:10.0972 0x1564 ============================================================
23:51:10.0972 0x1564 Initialize success
23:51:10.0972 0x1564 ============================================================
23:51:13.0032 0x0a10 ============================================================
23:51:13.0032 0x0a10 Scan started
23:51:13.0032 0x0a10 Mode: Manual;
23:51:13.0032 0x0a10 ============================================================
23:51:13.0032 0x0a10 KSN ping started
23:51:13.0074 0x0a10 KSN ping finished: true
23:51:13.0528 0x0a10 ================ Scan system memory ========================
23:51:13.0528 0x0a10 System memory - ok
23:51:13.0528 0x0a10 ================ Scan services =============================
23:51:13.0555 0x0a10 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:51:13.0559 0x0a10 1394ohci - ok
23:51:13.0566 0x0a10 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:51:13.0568 0x0a10 3ware - ok
23:51:13.0580 0x0a10 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:51:13.0587 0x0a10 ACPI - ok
23:51:13.0592 0x0a10 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:51:13.0594 0x0a10 acpiex - ok
23:51:13.0596 0x0a10 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:51:13.0597 0x0a10 acpipagr - ok
23:51:13.0600 0x0a10 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:51:13.0600 0x0a10 AcpiPmi - ok
23:51:13.0603 0x0a10 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:51:13.0603 0x0a10 acpitime - ok
23:51:13.0628 0x0a10 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:51:13.0641 0x0a10 ADP80XX - ok
23:51:13.0655 0x0a10 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:51:13.0662 0x0a10 AFD - ok
23:51:13.0666 0x0a10 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:51:13.0668 0x0a10 agp440 - ok
23:51:13.0674 0x0a10 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:51:13.0677 0x0a10 ahcache - ok
23:51:13.0680 0x0a10 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
23:51:13.0681 0x0a10 AJRouter - ok
23:51:13.0686 0x0a10 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
23:51:13.0687 0x0a10 ALG - ok
23:51:13.0691 0x0a10 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:51:13.0693 0x0a10 AmdK8 - ok
23:51:13.0697 0x0a10 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:51:13.0699 0x0a10 AmdPPM - ok
23:51:13.0703 0x0a10 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:51:13.0704 0x0a10 amdsata - ok
23:51:13.0711 0x0a10 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:51:13.0714 0x0a10 amdsbs - ok
23:51:13.0717 0x0a10 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:51:13.0718 0x0a10 amdxata - ok
23:51:13.0740 0x0a10 [ 6AFF881E38E4C984131358A0F215401F, C26E5715E62BAED5FEA4EB0110975A3C9A235D93F0F3408D418BBCCFCFA36BCB ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
23:51:13.0752 0x0a10 AntiVirMailService - ok
23:51:13.0763 0x0a10 [ AC0A0FDFB1C1FC25B9455C1C710A28DA, 2B007C8DD3F490EC6B3FFC2453C0C88344C2E08626992C84FCC6F1065404B8E5 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
23:51:13.0769 0x0a10 AntiVirSchedulerService - ok
23:51:13.0780 0x0a10 [ AC0A0FDFB1C1FC25B9455C1C710A28DA, 2B007C8DD3F490EC6B3FFC2453C0C88344C2E08626992C84FCC6F1065404B8E5 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
23:51:13.0785 0x0a10 AntiVirService - ok
23:51:13.0811 0x0a10 [ DFAA497B31EB75657F90017D67588DB5, 022E02E5A663B622E07CA17498CEDCA568CE2F593569D6CD88831D5C2111F0EB ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
23:51:13.0828 0x0a10 AntiVirWebService - ok
23:51:13.0834 0x0a10 [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:51:13.0835 0x0a10 AppHostSvc - ok
23:51:13.0840 0x0a10 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:51:13.0842 0x0a10 AppID - ok
23:51:13.0845 0x0a10 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:51:13.0846 0x0a10 AppIDSvc - ok
23:51:13.0850 0x0a10 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:51:13.0851 0x0a10 Appinfo - ok
23:51:13.0857 0x0a10 [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:51:13.0860 0x0a10 AppMgmt - ok
23:51:13.0872 0x0a10 [ 682F73D86501D75B131A1D59539A475D, 1C3E1728F3995BBFC2BCE90EFD118B0B864103B16F587A1374D8B3A00403B9E3 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
23:51:13.0878 0x0a10 AppReadiness - ok
23:51:13.0914 0x0a10 [ 736BC0930DF22D535C9667D78F8DEB71, 067337517BD7234FEA999C242C90F74328C0003DDFD24483915F5C1DC5B9C919 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
23:51:13.0939 0x0a10 AppXSvc - ok
23:51:13.0946 0x0a10 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:51:13.0948 0x0a10 arcsas - ok
23:51:13.0953 0x0a10 [ 070633D013447B4DA8D66B23B7BA1C3A, BD2AAFAB01551473729FA23FF5155798B0983FEBC0A64D1C7C30112FACA27988 ] asmthub3 C:\WINDOWS\System32\drivers\asmthub3.sys
23:51:13.0955 0x0a10 asmthub3 - ok
23:51:13.0965 0x0a10 [ AD0476BF351586C2B82509FBD4890A59, 409782A9263B33E0615A5CA7904424ACAB9BCB7EC883CDB873224E147119CA15 ] asmtxhci C:\WINDOWS\System32\drivers\asmtxhci.sys
23:51:13.0970 0x0a10 asmtxhci - ok
23:51:13.0983 0x0a10 [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:51:13.0984 0x0a10 aspnet_state - ok
23:51:13.0987 0x0a10 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
23:51:13.0988 0x0a10 AsyncMac - ok
23:51:13.0991 0x0a10 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:51:13.0992 0x0a10 atapi - ok
23:51:14.0000 0x0a10 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:51:14.0004 0x0a10 AudioEndpointBuilder - ok
23:51:14.0024 0x0a10 [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:51:14.0037 0x0a10 Audiosrv - ok
23:51:14.0043 0x0a10 [ AA0F13E719C3C527287AD87E9205F4D9, 818AB6B2B9AF0ABA28954A142527CE71C25CC24DDC64581EF7117CA88C6CF302 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:51:14.0045 0x0a10 avgntflt - ok
23:51:14.0050 0x0a10 [ 9039B209BA877AF088288DB83C18D3D8, 11EC0E195A735A7599C74DD25A00F86BD44AEBAE6C20D9A995DCEB252887679E ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:51:14.0052 0x0a10 avipbb - ok
23:51:14.0061 0x0a10 [ 9C57AD1165D9F4866EBA6C18E91A8A14, E75288B3BED90CABAEE01383F8CB68719B67158FEB0FE036668693D237F275CF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:51:14.0065 0x0a10 Avira.ServiceHost - ok
23:51:14.0068 0x0a10 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
23:51:14.0069 0x0a10 avkmgr - ok
23:51:14.0073 0x0a10 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
23:51:14.0074 0x0a10 avnetflt - ok
23:51:14.0078 0x0a10 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:51:14.0080 0x0a10 AxInstSV - ok
23:51:14.0092 0x0a10 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:51:14.0099 0x0a10 b06bdrv - ok
23:51:14.0103 0x0a10 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:51:14.0104 0x0a10 BasicDisplay - ok
23:51:14.0107 0x0a10 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:51:14.0108 0x0a10 BasicRender - ok
23:51:14.0112 0x0a10 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
23:51:14.0112 0x0a10 bcmfn - ok
23:51:14.0115 0x0a10 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
23:51:14.0116 0x0a10 bcmfn2 - ok
23:51:14.0124 0x0a10 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:51:14.0129 0x0a10 BDESVC - ok
23:51:14.0132 0x0a10 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:51:14.0133 0x0a10 Beep - ok
23:51:14.0148 0x0a10 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
23:51:14.0160 0x0a10 BFE - ok
23:51:14.0181 0x0a10 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
23:51:14.0197 0x0a10 BITS - ok
23:51:14.0202 0x0a10 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:51:14.0204 0x0a10 bowser - ok
23:51:14.0216 0x0a10 [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:51:14.0223 0x0a10 BrokerInfrastructure - ok
23:51:14.0228 0x0a10 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll
23:51:14.0230 0x0a10 Browser - ok
23:51:14.0234 0x0a10 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:51:14.0234 0x0a10 BthAvrcpTg - ok
23:51:14.0239 0x0a10 [ 72CC1F3397B4438C8B8830F004075038, FBB7F9E7E22F14D31E4BDEB0F32D7D59DEF86FA91117C030E318CDFE0E054EA5 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
23:51:14.0240 0x0a10 BthEnum - ok
23:51:14.0244 0x0a10 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:51:14.0245 0x0a10 BthHFEnum - ok
23:51:14.0248 0x0a10 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:51:14.0249 0x0a10 bthhfhid - ok
23:51:14.0257 0x0a10 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
23:51:14.0262 0x0a10 BthHFSrv - ok
23:51:14.0266 0x0a10 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:51:14.0267 0x0a10 BTHMODEM - ok
23:51:14.0272 0x0a10 [ 0A23A12396CE5AE78E13F8E2ADF9AE35, EDD14B90DDB5E0F566399F42317DED71BDEDFEACAE87F16813E97BA296595E04 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
23:51:14.0273 0x0a10 BthPan - ok
23:51:14.0292 0x0a10 [ 2442F8CED09E5E4A8F1AA04C5DB22771, C1D072502B0FE2A39BD0A2E724FD8955C1199F681C605ECB3F2558AE2EC1A450 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
23:51:14.0303 0x0a10 BTHPORT - ok
23:51:14.0308 0x0a10 [ CEEC73833A4C6B31E2F376A3FD4DA73E, F09FC6EAB8D9769DBAD0931CC7C7F5DFE1562D3EE09CE0EF086AA73D4B62E076 ] bthserv C:\WINDOWS\system32\bthserv.dll
23:51:14.0309 0x0a10 bthserv - ok
23:51:14.0314 0x0a10 [ FA7EE4E3DCF4C1159D4E78147D8F1A7B, 27FA5245D0FDE880E6D5D450EF7F28C3EDC6AA03BB9EBA7F9B088A21D4CFBED0 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
23:51:14.0315 0x0a10 BTHUSB - ok
23:51:14.0318 0x0a10 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:51:14.0319 0x0a10 buttonconverter - ok
23:51:14.0323 0x0a10 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
23:51:14.0325 0x0a10 CapImg - ok
23:51:14.0329 0x0a10 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:51:14.0330 0x0a10 cdfs - ok
23:51:14.0338 0x0a10 [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
23:51:14.0342 0x0a10 CDPSvc - ok
23:51:14.0347 0x0a10 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:51:14.0350 0x0a10 cdrom - ok
23:51:14.0358 0x0a10 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:51:14.0360 0x0a10 CertPropSvc - ok
23:51:14.0364 0x0a10 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:51:14.0365 0x0a10 circlass - ok
23:51:14.0374 0x0a10 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:51:14.0378 0x0a10 CLFS - ok
23:51:14.0392 0x0a10 [ E72BB94A4010EBA7074DFEB25D67BDC3, 437F13A1F709B4CC047C9918625C2B5F673218A5141DBC99CD14B008FAB2AA88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
23:51:14.0399 0x0a10 ClipSVC - ok
23:51:14.0410 0x0a10 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:51:14.0410 0x0a10 CmBatt - ok
23:51:14.0423 0x0a10 [ 570BA8E8E1E3064A7D92F862B7F59B60, 849CE59A0390EB34977471391EF7500506B0B019E5E31CBF264A4926A84C4BEE ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:51:14.0430 0x0a10 CNG - ok
23:51:14.0434 0x0a10 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:51:14.0435 0x0a10 cnghwassist - ok
23:51:14.0443 0x0a10 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
23:51:14.0443 0x0a10 CompositeBus - ok
23:51:14.0446 0x0a10 COMSysApp - ok
23:51:14.0450 0x0a10 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:51:14.0450 0x0a10 condrv - ok
23:51:14.0466 0x0a10 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
23:51:14.0475 0x0a10 CoreMessagingRegistrar - ok
23:51:14.0482 0x0a10 [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:51:14.0484 0x0a10 CryptSvc - ok
23:51:14.0496 0x0a10 [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC C:\WINDOWS\system32\drivers\csc.sys
23:51:14.0503 0x0a10 CSC - ok
23:51:14.0518 0x0a10 [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService C:\WINDOWS\System32\cscsvc.dll
23:51:14.0527 0x0a10 CscService - ok
23:51:14.0531 0x0a10 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
23:51:14.0532 0x0a10 dam - ok
23:51:14.0538 0x0a10 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
23:51:14.0540 0x0a10 dbupdate - ok
23:51:14.0544 0x0a10 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
23:51:14.0546 0x0a10 dbupdatem - ok
23:51:14.0564 0x0a10 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:51:14.0576 0x0a10 DcomLaunch - ok
23:51:14.0583 0x0a10 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
23:51:14.0585 0x0a10 DcpSvc - ok
23:51:14.0597 0x0a10 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:51:14.0603 0x0a10 defragsvc - ok
23:51:14.0614 0x0a10 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:51:14.0620 0x0a10 DeviceAssociationService - ok
23:51:14.0625 0x0a10 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:51:14.0627 0x0a10 DeviceInstall - ok
23:51:14.0631 0x0a10 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
23:51:14.0632 0x0a10 DevQueryBroker - ok
23:51:14.0637 0x0a10 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:51:14.0639 0x0a10 Dfsc - ok
23:51:14.0644 0x0a10 [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:51:14.0646 0x0a10 dg_ssudbus - ok
23:51:14.0655 0x0a10 [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:51:14.0659 0x0a10 Dhcp - ok
23:51:14.0663 0x0a10 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:51:14.0664 0x0a10 diagnosticshub.standardcollector.service - ok
23:51:14.0691 0x0a10 [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
23:51:14.0710 0x0a10 DiagTrack - ok
23:51:14.0715 0x0a10 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
23:51:14.0717 0x0a10 disk - ok
23:51:14.0724 0x0a10 [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
23:51:14.0729 0x0a10 DmEnrollmentSvc - ok
23:51:14.0733 0x0a10 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:51:14.0734 0x0a10 dmvsc - ok
23:51:14.0737 0x0a10 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:51:14.0739 0x0a10 dmwappushservice - ok
23:51:14.0750 0x0a10 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:51:14.0754 0x0a10 Dnscache - ok
23:51:14.0762 0x0a10 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:51:14.0766 0x0a10 dot3svc - ok
23:51:14.0771 0x0a10 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
23:51:14.0774 0x0a10 DPS - ok
23:51:14.0777 0x0a10 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
23:51:14.0778 0x0a10 drmkaud - ok
23:51:14.0784 0x0a10 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:51:14.0787 0x0a10 DsmSvc - ok
23:51:14.0793 0x0a10 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
23:51:14.0795 0x0a10 DsSvc - ok
23:51:14.0827 0x0a10 [ E5EF652F8C880EC48A4E827698416338, 49F7BD33A1EA1BE996698C0476C92E7C7F7FEC2940ED6018614E3AB18E8FACAC ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:51:14.0850 0x0a10 DXGKrnl - ok
23:51:14.0864 0x0a10 [ 2766BA5A07BDF2164A8F6FBCA0F33C3C, 0EF09C971C591AFA808410BD861F4314D4851222E7A7A34562CA81532AA7D5E2 ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
23:51:14.0870 0x0a10 e1dexpress - ok
23:51:14.0874 0x0a10 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:51:14.0876 0x0a10 Eaphost - ok
23:51:14.0930 0x0a10 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:51:14.0969 0x0a10 ebdrv - ok
23:51:14.0976 0x0a10 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
23:51:14.0977 0x0a10 EFS - ok
23:51:14.0981 0x0a10 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:51:14.0982 0x0a10 EhStorClass - ok
23:51:14.0986 0x0a10 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:51:14.0988 0x0a10 EhStorTcgDrv - ok
23:51:14.0991 0x0a10 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
23:51:14.0992 0x0a10 ElbyCDIO - ok
23:51:14.0996 0x0a10 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
23:51:14.0998 0x0a10 embeddedmode - ok
23:51:15.0006 0x0a10 [ 3182FCAF6AAF478791DE5B430C912D4D, 6044BB8A895F0E5BEAA5390457730AE9DB26A5611DC1CD55CE91F2331D2C3086 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
23:51:15.0010 0x0a10 EntAppSvc - ok
23:51:15.0013 0x0a10 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:51:15.0013 0x0a10 ErrDev - ok
23:51:15.0025 0x0a10 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
23:51:15.0031 0x0a10 EventSystem - ok
23:51:15.0039 0x0a10 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:51:15.0042 0x0a10 exfat - ok
23:51:15.0051 0x0a10 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:51:15.0055 0x0a10 fastfat - ok
23:51:15.0059 0x0a10 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:51:15.0059 0x0a10 fdc - ok
23:51:15.0063 0x0a10 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:51:15.0064 0x0a10 fdPHost - ok
23:51:15.0067 0x0a10 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:51:15.0068 0x0a10 FDResPub - ok
23:51:15.0072 0x0a10 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:51:15.0074 0x0a10 fhsvc - ok
23:51:15.0078 0x0a10 [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
23:51:15.0079 0x0a10 FileCrypt - ok
23:51:15.0083 0x0a10 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:51:15.0084 0x0a10 FileInfo - ok
23:51:15.0087 0x0a10 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:51:15.0088 0x0a10 Filetrace - ok
23:51:15.0091 0x0a10 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:51:15.0091 0x0a10 flpydisk - ok
23:51:15.0100 0x0a10 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:51:15.0104 0x0a10 FltMgr - ok
23:51:15.0133 0x0a10 [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache C:\WINDOWS\system32\FntCache.dll
23:51:15.0153 0x0a10 FontCache - ok
23:51:15.0158 0x0a10 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:51:15.0158 0x0a10 FontCache3.0.0.0 - ok
23:51:15.0162 0x0a10 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:51:15.0163 0x0a10 FsDepends - ok
23:51:15.0166 0x0a10 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:51:15.0166 0x0a10 Fs_Rec - ok
23:51:15.0180 0x0a10 [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:51:15.0188 0x0a10 fvevol - ok
23:51:15.0192 0x0a10 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:51:15.0193 0x0a10 gagp30kx - ok
23:51:15.0196 0x0a10 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:51:15.0196 0x0a10 gencounter - ok
23:51:15.0199 0x0a10 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
23:51:15.0200 0x0a10 genericusbfn - ok
23:51:15.0221 0x0a10 [ F78BC07DCED5EDDD6D477E923620F8EA, ABE28155100A38A5E1B58FFC8099EF416145278B440A67B8DAFD7715FE412624 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
23:51:15.0235 0x0a10 GfExperienceService - ok
23:51:15.0241 0x0a10 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:51:15.0244 0x0a10 GPIOClx0101 - ok
23:51:15.0266 0x0a10 [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:51:15.0283 0x0a10 gpsvc - ok
23:51:15.0287 0x0a10 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:51:15.0287 0x0a10 GpuEnergyDrv - ok
23:51:15.0291 0x0a10 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:51:15.0292 0x0a10 HDAudBus - ok
23:51:15.0295 0x0a10 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:51:15.0295 0x0a10 HidBatt - ok
23:51:15.0300 0x0a10 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:51:15.0302 0x0a10 HidBth - ok
23:51:15.0305 0x0a10 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:51:15.0305 0x0a10 hidi2c - ok
23:51:15.0309 0x0a10 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:51:15.0310 0x0a10 hidinterrupt - ok
23:51:15.0313 0x0a10 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:51:15.0313 0x0a10 HidIr - ok
23:51:15.0317 0x0a10 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:51:15.0318 0x0a10 hidserv - ok
23:51:15.0321 0x0a10 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:51:15.0321 0x0a10 HidUsb - ok
23:51:15.0329 0x0a10 [ EDE31817FC0A574E7CC3AF7E544C8951, DC8D07A15525E1CA52C5F6DFAEB2585807D45FC3400EAC9E27DC27E46B5B480F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:51:15.0333 0x0a10 HomeGroupListener - ok
23:51:15.0343 0x0a10 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:51:15.0350 0x0a10 HomeGroupProvider - ok
23:51:15.0354 0x0a10 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:51:15.0354 0x0a10 HpSAMD - ok
23:51:15.0375 0x0a10 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:51:15.0388 0x0a10 HTTP - ok
23:51:15.0392 0x0a10 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:51:15.0392 0x0a10 hwpolicy - ok
23:51:15.0395 0x0a10 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:51:15.0395 0x0a10 hyperkbd - ok
23:51:15.0398 0x0a10 [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:51:15.0398 0x0a10 HyperVideo - ok
23:51:15.0404 0x0a10 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:51:15.0405 0x0a10 i8042prt - ok
23:51:15.0409 0x0a10 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
23:51:15.0410 0x0a10 iai2c - ok
23:51:15.0416 0x0a10 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:51:15.0418 0x0a10 iaLPSS2i_I2C - ok
23:51:15.0421 0x0a10 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:51:15.0422 0x0a10 iaLPSSi_GPIO - ok
23:51:15.0426 0x0a10 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:51:15.0428 0x0a10 iaLPSSi_I2C - ok
23:51:15.0441 0x0a10 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
23:51:15.0449 0x0a10 iaStorAV - ok
23:51:15.0459 0x0a10 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:51:15.0464 0x0a10 iaStorV - ok
23:51:15.0473 0x0a10 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
23:51:15.0478 0x0a10 ibbus - ok
23:51:15.0484 0x0a10 [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
23:51:15.0487 0x0a10 icssvc - ok
23:51:15.0490 0x0a10 IEEtwCollectorService - ok
23:51:15.0509 0x0a10 [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:51:15.0521 0x0a10 IKEEXT - ok
23:51:15.0590 0x0a10 [ D172E06EFE08DF148155A59DB716C1B6, F059B0B37C5E944D70626E9F029BC6311029E0A9D778C9C75DDDDC59A5AF1605 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:51:15.0642 0x0a10 IntcAzAudAddService - ok
23:51:15.0653 0x0a10 [ 14505A1D69B2B5B6D5BF8FD1AABD81E8, F99E145FF4DF69970DF6454BCF931A723BF421E9FA9F40AF5EA5C3EEDAE1C20F ] Intel(R) PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
23:51:15.0656 0x0a10 Intel(R) PROSet Monitoring Service - ok
23:51:15.0659 0x0a10 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:51:15.0659 0x0a10 intelide - ok
23:51:15.0663 0x0a10 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
23:51:15.0664 0x0a10 intelpep - ok
23:51:15.0669 0x0a10 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:51:15.0671 0x0a10 intelppm - ok
23:51:15.0673 0x0a10 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
23:51:15.0674 0x0a10 IoQos - ok
23:51:15.0678 0x0a10 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:51:15.0679 0x0a10 IpFilterDriver - ok
23:51:15.0698 0x0a10 [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:51:15.0710 0x0a10 iphlpsvc - ok
23:51:15.0714 0x0a10 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:51:15.0715 0x0a10 IPMIDRV - ok
23:51:15.0721 0x0a10 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:51:15.0722 0x0a10 IPNAT - ok
23:51:15.0725 0x0a10 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:51:15.0726 0x0a10 IRENUM - ok
23:51:15.0729 0x0a10 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:51:15.0729 0x0a10 isapnp - ok
23:51:15.0736 0x0a10 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:51:15.0740 0x0a10 iScsiPrt - ok
23:51:15.0743 0x0a10 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:51:15.0744 0x0a10 kbdclass - ok
23:51:15.0747 0x0a10 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:51:15.0748 0x0a10 kbdhid - ok
23:51:15.0750 0x0a10 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
23:51:15.0751 0x0a10 kdnic - ok
23:51:15.0754 0x0a10 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
23:51:15.0756 0x0a10 KeyIso - ok
23:51:15.0761 0x0a10 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:51:15.0763 0x0a10 KSecDD - ok
23:51:15.0769 0x0a10 [ C2138FE291C8235C3A26CD04EE629163, 33A840893B104BFCF111C99F8C23B283EF26D8E1BB523BDA0259F6B56B60874D ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:51:15.0771 0x0a10 KSecPkg - ok
23:51:15.0773 0x0a10 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:51:15.0774 0x0a10 ksthunk - ok
23:51:15.0783 0x0a10 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:51:15.0788 0x0a10 KtmRm - ok
23:51:15.0795 0x0a10 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:51:15.0800 0x0a10 LanmanServer - ok
23:51:15.0808 0x0a10 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:51:15.0813 0x0a10 LanmanWorkstation - ok
23:51:15.0817 0x0a10 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
23:51:15.0818 0x0a10 lfsvc - ok
23:51:15.0821 0x0a10 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
23:51:15.0822 0x0a10 LicenseManager - ok
23:51:15.0825 0x0a10 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
23:51:15.0826 0x0a10 lltdio - ok
23:51:15.0833 0x0a10 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:51:15.0837 0x0a10 lltdsvc - ok
23:51:15.0840 0x0a10 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:51:15.0841 0x0a10 lmhosts - ok
23:51:15.0846 0x0a10 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:51:15.0848 0x0a10 LSI_SAS - ok
23:51:15.0852 0x0a10 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:51:15.0853 0x0a10 LSI_SAS2i - ok
23:51:15.0857 0x0a10 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:51:15.0858 0x0a10 LSI_SAS3i - ok
23:51:15.0862 0x0a10 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:51:15.0863 0x0a10 LSI_SSS - ok
23:51:15.0878 0x0a10 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
23:51:15.0887 0x0a10 LSM - ok
23:51:15.0893 0x0a10 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:51:15.0894 0x0a10 luafv - ok
23:51:15.0898 0x0a10 [ 98E3D2BB421424B0457F8B7C46113110, 479187820318E9193765ADAA1D2E83E5752D9A2B22941DF3660C413DA029E618 ] MapsBroker C:\WINDOWS\System32\moshost.dll
23:51:15.0900 0x0a10 MapsBroker - ok
23:51:15.0904 0x0a10 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:51:15.0905 0x0a10 megasas - ok
23:51:15.0917 0x0a10 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
23:51:15.0924 0x0a10 megasr - ok
23:51:15.0930 0x0a10 [ 296C443FCC228EA643ED310465772820, 4846A29DD631E2E253560E7A28439AE11F244AB77F0C826AD56EA485577DBDD6 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
23:51:15.0933 0x0a10 MEIx64 - ok
23:51:15.0936 0x0a10 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:51:15.0938 0x0a10 MessagingService - ok
23:51:15.0955 0x0a10 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:51:15.0963 0x0a10 mlx4_bus - ok
23:51:15.0967 0x0a10 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
23:51:15.0968 0x0a10 MMCSS - ok
23:51:15.0971 0x0a10 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:51:15.0972 0x0a10 Modem - ok
23:51:15.0975 0x0a10 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:51:15.0976 0x0a10 monitor - ok
23:51:15.0979 0x0a10 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:51:15.0980 0x0a10 mouclass - ok
23:51:15.0983 0x0a10 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:51:15.0983 0x0a10 mouhid - ok
23:51:15.0988 0x0a10 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:51:15.0989 0x0a10 mountmgr - ok
23:51:15.0994 0x0a10 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:51:15.0996 0x0a10 MozillaMaintenance - ok
23:51:16.0000 0x0a10 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:51:16.0001 0x0a10 mpsdrv - ok
23:51:16.0018 0x0a10 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:51:16.0029 0x0a10 MpsSvc - ok
23:51:16.0036 0x0a10 [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
23:51:16.0038 0x0a10 MQAC - ok
23:51:16.0043 0x0a10 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:51:16.0045 0x0a10 MRxDAV - ok
23:51:16.0054 0x0a10 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:51:16.0059 0x0a10 mrxsmb - ok
23:51:16.0066 0x0a10 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:51:16.0070 0x0a10 mrxsmb10 - ok
23:51:16.0075 0x0a10 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:51:16.0078 0x0a10 mrxsmb20 - ok
23:51:16.0082 0x0a10 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
23:51:16.0084 0x0a10 MsBridge - ok
23:51:16.0089 0x0a10 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:51:16.0092 0x0a10 MSDTC - ok
23:51:16.0097 0x0a10 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:51:16.0098 0x0a10 Msfs - ok
23:51:16.0101 0x0a10 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:51:16.0102 0x0a10 msgpiowin32 - ok
23:51:16.0104 0x0a10 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:51:16.0105 0x0a10 mshidkmdf - ok
23:51:16.0110 0x0a10 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:51:16.0110 0x0a10 mshidumdf - ok
23:51:16.0114 0x0a10 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:51:16.0114 0x0a10 msisadrv - ok
23:51:16.0119 0x0a10 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:51:16.0122 0x0a10 MSiSCSI - ok
23:51:16.0124 0x0a10 msiserver - ok
23:51:16.0127 0x0a10 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
23:51:16.0127 0x0a10 MSKSSRV - ok
23:51:16.0131 0x0a10 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
23:51:16.0132 0x0a10 MsLldp - ok
23:51:16.0135 0x0a10 [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
23:51:16.0136 0x0a10 MSMQ - ok
23:51:16.0138 0x0a10 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
23:51:16.0139 0x0a10 MSPCLOCK - ok
23:51:16.0141 0x0a10 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
23:51:16.0142 0x0a10 MSPQM - ok
23:51:16.0149 0x0a10 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:51:16.0155 0x0a10 MsRPC - ok
23:51:16.0160 0x0a10 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:51:16.0160 0x0a10 mssmbios - ok
23:51:16.0163 0x0a10 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
23:51:16.0163 0x0a10 MSTEE - ok
23:51:16.0166 0x0a10 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:51:16.0167 0x0a10 MTConfig - ok
23:51:16.0171 0x0a10 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:51:16.0173 0x0a10 Mup - ok
23:51:16.0176 0x0a10 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:51:16.0177 0x0a10 mvumis - ok
23:51:16.0189 0x0a10 [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:51:16.0196 0x0a10 NativeWifiP - ok
23:51:16.0202 0x0a10 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:51:16.0205 0x0a10 NcaSvc - ok
23:51:16.0212 0x0a10 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
23:51:16.0217 0x0a10 NcbService - ok
23:51:16.0221 0x0a10 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:51:16.0223 0x0a10 NcdAutoSetup - ok
23:51:16.0227 0x0a10 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
23:51:16.0228 0x0a10 ndfltr - ok
23:51:16.0249 0x0a10 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:51:16.0262 0x0a10 NDIS - ok
23:51:16.0266 0x0a10 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
23:51:16.0267 0x0a10 NdisCap - ok
23:51:16.0272 0x0a10 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:51:16.0273 0x0a10 NdisImPlatform - ok
23:51:16.0276 0x0a10 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:51:16.0277 0x0a10 NdisTapi - ok
23:51:16.0280 0x0a10 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
23:51:16.0281 0x0a10 Ndisuio - ok
23:51:16.0284 0x0a10 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:51:16.0284 0x0a10 NdisVirtualBus - ok
23:51:16.0290 0x0a10 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
23:51:16.0293 0x0a10 NdisWan - ok
23:51:16.0298 0x0a10 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:51:16.0301 0x0a10 ndiswanlegacy - ok
23:51:16.0304 0x0a10 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
23:51:16.0305 0x0a10 ndproxy - ok
23:51:16.0309 0x0a10 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:51:16.0311 0x0a10 Ndu - ok
23:51:16.0315 0x0a10 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
23:51:16.0315 0x0a10 NetBIOS - ok
23:51:16.0324 0x0a10 [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:51:16.0327 0x0a10 NetBT - ok
23:51:16.0332 0x0a10 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:51:16.0333 0x0a10 Netlogon - ok
23:51:16.0341 0x0a10 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
23:51:16.0344 0x0a10 Netman - ok
23:51:16.0351 0x0a10 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:51:16.0354 0x0a10 NetMsmqActivator - ok
23:51:16.0358 0x0a10 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:51:16.0360 0x0a10 NetPipeActivator - ok
23:51:16.0372 0x0a10 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:51:16.0379 0x0a10 netprofm - ok
23:51:16.0386 0x0a10 [ D8CAB1807EA429C2C647FBC33C30CC88, 8D7CD300A5345444ED39F7BD81B64DEDC4457AF66B5993E9F6A250AE6AD02130 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
23:51:16.0389 0x0a10 NetSetupSvc - ok
23:51:16.0394 0x0a10 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:51:16.0395 0x0a10 NetTcpActivator - ok
23:51:16.0399 0x0a10 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:51:16.0401 0x0a10 NetTcpPortSharing - ok
23:51:16.0406 0x0a10 [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
23:51:16.0407 0x0a10 netvsc - ok
23:51:16.0415 0x0a10 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
23:51:16.0420 0x0a10 NgcCtnrSvc - ok
23:51:16.0433 0x0a10 [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
23:51:16.0441 0x0a10 NgcSvc - ok
23:51:16.0451 0x0a10 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:51:16.0456 0x0a10 NlaSvc - ok
23:51:16.0460 0x0a10 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:51:16.0460 0x0a10 Npfs - ok
23:51:16.0464 0x0a10 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:51:16.0464 0x0a10 npsvctrig - ok
23:51:16.0467 0x0a10 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
23:51:16.0469 0x0a10 nsi - ok
23:51:16.0472 0x0a10 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:51:16.0473 0x0a10 nsiproxy - ok
23:51:16.0509 0x0a10 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
23:51:16.0541 0x0a10 NTFS - ok
23:51:16.0546 0x0a10 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
23:51:16.0546 0x0a10 Null - ok
23:51:16.0553 0x0a10 [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
23:51:16.0557 0x0a10 NVHDA - ok
23:51:16.0769 0x0a10 [ DB3FFDB8FB4D08E834B54B858D50DDBE, 3D6437E72FF96BACE0EC1C19C227800E3A6A89239630D71E1D46E0B3AA6CE40C ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:51:16.0935 0x0a10 nvlddmkm - ok
23:51:16.0977 0x0a10 [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:51:16.0999 0x0a10 NvNetworkService - ok
23:51:17.0005 0x0a10 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:51:17.0007 0x0a10 nvraid - ok
23:51:17.0012 0x0a10 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:51:17.0014 0x0a10 nvstor - ok
23:51:17.0020 0x0a10 [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:51:17.0020 0x0a10 NvStreamKms - ok
23:51:17.0075 0x0a10 [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
23:51:17.0118 0x0a10 NvStreamNetworkSvc - ok
23:51:17.0159 0x0a10 [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
23:51:17.0188 0x0a10 NvStreamSvc - ok
23:51:17.0214 0x0a10 [ 403522070F1C1020B9EB862ED989CD87, 01A63D0DA8B47DDE9D2FCF5923529FCA5ABF4154CFFA6D0E10087E3CA5477436 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:51:17.0231 0x0a10 nvsvc - ok
23:51:17.0235 0x0a10 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
23:51:17.0236 0x0a10 nvvad_WaveExtensible - ok
23:51:17.0241 0x0a10 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:51:17.0243 0x0a10 nv_agp - ok
23:51:17.0251 0x0a10 [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
23:51:17.0255 0x0a10 OneSyncSvc - ok
23:51:17.0337 0x0a10 [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
23:51:17.0363 0x0a10 Origin Client Service - ok
23:51:17.0373 0x0a10 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:51:17.0378 0x0a10 p2pimsvc - ok
23:51:17.0388 0x0a10 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:51:17.0394 0x0a10 p2psvc - ok
23:51:17.0399 0x0a10 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:51:17.0400 0x0a10 Parport - ok
23:51:17.0405 0x0a10 [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
|
|
03.09.2016, 22:53
| #9 |
| | Neuer ComputerCode:
ATTFilter 23:51:17.0406 0x0a10 partmgr - ok
23:51:17.0418 0x0a10 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:51:17.0425 0x0a10 PcaSvc - ok
23:51:17.0433 0x0a10 [ 3F89E96BDA0A24A3D2DBB7CE1E625589, 63AAF83128B8AE279BC37331D2B27133EB9DE9C61392ADF18278A301697D0307 ] pci C:\WINDOWS\system32\drivers\pci.sys
23:51:17.0437 0x0a10 pci - ok
23:51:17.0440 0x0a10 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:51:17.0441 0x0a10 pciide - ok
23:51:17.0445 0x0a10 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:51:17.0447 0x0a10 pcmcia - ok
23:51:17.0450 0x0a10 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:51:17.0451 0x0a10 pcw - ok
23:51:17.0455 0x0a10 [ 34DDBE73E42A4EDED7BEFF66F270C1A4, 420D6EC5B514423C4583839D4E185F7D71989C7BC8A854B0FCC54EE03A972381 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:51:17.0456 0x0a10 pdc - ok
23:51:17.0471 0x0a10 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:51:17.0479 0x0a10 PEAUTH - ok
23:51:17.0513 0x0a10 [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
23:51:17.0538 0x0a10 PeerDistSvc - ok
23:51:17.0543 0x0a10 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
23:51:17.0544 0x0a10 percsas2i - ok
23:51:17.0548 0x0a10 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
23:51:17.0549 0x0a10 percsas3i - ok
23:51:17.0560 0x0a10 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:51:17.0560 0x0a10 PerfHost - ok
23:51:17.0579 0x0a10 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
23:51:17.0589 0x0a10 PhoneSvc - ok
23:51:17.0596 0x0a10 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
23:51:17.0600 0x0a10 PimIndexMaintenanceSvc - ok
23:51:17.0627 0x0a10 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
23:51:17.0645 0x0a10 pla - ok
23:51:17.0650 0x0a10 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:51:17.0653 0x0a10 PlugPlay - ok
23:51:17.0656 0x0a10 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:51:17.0657 0x0a10 PNRPAutoReg - ok
23:51:17.0665 0x0a10 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:51:17.0670 0x0a10 PNRPsvc - ok
23:51:17.0680 0x0a10 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:51:17.0685 0x0a10 PolicyAgent - ok
23:51:17.0690 0x0a10 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
23:51:17.0693 0x0a10 Power - ok
23:51:17.0697 0x0a10 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
23:51:17.0699 0x0a10 PptpMiniport - ok
23:51:17.0750 0x0a10 [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:51:17.0789 0x0a10 PrintNotify - ok
23:51:17.0796 0x0a10 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:51:17.0798 0x0a10 Processor - ok
23:51:17.0806 0x0a10 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:51:17.0811 0x0a10 ProfSvc - ok
23:51:17.0816 0x0a10 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
23:51:17.0818 0x0a10 Psched - ok
23:51:17.0826 0x0a10 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:51:17.0830 0x0a10 QWAVE - ok
23:51:17.0833 0x0a10 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:51:17.0834 0x0a10 QWAVEdrv - ok
23:51:17.0837 0x0a10 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:51:17.0837 0x0a10 RasAcd - ok
23:51:17.0842 0x0a10 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
23:51:17.0843 0x0a10 RasAgileVpn - ok
23:51:17.0847 0x0a10 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:51:17.0850 0x0a10 RasAuto - ok
23:51:17.0854 0x0a10 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
23:51:17.0855 0x0a10 Rasl2tp - ok
23:51:17.0869 0x0a10 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:51:17.0878 0x0a10 RasMan - ok
23:51:17.0882 0x0a10 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
23:51:17.0884 0x0a10 RasPppoe - ok
23:51:17.0887 0x0a10 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
23:51:17.0889 0x0a10 RasSstp - ok
23:51:17.0898 0x0a10 [ 1BB74617AE07539EC7C31C93F98644C7, 527F4F7ADA499814A97F68EE449F39D8A897A68B03AA24E2EE39A378D8D1DD27 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:51:17.0903 0x0a10 rdbss - ok
23:51:17.0907 0x0a10 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
23:51:17.0908 0x0a10 rdpbus - ok
23:51:17.0913 0x0a10 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
23:51:17.0916 0x0a10 RDPDR - ok
23:51:17.0921 0x0a10 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:51:17.0922 0x0a10 RdpVideoMiniport - ok
23:51:17.0928 0x0a10 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
23:51:17.0931 0x0a10 rdyboost - ok
23:51:17.0948 0x0a10 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
23:51:17.0961 0x0a10 ReFSv1 - ok
23:51:17.0973 0x0a10 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:51:17.0980 0x0a10 RemoteAccess - ok
23:51:17.0985 0x0a10 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:51:17.0988 0x0a10 RemoteRegistry - ok
23:51:18.0007 0x0a10 [ C439E5B6E3EB38C9C7611C393348503B, C9E3E3EDB134C2C5A3212CAD372A542DB1658A0263112E66EDF812FAE3F377BF ] RetailDemo C:\WINDOWS\system32\RDXService.dll
23:51:18.0021 0x0a10 RetailDemo - ok
23:51:18.0027 0x0a10 [ 5DCB6746E9880DED87EC2A239ED64EB4, 45ED65A9C103C07B202BAC6EB66C45F619B84F61C1E38C71CBF4F3C94E67FA3D ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
23:51:18.0029 0x0a10 RFCOMM - ok
23:51:18.0034 0x0a10 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
23:51:18.0036 0x0a10 RpcEptMapper - ok
23:51:18.0039 0x0a10 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
23:51:18.0040 0x0a10 RpcLocator - ok
23:51:18.0056 0x0a10 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:51:18.0068 0x0a10 RpcSs - ok
23:51:18.0073 0x0a10 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
23:51:18.0074 0x0a10 rspndr - ok
23:51:18.0077 0x0a10 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
23:51:18.0077 0x0a10 s3cap - ok
23:51:18.0080 0x0a10 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
23:51:18.0082 0x0a10 SamSs - ok
23:51:18.0086 0x0a10 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
23:51:18.0088 0x0a10 sbp2port - ok
23:51:18.0094 0x0a10 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
23:51:18.0098 0x0a10 SCardSvr - ok
23:51:18.0103 0x0a10 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
23:51:18.0106 0x0a10 ScDeviceEnum - ok
23:51:18.0110 0x0a10 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:51:18.0110 0x0a10 scfilter - ok
23:51:18.0133 0x0a10 [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:51:18.0145 0x0a10 Schedule - ok
23:51:18.0153 0x0a10 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
23:51:18.0155 0x0a10 SCPolicySvc - ok
23:51:18.0163 0x0a10 [ 1CDA6D0A2345AA589949AE9C83853913, 13E9164485BA7F7DB86CBA905C7F0E009488B03CC4F3F044EA37D04D0FB661C6 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
23:51:18.0167 0x0a10 sdbus - ok
23:51:18.0172 0x0a10 [ 723C6C3DE056D3EB76F7520BEF5947B4, 49FFDAD56BBD652404A587F282867161BAE6D9E61BC2C819DDC75CE10A8E3C63 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
23:51:18.0176 0x0a10 SDRSVC - ok
23:51:18.0207 0x0a10 [ 2100C3E7E1D060DE822677DDE41FCCCF, 82F645A981C91ABD237AA8DD730F4490EF566371946E56A498146B7C8FC3C44A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
23:51:18.0228 0x0a10 SDScannerService - ok
23:51:18.0233 0x0a10 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
23:51:18.0235 0x0a10 sdstor - ok
23:51:18.0269 0x0a10 [ B89DF0D2410759A6C826C136AEBC2416, 5EF86212BE1E075B2B7E0783FDA6EB2CA6938546145428FC7B39EE9D5817F0B1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
23:51:18.0294 0x0a10 SDUpdateService - ok
23:51:18.0301 0x0a10 [ 6B4E097AD063AEED188629CB9A542602, 0342CD807ADD430E4EC14308464EB0E1BF74F95AD0D32356210A832E6C3FE6CF ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
23:51:18.0304 0x0a10 SDWSCService - ok
23:51:18.0307 0x0a10 Secdrv - ok
23:51:18.0310 0x0a10 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
23:51:18.0312 0x0a10 seclogon - ok
23:51:18.0315 0x0a10 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
23:51:18.0317 0x0a10 SENS - ok
23:51:18.0341 0x0a10 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
23:51:18.0357 0x0a10 SensorDataService - ok
23:51:18.0367 0x0a10 [ 3A96F324681545F135320A9E91793972, CD588AAF764705CAA8838776D20C88B60B9AC73EC3F4608FFCE63831AA80D3C4 ] SensorService C:\WINDOWS\system32\SensorService.dll
23:51:18.0372 0x0a10 SensorService - ok
23:51:18.0378 0x0a10 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
23:51:18.0381 0x0a10 SensrSvc - ok
23:51:18.0385 0x0a10 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
23:51:18.0386 0x0a10 SerCx - ok
23:51:18.0391 0x0a10 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
23:51:18.0393 0x0a10 SerCx2 - ok
23:51:18.0396 0x0a10 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
23:51:18.0397 0x0a10 Serenum - ok
23:51:18.0401 0x0a10 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys
23:51:18.0402 0x0a10 Serial - ok
23:51:18.0405 0x0a10 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
23:51:18.0406 0x0a10 sermouse - ok
23:51:18.0417 0x0a10 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
23:51:18.0422 0x0a10 SessionEnv - ok
23:51:18.0427 0x0a10 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
23:51:18.0428 0x0a10 sfloppy - ok
23:51:18.0439 0x0a10 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:51:18.0445 0x0a10 SharedAccess - ok
23:51:18.0459 0x0a10 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:51:18.0467 0x0a10 ShellHWDetection - ok
23:51:18.0471 0x0a10 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:51:18.0472 0x0a10 SiSRaid2 - ok
23:51:18.0476 0x0a10 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
23:51:18.0477 0x0a10 SiSRaid4 - ok
23:51:18.0480 0x0a10 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
23:51:18.0482 0x0a10 smphost - ok
23:51:18.0494 0x0a10 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
23:51:18.0502 0x0a10 SmsRouter - ok
23:51:18.0508 0x0a10 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:51:18.0510 0x0a10 SNMPTRAP - ok
23:51:18.0521 0x0a10 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
23:51:18.0528 0x0a10 spaceport - ok
23:51:18.0532 0x0a10 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
23:51:18.0533 0x0a10 SpbCx - ok
23:51:18.0543 0x0a10 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys
23:51:18.0544 0x0a10 speedfan - ok
23:51:18.0562 0x0a10 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
23:51:18.0571 0x0a10 Spooler - ok
23:51:18.0668 0x0a10 [ 49B666BCCF59226549F64656584318EA, D7751FB921CE526322DF8CD95430EEA5337E894CE76E0FAA47827CA3B2C953C5 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
23:51:18.0745 0x0a10 sppsvc - ok
23:51:18.0760 0x0a10 [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:51:18.0764 0x0a10 srv - ok
23:51:18.0779 0x0a10 [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
23:51:18.0787 0x0a10 srv2 - ok
23:51:18.0794 0x0a10 [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:51:18.0797 0x0a10 srvnet - ok
23:51:18.0804 0x0a10 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:51:18.0808 0x0a10 SSDPSRV - ok
23:51:18.0814 0x0a10 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
23:51:18.0818 0x0a10 SstpSvc - ok
23:51:18.0824 0x0a10 [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:51:18.0826 0x0a10 ssudmdm - ok
23:51:18.0841 0x0a10 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
23:51:18.0850 0x0a10 ss_conn_service - ok
23:51:18.0894 0x0a10 [ 99435AD1BC9E7E7CEA528868E5B1F9B2, 66C490EB12BFF8834842D28B1138E69180B972CCFDD3D33263A94A79DED0C6CB ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
23:51:18.0927 0x0a10 StateRepository - ok
23:51:18.0954 0x0a10 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:51:18.0972 0x0a10 Steam Client Service - ok
23:51:18.0984 0x0a10 [ 8AD39F3C6C0ACD29D875905C5F20E6DA, 414053EFA8F4730F5ABB25C5ECA10695A04087471754A22F6B25EED9955A3B09 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
23:51:18.0989 0x0a10 Stereo Service - ok
23:51:18.0992 0x0a10 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
23:51:18.0993 0x0a10 stexstor - ok
23:51:19.0008 0x0a10 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
23:51:19.0017 0x0a10 stisvc - ok
23:51:19.0022 0x0a10 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
23:51:19.0023 0x0a10 storahci - ok
23:51:19.0027 0x0a10 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
23:51:19.0027 0x0a10 storflt - ok
23:51:19.0031 0x0a10 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
23:51:19.0032 0x0a10 stornvme - ok
23:51:19.0036 0x0a10 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
23:51:19.0038 0x0a10 storqosflt - ok
23:51:19.0050 0x0a10 [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
23:51:19.0059 0x0a10 StorSvc - ok
23:51:19.0063 0x0a10 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
23:51:19.0063 0x0a10 storufs - ok
23:51:19.0066 0x0a10 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
23:51:19.0067 0x0a10 storvsc - ok
23:51:19.0070 0x0a10 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
23:51:19.0071 0x0a10 svsvc - ok
23:51:19.0074 0x0a10 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
23:51:19.0074 0x0a10 swenum - ok
23:51:19.0084 0x0a10 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
23:51:19.0091 0x0a10 swprv - ok
23:51:19.0095 0x0a10 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
23:51:19.0096 0x0a10 Synth3dVsc - ok
23:51:19.0115 0x0a10 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
23:51:19.0129 0x0a10 SysMain - ok
23:51:19.0138 0x0a10 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:51:19.0144 0x0a10 SystemEventsBroker - ok
23:51:19.0150 0x0a10 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:51:19.0152 0x0a10 TabletInputService - ok
23:51:19.0161 0x0a10 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:51:19.0165 0x0a10 TapiSrv - ok
23:51:19.0205 0x0a10 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
23:51:19.0233 0x0a10 Tcpip - ok
23:51:19.0274 0x0a10 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
23:51:19.0302 0x0a10 Tcpip6 - ok
23:51:19.0309 0x0a10 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
23:51:19.0309 0x0a10 tcpipreg - ok
23:51:19.0315 0x0a10 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
23:51:19.0316 0x0a10 tdx - ok
23:51:19.0320 0x0a10 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
23:51:19.0320 0x0a10 terminpt - ok
23:51:19.0340 0x0a10 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
23:51:19.0353 0x0a10 TermService - ok
23:51:19.0358 0x0a10 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
23:51:19.0360 0x0a10 Themes - ok
23:51:19.0367 0x0a10 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
23:51:19.0372 0x0a10 TieringEngineService - ok
23:51:19.0383 0x0a10 [ EAB476E252CE866727624B5224A054E4, 1F84A1A99FA07AA1A8F4BF2FFD778562AE59612D549C1CC911CEE74CBE71F831 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
23:51:19.0390 0x0a10 tiledatamodelsvc - ok
23:51:19.0395 0x0a10 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
23:51:19.0399 0x0a10 TimeBroker - ok
23:51:19.0407 0x0a10 [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
23:51:19.0410 0x0a10 TPM - ok
23:51:19.0415 0x0a10 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
23:51:19.0418 0x0a10 TrkWks - ok
23:51:19.0422 0x0a10 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:51:19.0424 0x0a10 TrustedInstaller - ok
23:51:19.0428 0x0a10 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
23:51:19.0429 0x0a10 tsusbflt - ok
23:51:19.0432 0x0a10 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:51:19.0433 0x0a10 TsUsbGD - ok
23:51:19.0438 0x0a10 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
23:51:19.0440 0x0a10 tunnel - ok
23:51:19.0444 0x0a10 [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
23:51:19.0446 0x0a10 tzautoupdate - ok
23:51:19.0450 0x0a10 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
23:51:19.0451 0x0a10 uagp35 - ok
23:51:19.0455 0x0a10 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
23:51:19.0456 0x0a10 UASPStor - ok
23:51:19.0460 0x0a10 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
23:51:19.0461 0x0a10 UcmCx0101 - ok
23:51:19.0464 0x0a10 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
23:51:19.0465 0x0a10 UcmUcsi - ok
23:51:19.0470 0x0a10 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
23:51:19.0473 0x0a10 Ucx01000 - ok
23:51:19.0476 0x0a10 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
23:51:19.0477 0x0a10 UdeCx - ok
23:51:19.0484 0x0a10 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
23:51:19.0488 0x0a10 udfs - ok
23:51:19.0491 0x0a10 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
23:51:19.0492 0x0a10 UEFI - ok
23:51:19.0499 0x0a10 [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
23:51:19.0502 0x0a10 Ufx01000 - ok
23:51:19.0506 0x0a10 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
23:51:19.0508 0x0a10 UfxChipidea - ok
23:51:19.0513 0x0a10 [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
23:51:19.0515 0x0a10 ufxsynopsys - ok
23:51:19.0520 0x0a10 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
23:51:19.0522 0x0a10 UI0Detect - ok
23:51:19.0525 0x0a10 [ 8593690D302AE73AAC8BBA9B19757352, 36F29C32A7E0D8D54533441C840E86C7C407815DD3568C6D44C043939E998FAF ] Uim_DEVIM C:\WINDOWS\system32\DRIVERS\uim_devim.sys
23:51:19.0526 0x0a10 Uim_DEVIM - ok
23:51:19.0540 0x0a10 [ 889788C1B850D1ED4027B675B9B8E5E2, D8CA795CAFFF803252E1B41D69F9B55C787E2633198BC322E07449408A58B083 ] Uim_IM C:\WINDOWS\system32\DRIVERS\uim_im.sys
23:51:19.0548 0x0a10 Uim_IM - ok
23:51:19.0552 0x0a10 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
23:51:19.0553 0x0a10 uliagpkx - ok
23:51:19.0557 0x0a10 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
23:51:19.0558 0x0a10 umbus - ok
23:51:19.0561 0x0a10 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
23:51:19.0562 0x0a10 UmPass - ok
23:51:19.0569 0x0a10 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
23:51:19.0573 0x0a10 UmRdpService - ok
23:51:19.0594 0x0a10 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
23:51:19.0610 0x0a10 UnistoreSvc - ok
23:51:19.0622 0x0a10 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
23:51:19.0629 0x0a10 upnphost - ok
23:51:19.0632 0x0a10 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
23:51:19.0633 0x0a10 UrsChipidea - ok
23:51:19.0636 0x0a10 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
23:51:19.0637 0x0a10 UrsCx01000 - ok
23:51:19.0640 0x0a10 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
23:51:19.0640 0x0a10 UrsSynopsys - ok
23:51:19.0645 0x0a10 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
23:51:19.0647 0x0a10 usbccgp - ok
23:51:19.0651 0x0a10 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
23:51:19.0653 0x0a10 usbcir - ok
23:51:19.0657 0x0a10 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
23:51:19.0658 0x0a10 usbehci - ok
23:51:19.0669 0x0a10 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
23:51:19.0675 0x0a10 usbhub - ok
23:51:19.0686 0x0a10 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
23:51:19.0693 0x0a10 USBHUB3 - ok
23:51:19.0696 0x0a10 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
23:51:19.0697 0x0a10 usbohci - ok
23:51:19.0700 0x0a10 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
23:51:19.0700 0x0a10 usbprint - ok
23:51:19.0704 0x0a10 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
23:51:19.0705 0x0a10 usbser - ok
23:51:19.0709 0x0a10 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:51:19.0711 0x0a10 USBSTOR - ok
23:51:19.0714 0x0a10 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
23:51:19.0715 0x0a10 usbuhci - ok
23:51:19.0724 0x0a10 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:51:19.0728 0x0a10 USBXHCI - ok
23:51:19.0756 0x0a10 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
23:51:19.0776 0x0a10 UserDataSvc - ok
23:51:19.0796 0x0a10 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
23:51:19.0808 0x0a10 UserManager - ok
23:51:19.0818 0x0a10 [ BF6C588423B2F856015AE8F61D93D01F, D45A3409E4EF026ECF1F8295EF9CFAA4C111776C2BA04171591744CDAB912479 ] UsoSvc C:\WINDOWS\system32\usocore.dll
23:51:19.0823 0x0a10 UsoSvc - ok
23:51:19.0827 0x0a10 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
23:51:19.0828 0x0a10 VaultSvc - ok
23:51:19.0832 0x0a10 [ 2CB7AEA800B614184238232FBA4430E1, 18F89E68241BE72A94AB3379141404BBE837FF5B303990DD44CF6238EE153566 ] VClone C:\WINDOWS\System32\drivers\VClone.sys
23:51:19.0833 0x0a10 VClone - ok
23:51:19.0837 0x0a10 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
23:51:19.0838 0x0a10 vdrvroot - ok
23:51:19.0852 0x0a10 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
23:51:19.0861 0x0a10 vds - ok
23:51:19.0868 0x0a10 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
23:51:19.0870 0x0a10 VerifierExt - ok
23:51:19.0885 0x0a10 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
23:51:19.0894 0x0a10 vhdmp - ok
23:51:19.0898 0x0a10 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
23:51:19.0898 0x0a10 vhf - ok
23:51:19.0903 0x0a10 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
23:51:19.0904 0x0a10 vmbus - ok
23:51:19.0907 0x0a10 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
23:51:19.0908 0x0a10 VMBusHID - ok
23:51:19.0919 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:51:19.0925 0x0a10 vmicguestinterface - ok
23:51:19.0936 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
23:51:19.0942 0x0a10 vmicheartbeat - ok
23:51:19.0952 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:51:19.0959 0x0a10 vmickvpexchange - ok
23:51:19.0969 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
23:51:19.0976 0x0a10 vmicrdv - ok
23:51:19.0987 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
23:51:19.0994 0x0a10 vmicshutdown - ok
23:51:20.0004 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
23:51:20.0010 0x0a10 vmictimesync - ok
23:51:20.0021 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
23:51:20.0027 0x0a10 vmicvmsession - ok
23:51:20.0037 0x0a10 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
23:51:20.0044 0x0a10 vmicvss - ok
23:51:20.0048 0x0a10 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
23:51:20.0049 0x0a10 volmgr - ok
23:51:20.0058 0x0a10 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
23:51:20.0062 0x0a10 volmgrx - ok
23:51:20.0073 0x0a10 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
23:51:20.0078 0x0a10 volsnap - ok
23:51:20.0082 0x0a10 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
23:51:20.0083 0x0a10 vpci - ok
23:51:20.0088 0x0a10 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
23:51:20.0091 0x0a10 vsmraid - ok
23:51:20.0117 0x0a10 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
23:51:20.0136 0x0a10 VSS - ok
23:51:20.0144 0x0a10 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
23:51:20.0148 0x0a10 VSTXRAID - ok
23:51:20.0151 0x0a10 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
23:51:20.0152 0x0a10 vwifibus - ok
23:51:20.0155 0x0a10 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
23:51:20.0157 0x0a10 vwififlt - ok
23:51:20.0169 0x0a10 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
23:51:20.0176 0x0a10 W32Time - ok
23:51:20.0181 0x0a10 [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
23:51:20.0182 0x0a10 w3logsvc - ok
23:51:20.0195 0x0a10 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:51:20.0202 0x0a10 W3SVC - ok
23:51:20.0205 0x0a10 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
23:51:20.0206 0x0a10 WacomPen - ok
23:51:20.0216 0x0a10 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
23:51:20.0223 0x0a10 WalletService - ok
23:51:20.0227 0x0a10 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:51:20.0228 0x0a10 wanarp - ok
23:51:20.0231 0x0a10 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:51:20.0232 0x0a10 wanarpv6 - ok
23:51:20.0244 0x0a10 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:51:20.0252 0x0a10 WAS - ok
23:51:20.0278 0x0a10 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
23:51:20.0298 0x0a10 wbengine - ok
23:51:20.0312 0x0a10 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
23:51:20.0321 0x0a10 WbioSrvc - ok
23:51:20.0335 0x0a10 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
23:51:20.0343 0x0a10 Wcmsvc - ok
23:51:20.0354 0x0a10 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
23:51:20.0361 0x0a10 wcncsvc - ok
23:51:20.0365 0x0a10 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:51:20.0367 0x0a10 WcsPlugInService - ok
23:51:20.0386 0x0a10 [ C1324C0096AB72FA335A60F2212EF729, 287A546CA931491674701A1E0EC650337BCD844674FE2B97DEAA9D5DB102E43A ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
23:51:20.0399 0x0a10 WDBackup - ok
23:51:20.0403 0x0a10 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
23:51:20.0404 0x0a10 WdBoot - ok
23:51:20.0407 0x0a10 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
23:51:20.0408 0x0a10 WDC_SAM - ok
23:51:20.0415 0x0a10 [ A9579584C5111D9AD1DE374DA0C7D3EC, 5ED0DE615F9FF6EB0CE903D60F16502897FAB79C5B006CEF3266DD0A7E5E4E37 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
23:51:20.0419 0x0a10 WDDriveService - ok
23:51:20.0435 0x0a10 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
23:51:20.0444 0x0a10 Wdf01000 - ok
23:51:20.0452 0x0a10 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
23:51:20.0456 0x0a10 WdFilter - ok
23:51:20.0460 0x0a10 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
23:51:20.0463 0x0a10 WdiServiceHost - ok
23:51:20.0466 0x0a10 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
23:51:20.0469 0x0a10 WdiSystemHost - ok
23:51:20.0483 0x0a10 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
23:51:20.0492 0x0a10 wdiwifi - ok
23:51:20.0497 0x0a10 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:51:20.0499 0x0a10 WdNisDrv - ok
23:51:20.0501 0x0a10 WdNisSvc - ok
23:51:20.0507 0x0a10 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:51:20.0512 0x0a10 WebClient - ok
23:51:20.0518 0x0a10 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
23:51:20.0522 0x0a10 Wecsvc - ok
23:51:20.0525 0x0a10 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
23:51:20.0527 0x0a10 WEPHOSTSVC - ok
23:51:20.0531 0x0a10 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
23:51:20.0534 0x0a10 wercplsupport - ok
23:51:20.0538 0x0a10 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
23:51:20.0542 0x0a10 WerSvc - ok
23:51:20.0547 0x0a10 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
23:51:20.0549 0x0a10 WFPLWFS - ok
23:51:20.0553 0x0a10 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
23:51:20.0555 0x0a10 WiaRpc - ok
23:51:20.0558 0x0a10 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
23:51:20.0559 0x0a10 WIMMount - ok
23:51:20.0560 0x0a10 WinDefend - ok
23:51:20.0567 0x0a10 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
23:51:20.0569 0x0a10 WindowsTrustedRT - ok
23:51:20.0572 0x0a10 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:51:20.0572 0x0a10 WindowsTrustedRTProxy - ok
23:51:20.0589 0x0a10 [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:51:20.0601 0x0a10 WinHttpAutoProxySvc - ok
23:51:20.0604 0x0a10 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
23:51:20.0605 0x0a10 WinMad - ok
23:51:20.0614 0x0a10 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:51:20.0618 0x0a10 Winmgmt - ok
23:51:20.0661 0x0a10 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:51:20.0694 0x0a10 WinRM - ok
23:51:20.0704 0x0a10 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
23:51:20.0705 0x0a10 WINUSB - ok
23:51:20.0708 0x0a10 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
23:51:20.0709 0x0a10 WinVerbs - ok
23:51:20.0746 0x0a10 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
23:51:20.0774 0x0a10 WlanSvc - ok
23:51:20.0809 0x0a10 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
23:51:20.0834 0x0a10 wlidsvc - ok
23:51:20.0838 0x0a10 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
23:51:20.0839 0x0a10 WmiAcpi - ok
23:51:20.0846 0x0a10 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:51:20.0849 0x0a10 wmiApSrv - ok
23:51:20.0851 0x0a10 WMPNetworkSvc - ok
23:51:20.0857 0x0a10 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
23:51:20.0861 0x0a10 Wof - ok
23:51:20.0893 0x0a10 [ 3B6CCFF7AD385842A9638DCF654ABCD4, 2E6605E5E1BD214D7F47F30E73481C07AE70CAE3A3B565FA37D1A551A58BFDB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
23:51:20.0915 0x0a10 workfolderssvc - ok
23:51:20.0920 0x0a10 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:51:20.0921 0x0a10 wpcfltr - ok
23:51:20.0926 0x0a10 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
23:51:20.0928 0x0a10 WPDBusEnum - ok
23:51:20.0931 0x0a10 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:51:20.0932 0x0a10 WpdUpFltr - ok
23:51:20.0936 0x0a10 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
23:51:20.0938 0x0a10 WpnService - ok
23:51:20.0940 0x0a10 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:51:20.0941 0x0a10 ws2ifsl - ok
23:51:20.0947 0x0a10 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll
23:51:20.0951 0x0a10 wscsvc - ok
23:51:20.0953 0x0a10 WSearch - ok
23:51:21.0007 0x0a10 [ 1E099AE79C6D58063E0B4F538732B87F, 0EDA8AA7CA1946DFF651AF6FBCBEBEE904FB269E67F6AB6739247C5242BCDC7E ] WSService C:\WINDOWS\System32\WSService.dll
23:51:21.0048 0x0a10 WSService - ok
23:51:21.0087 0x0a10 [ BFB3F9076F9B6CBC540012842177DD63, 669C6BE8D7AF18FB8934267E713315F95B17AE6563352745FF594816BB581768 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
23:51:21.0115 0x0a10 wuauserv - ok
23:51:21.0121 0x0a10 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
23:51:21.0123 0x0a10 WudfPf - ok
23:51:21.0129 0x0a10 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
23:51:21.0132 0x0a10 WUDFRd - ok
23:51:21.0136 0x0a10 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
23:51:21.0139 0x0a10 wudfsvc - ok
23:51:21.0145 0x0a10 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:51:21.0147 0x0a10 WUDFWpdFs - ok
23:51:21.0152 0x0a10 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:51:21.0155 0x0a10 WUDFWpdMtp - ok
23:51:21.0178 0x0a10 [ A17D939E89831694963802A729191D1F, 5DE24F3A19BC83589D3FEE19C4E44ED04450AD2F3225745A45BA7B702E7DDFD6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
23:51:21.0195 0x0a10 WwanSvc - ok
23:51:21.0214 0x0a10 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
23:51:21.0226 0x0a10 XblAuthManager - ok
23:51:21.0248 0x0a10 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
23:51:21.0263 0x0a10 XblGameSave - ok
23:51:21.0270 0x0a10 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
23:51:21.0273 0x0a10 xboxgip - ok
23:51:21.0293 0x0a10 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
23:51:21.0306 0x0a10 XboxNetApiSvc - ok
23:51:21.0310 0x0a10 [ 7439DCAF71314B1D85E452B3F2E1138A, DAAF67C90C35DC1839CEC6962AD001961EFDE00DDFCDC702882AFA234D71248B ] xhunter1 C:\WINDOWS\xhunter1.sys
23:51:21.0310 0x0a10 xhunter1 - ok
23:51:21.0313 0x0a10 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
23:51:21.0314 0x0a10 xinputhid - ok
23:51:21.0315 0x0a10 ================ Scan global ===============================
23:51:21.0319 0x0a10 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
23:51:21.0326 0x0a10 [ 602060E8FD837EC184B10B32795D62AB, BC15589FF036A2FD2F598BA5D2E3F0D5EF348C73870F5CC763A3A04B8A9166F3 ] C:\WINDOWS\system32\winsrv.dll
23:51:21.0333 0x0a10 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
23:51:21.0343 0x0a10 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
23:51:21.0349 0x0a10 [ Global ] - ok
23:51:21.0349 0x0a10 ================ Scan MBR ==================================
23:51:21.0351 0x0a10 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:51:21.0357 0x0a10 \Device\Harddisk0\DR0 - ok
23:51:21.0359 0x0a10 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:51:21.0362 0x0a10 \Device\Harddisk1\DR1 - ok
23:51:21.0395 0x0a10 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
23:51:21.0398 0x0a10 \Device\Harddisk2\DR2 - ok
23:51:21.0402 0x0a10 [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk3\DR3
23:51:21.0411 0x0a10 \Device\Harddisk3\DR3 - ok
23:51:21.0412 0x0a10 ================ Scan VBR ==================================
23:51:21.0413 0x0a10 [ 678C4EFFF62E3BB051571838897A8089 ] \Device\Harddisk0\DR0\Partition1
23:51:21.0414 0x0a10 \Device\Harddisk0\DR0\Partition1 - ok
23:51:21.0415 0x0a10 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
23:51:21.0415 0x0a10 \Device\Harddisk0\DR0\Partition2 - ok
23:51:21.0418 0x0a10 [ 90859FD0BC9825085A2A252A8403F31D ] \Device\Harddisk0\DR0\Partition3
23:51:21.0419 0x0a10 \Device\Harddisk0\DR0\Partition3 - ok
23:51:21.0421 0x0a10 [ 9718C0290C2A54B140A927EF75CA50BC ] \Device\Harddisk0\DR0\Partition4
23:51:21.0422 0x0a10 \Device\Harddisk0\DR0\Partition4 - ok
23:51:21.0424 0x0a10 [ 1F3413A0EE43FCB2CAECBD020F70D3C0 ] \Device\Harddisk1\DR1\Partition1
23:51:21.0425 0x0a10 \Device\Harddisk1\DR1\Partition1 - ok
23:51:21.0426 0x0a10 [ 0400EB9E360F4E73EE5AF9D7F407C4FF ] \Device\Harddisk1\DR1\Partition2
23:51:21.0427 0x0a10 \Device\Harddisk1\DR1\Partition2 - ok
23:51:21.0428 0x0a10 [ E98C61614179C13B334C11E0A855394B ] \Device\Harddisk2\DR2\Partition1
23:51:21.0429 0x0a10 \Device\Harddisk2\DR2\Partition1 - ok
23:51:21.0432 0x0a10 [ 28EB8D80B6687AB93480CBC262FD56B3 ] \Device\Harddisk3\DR3\Partition1
23:51:21.0434 0x0a10 \Device\Harddisk3\DR3\Partition1 - ok
23:51:21.0434 0x0a10 ================ Scan generic autorun ======================
23:51:21.0557 0x0a10 [ 890C5393F1E7775A38FA73DC554A379E, 16A01ABF2E6C070156E0A92642496F33BE9A5A923B41FD538C532A52B92E74C4 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:51:21.0654 0x0a10 RTHDVCPL - ok
23:51:21.0664 0x0a10 [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
23:51:21.0666 0x0a10 Classic Start Menu - ok
23:51:21.0684 0x0a10 [ ABE3CD91271DA8A9AFA62B9AF0E18F85, 59FCDEE6A0ECC300646CED15ECC80CEA0DB105C2C6140D8C9D8FAC9C13D92BEB ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
23:51:21.0694 0x0a10 avgnt - ok
23:51:21.0699 0x0a10 [ 97B71ADAABD4E9468FCFA58E99133C42, 03AFEBBA2257BC9457B7A3976174B1CD329AE84806F794DA1ADF389E3D87F132 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:51:21.0700 0x0a10 Avira SystrayStartTrigger - ok
23:51:21.0707 0x0a10 [ CB46168FFDEA91E2B3435E51BB436558, 848D12E11B79722B07C42D848D831C6B782E1338B8F844924CB8938FE11F379D ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
23:51:21.0710 0x0a10 USB3MON - ok
23:51:21.0793 0x0a10 [ 51A27200FDE64CB50C24BA53025EC344, 3D09E71953FAC133B1EFA1E103CD5B2DB4912474D19E8467EF379999206E913B ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
23:51:21.0857 0x0a10 WD Quick View - ok
23:51:21.0926 0x0a10 [ B58A7B5DB3944C25E3C1B9683647ACE7, 9F21A25D70F1DEDC93A039C30D22172FE85FE0CFB344BD053C127B1A2F6EB7DB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
23:51:21.0972 0x0a10 SDTray - ok
23:51:22.0006 0x0a10 [ E93FDA336764BBE2CB05C924AEF834B4, 2FE1443ED25708760CCB405AEFA26A4B0EE62CE20576AD31D8E4D2F4EDB13E92 ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
23:51:22.0027 0x0a10 DriveUtilitiesHelper - ok
23:51:22.0031 0x0a10 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
23:51:22.0032 0x0a10 VirtualCloneDrive - ok
23:51:22.0045 0x0a10 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:51:22.0052 0x0a10 SunJavaUpdateSched - ok
23:51:22.0055 0x0a10 Dropbox - ok
23:51:22.0181 0x0a10 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:51:22.0281 0x0a10 OneDriveSetup - ok
23:51:22.0401 0x0a10 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:51:22.0498 0x0a10 OneDriveSetup - ok
23:51:22.0521 0x0a10 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
23:51:22.0532 0x0a10 SpybotPostWindows10UpgradeReInstall - ok
23:51:22.0625 0x0a10 [ AA7DDCE2175C6D58E83966DEF236F732, 2EA65CDD5096A0A88FAB788CEE29A6B0161856061C9C625D27A58BA987E1E38E ] D:\Games\World_of_Tanks\WargamingGameUpdater.exe
23:51:22.0662 0x0a10 World of Tanks - ok
23:51:22.0664 0x0a10 Waiting for KSN requests completion. In queue: 224
23:51:23.0673 0x0a10 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.19.163 ), 0x41000 ( enabled : updated )
23:51:23.0675 0x0a10 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
23:51:23.0677 0x0a10 Win FW state via NFP2: enabled ( trusted )
23:51:23.0772 0x0a10 ============================================================
23:51:23.0772 0x0a10 Scan finished
23:51:23.0772 0x0a10 ============================================================
23:51:23.0777 0x0758 Detected object count: 0
23:51:23.0777 0x0758 Actual detected object count: 0
|
|
04.09.2016, 09:11
| #10 |
| /// TB-Ausbilder | Neuer Computer Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
04.09.2016, 23:28
| #11 |
| | Neuer Computer ADWCleaner Code:
ATTFilter # AdwCleaner v6.010 - Bericht erstellt am 05/09/2016 um 00:12:05
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-03.2 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : jillsy - JILLSY-PC
# Gestartet von : C:\Users\jillsy\Desktop\AdwCleaner_6.010.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [1175 Bytes] - [05/09/2016 00:12:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1248 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64
Ran by jillsy (Administrator) on 05.09.2016 at 0:14:12.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.09.2016 at 0:14:53.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.09.2016 Suchlaufzeit: 00:18 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.04.08 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: jillsy Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 335770 Abgelaufene Zeit: 4 Min., 29 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
05.09.2016, 09:00
| #12 |
| /// TB-Ausbilder | Neuer Computer Servus, die beiden Logdateien von FRST fehlen noch (siehe Schritt 4 meines letzten Posts dazu)...  |
|
05.09.2016, 15:38
| #13 |
| | Neuer Computer Sorry, hier die FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von jillsy (Administrator) auf JILLSY-PC (05-09-2016 16:35:24)
Gestartet von C:\Users\jillsy\Desktop
Geladene Profile: jillsy (Verfügbare Profile: jillsy)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\jillsy\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\WINDOWS\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831576 2016-08-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar273.lnk [2016-09-05]
ShortcutTarget: Sidebar273.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{a1ec324e-2cbf-4f68-8d61-6dac07f260ab}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{cbc7d4b6-90ee-4a2d-a356-043bc244d4d6}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default
FF Homepage: hxxp://www.google.ch/
FF Session Restore: -> ist aktiviert.
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Extension: (Show MyIP) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-04-29]
FF Extension: (Download Statusbar Fixed) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-04-29]
FF Extension: (PDF Download) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-04-29]
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\artur.dubovoy@gmail.com [2016-07-31]
FF Extension: (Show my Password) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2016-07-31]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-08-24]
FF Extension: (NoScript) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-31]
FF Extension: (Avira Browser Safety) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\abs@avira.com [2016-07-15]
FF Extension: (Language Pack Install Helper) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\jid0-3qAYz7se7F3gEIA63LjbuEaPEDk@jetpack.xpi [2016-02-06]
FF Extension: (YouR IP) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2016-04-27]
FF Extension: (Personas Plus) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\personas@christopher.beard.xpi [2016-07-31]
FF Extension: (Download Status Bar) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-08-17]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-09-04]
FF Extension: (Video DownloadHelper) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-03]
FF Extension: (Adblock Plus) - C:\Users\jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\dzrmql6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [988184 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-05] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-03] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-07-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-07-09] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [27440 2016-07-17] () [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701232 2015-08-26] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-09-03] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-05 16:35 - 2016-09-05 16:35 - 00021760 _____ C:\Users\jillsy\Desktop\FRST.txt
2016-09-05 00:12 - 2016-09-05 00:14 - 01610560 _____ (Malwarebytes) C:\Users\jillsy\Desktop\JRT.exe
2016-09-05 00:10 - 2016-09-05 00:12 - 00000000 ____D C:\AdwCleaner
2016-09-03 23:50 - 2016-09-03 23:53 - 00265212 _____ C:\TDSSKiller.3.1.0.11_03.09.2016_23.50.59_log.txt
2016-09-03 00:10 - 2016-09-05 16:35 - 00000000 ____D C:\FRST
2016-09-03 00:09 - 2016-09-03 00:10 - 02397696 _____ (Farbar) C:\Users\jillsy\Desktop\FRST64.exe
2016-09-02 23:36 - 2016-09-02 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-31 19:26 - 2016-08-31 19:26 - 00000000 ____D C:\Users\jillsy\Documents\Diverses
2016-08-31 19:06 - 2016-08-31 19:06 - 00000000 ____D C:\Program Files\ProcessExplorer
2016-08-31 00:30 - 2016-08-25 22:53 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-31 00:29 - 2016-08-26 01:27 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 35180992 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 34842680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 28238904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 20220928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10865888 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10746896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 10288040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 09094048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 08875408 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 08687888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 02912192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 02549184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437270.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01586560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437270.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 01020472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00958008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00941504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00894520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00802584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00801744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00686712 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00616648 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00576168 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00573424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00471608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00439352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00159352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-31 00:29 - 2016-08-26 01:27 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-27 02:48 - 2016-08-27 02:54 - 371289601 _____ C:\Users\jillsy\Desktop\U-571.mp4
2016-08-26 23:15 - 2016-08-29 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-24 19:48 - 2016-09-03 13:47 - 00123198 _____ C:\Users\jillsy\Desktop\PDF1442775_20160805214545.pdf
2016-08-22 16:57 - 2016-08-22 16:57 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\NVIDIA
2016-08-18 19:07 - 2016-08-18 19:07 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2016-08-18 19:07 - 2016-08-18 19:07 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2016-08-17 11:40 - 2016-08-11 16:33 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 00054728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-08-17 11:40 - 2016-08-11 16:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-17 11:40 - 2016-08-11 16:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-16 19:17 - 2016-08-16 19:19 - 658247680 _____ C:\Users\jillsy\Desktop\rescue-system.iso
2016-08-13 22:27 - 2016-08-13 22:28 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-13 22:12 - 2016-08-13 22:12 - 00002321 _____ C:\Users\Public\Desktop\MIDEAST CRISIS 2.lnk
2016-08-13 22:12 - 2016-08-13 22:12 - 00000000 ____D C:\Users\jillsy\Documents\Command & Conquer 3 Tiberium Wars
2016-08-13 22:09 - 2016-08-27 21:52 - 14216760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-08-13 22:09 - 2016-08-26 01:27 - 23715064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 17619464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 14477600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 03906992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-13 22:09 - 2016-08-26 01:27 - 03448808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-13 22:00 - 2016-08-13 22:00 - 00000000 ___HD C:\$SysReset
2016-08-13 16:16 - 2016-08-13 16:16 - 00000129 _____ C:\Users\jillsy\Documents\Explorer Settings.xml
2016-08-13 16:04 - 2016-08-13 23:04 - 00000000 ____D C:\Users\jillsy\Desktop\Vorher_Nachher
2016-08-12 21:09 - 2016-08-12 21:09 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2016-08-12 19:28 - 2016-08-13 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus
2016-08-12 19:28 - 2016-08-12 19:28 - 00001541 _____ C:\Users\jillsy\Desktop\Lazarus.lnk
2016-08-12 15:26 - 2016-08-12 15:26 - 00001071 _____ C:\Users\jillsy\Desktop\Black Desert ScreenShot.lnk
2016-08-12 10:10 - 2016-07-28 19:55 - 00453334 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160812-101000.backup
2016-08-10 09:52 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 09:52 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 09:52 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 09:52 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 09:52 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 09:52 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 09:52 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 09:52 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 09:52 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 09:52 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 09:52 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 09:52 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 09:52 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 09:52 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 09:52 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 09:52 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-10 09:52 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-10 09:52 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-10 09:52 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 09:52 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 09:52 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 09:52 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 09:52 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 09:52 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 09:52 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 09:52 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 09:52 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 09:52 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 09:52 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 09:52 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 09:52 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-10 09:52 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-10 09:52 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 09:52 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 09:52 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 09:52 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 09:52 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 09:52 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 09:52 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 09:52 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 09:52 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 09:52 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 09:52 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 09:52 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 09:52 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 09:52 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 09:52 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 09:52 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 09:52 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 09:52 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 09:52 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 09:52 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 09:52 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 09:52 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 09:52 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 09:52 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 09:52 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 09:52 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 09:52 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 09:52 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 09:51 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 09:51 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 09:51 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 09:51 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 09:51 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 09:51 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 09:51 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 09:51 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 09:51 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 09:51 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 09:51 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 09:51 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 09:51 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 09:51 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 09:51 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 09:51 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 09:51 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 09:51 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 09:51 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 09:51 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 09:51 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 09:51 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 09:51 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 09:51 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 09:51 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 09:51 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 09:51 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 09:51 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 09:51 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 09:51 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 09:51 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 09:51 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 09:51 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 09:51 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 09:51 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 09:51 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 09:51 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 09:51 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 09:51 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 09:51 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 09:51 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 09:51 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 09:51 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 09:51 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 09:51 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 09:51 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 09:51 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 09:51 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 09:51 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 09:51 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 09:51 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 09:51 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 09:51 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 09:51 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 09:51 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 09:51 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 09:51 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 09:51 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 09:51 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 09:51 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 09:51 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 09:51 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 09:51 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 09:51 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-07 00:32 - 2016-08-07 00:32 - 00000012 _____ C:\Users\jillsy\AppData\Roaming\Network Meter_Usage.ini
2016-08-07 00:31 - 2016-08-07 00:31 - 00000041 _____ C:\Users\jillsy\IP_Log_Data.js
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-05 16:34 - 2016-08-05 15:29 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-05 16:33 - 2016-08-05 15:29 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-05 16:31 - 2016-04-27 07:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-05 16:31 - 2016-03-04 17:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-05 01:03 - 2016-07-09 13:42 - 00000000 ____D C:\Users\jillsy\AppData\Local\ClassicShell
2016-09-05 00:25 - 2016-07-09 13:20 - 02086308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-05 00:25 - 2016-04-27 07:13 - 00888192 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-05 00:25 - 2016-04-27 07:13 - 00197276 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-05 00:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-05 00:23 - 2016-07-10 10:14 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F56EFC66-D523-4890-B05C-CF307D1A9C50}
2016-09-05 00:18 - 2016-07-15 19:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-05 00:16 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-05 00:10 - 2016-03-04 18:14 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\TS3Client
2016-09-04 17:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-03 21:49 - 2016-07-09 22:04 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-09-03 21:48 - 2016-02-28 14:28 - 00000000 ____D C:\Users\jillsy\AppData\Local\BlackDesertOnline
2016-09-03 16:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-02 23:36 - 2016-08-05 15:29 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-01 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 19:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-31 18:58 - 2016-07-09 18:34 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-08-31 18:57 - 2016-03-27 03:55 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\WiseUpdate
2016-08-31 01:03 - 2016-02-06 19:08 - 00000000 ____D C:\Users\jillsy\AppData\Local\Battle.net
2016-08-31 00:30 - 2016-03-11 17:50 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 00:30 - 2016-02-14 14:56 - 00000000 ____D C:\temp
2016-08-31 00:30 - 2016-02-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-31 00:30 - 2016-02-06 17:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 19:08 - 2016-02-09 21:04 - 00000000 ____D C:\Users\jillsy\AppData\Local\ElevatedDiagnostics
2016-08-29 17:15 - 2016-02-07 05:31 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Everything
2016-08-29 17:15 - 2016-02-06 19:54 - 00000000 ____D C:\ProgramData\Origin
2016-08-29 15:32 - 2016-02-06 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 23:47 - 2016-04-04 23:18 - 00000000 ____D C:\Users\jillsy\Desktop\Zwischen Speicher TV
2016-08-28 01:06 - 2016-02-13 02:08 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-26 01:27 - 2015-07-23 04:02 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-25 23:12 - 2016-03-04 17:50 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 02475064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 01362368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-25 23:12 - 2016-03-04 17:50 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-25 23:12 - 2016-03-04 17:50 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-25 04:42 - 2016-02-06 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-23 22:01 - 2016-07-09 13:20 - 00000000 ____D C:\Users\jillsy
2016-08-22 17:17 - 2016-03-04 17:50 - 07320235 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-22 11:17 - 2016-07-09 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2016-08-22 11:16 - 2015-10-30 09:24 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2016-08-14 23:47 - 2016-02-20 13:14 - 00000000 ____D C:\Users\jillsy\Documents\Black Desert
2016-08-13 23:02 - 2016-08-01 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-08-13 23:02 - 2016-07-16 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SleepTimer Ultimate
2016-08-13 23:02 - 2016-07-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2016-08-13 23:02 - 2016-07-15 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-08-13 23:02 - 2016-07-09 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-13 23:02 - 2016-07-09 13:31 - 00000000 ____D C:\Users\jillsy\AppData\Local\TileDataLayer
2016-08-13 23:02 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-13 23:02 - 2016-04-27 07:13 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-08-13 23:02 - 2016-04-09 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor Pacific Assault™
2016-08-13 23:02 - 2016-03-19 01:08 - 00000000 ___SD C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-08-13 23:02 - 2016-03-05 23:19 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 23:02 - 2016-03-04 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-08-13 23:02 - 2016-03-04 18:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
2016-08-13 23:02 - 2016-02-20 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2016-08-13 23:02 - 2016-02-14 16:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-13 23:02 - 2016-02-13 02:08 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-08-13 23:02 - 2016-02-09 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-08-13 23:02 - 2016-02-09 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-13 23:02 - 2016-02-08 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Chat
2016-08-13 23:02 - 2016-02-08 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-08-13 23:02 - 2016-02-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2016-08-13 23:02 - 2016-02-07 05:31 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-08-13 23:02 - 2016-02-07 05:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2016-08-13 23:02 - 2016-02-07 05:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-08-13 23:02 - 2016-02-07 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-08-13 23:02 - 2016-02-07 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-08-13 23:02 - 2016-02-06 20:20 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-13 23:02 - 2016-02-06 20:20 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-13 23:02 - 2016-02-06 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2016-08-13 23:02 - 2016-02-06 19:48 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-13 23:02 - 2016-02-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-13 23:02 - 2016-02-06 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-13 23:02 - 2016-02-06 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-08-13 23:02 - 2016-02-06 19:04 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-08-13 23:02 - 2016-02-06 17:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-13 23:02 - 2016-02-06 17:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-13 23:02 - 2016-02-06 17:47 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ___SD C:\Program Files\Windows Sidebar
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-13 23:02 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-13 23:02 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-13 23:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 22:28 - 2016-07-09 14:18 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-13 22:12 - 2016-07-16 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIDEAST CRISIS 2
2016-08-13 16:31 - 2016-02-06 19:16 - 00000000 ____D C:\Users\jillsy\Documents\StarCraft II
2016-08-13 09:45 - 2016-08-05 15:31 - 00000000 ___RD C:\Users\jillsy\Dropbox
2016-08-12 23:19 - 2016-02-07 04:03 - 00000000 ____D C:\Users\jillsy\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2016-08-12 22:31 - 2016-03-20 16:14 - 00000000 ____D C:\Users\jillsy\AppData\Local\lazarus
2016-08-12 22:08 - 2016-07-09 13:32 - 00002386 _____ C:\Users\jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-12 22:08 - 2016-07-09 13:32 - 00000000 ___RD C:\Users\jillsy\OneDrive
2016-08-12 22:06 - 2016-07-09 11:19 - 00000000 ___HD C:\$GetCurrent
2016-08-12 22:06 - 2016-07-09 11:19 - 00000000 ____D C:\Windows10Upgrade
2016-08-12 22:03 - 2016-07-09 13:24 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-12 21:41 - 2016-02-10 12:49 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-08-12 21:41 - 2016-02-10 12:49 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-12 21:40 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-12 21:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-08-12 21:32 - 2016-07-09 11:33 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-12 19:28 - 2016-08-05 21:13 - 00000000 ____D C:\lazarus
2016-08-12 12:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 16:33 - 2016-07-08 16:34 - 01588688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-08-11 16:33 - 2016-07-08 16:34 - 00223304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-08-10 18:51 - 2016-04-27 07:34 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 18:51 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 18:44 - 2016-02-06 20:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 18:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 18:42 - 2016-02-06 20:02 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-09 16:08 - 2016-04-09 23:42 - 0000624 _____ () C:\Users\jillsy\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-08-07 00:32 - 2016-08-07 00:32 - 0000012 _____ () C:\Users\jillsy\AppData\Roaming\Network Meter_Usage.ini
2016-07-09 13:19 - 2016-07-09 13:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\jillsy\IP_Log_Data.js
Einige Dateien in TEMP:
====================
C:\Users\jillsy\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\jillsy\AppData\Local\Temp\66ad7f4a1b4d000a5092f20cce0f6800.dll
C:\Users\jillsy\AppData\Local\Temp\avgnt.exe
C:\Users\jillsy\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\jillsy\AppData\Local\Temp\libeay32.dll
C:\Users\jillsy\AppData\Local\Temp\msvcr120.dll
C:\Users\jillsy\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\jillsy\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\jillsy\AppData\Local\Temp\nvStInst.exe
C:\Users\jillsy\AppData\Local\Temp\project1.exe
C:\Users\jillsy\AppData\Local\Temp\sfamcc00001.dll
C:\Users\jillsy\AppData\Local\Temp\SIntf16.dll
C:\Users\jillsy\AppData\Local\Temp\SIntf32.dll
C:\Users\jillsy\AppData\Local\Temp\SIntfNT.dll
C:\Users\jillsy\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-27 02:38
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von jillsy (05-09-2016 16:35:48)
Gestartet von C:\Users\jillsy\Desktop
Windows 10 Pro Version 1511 (X64) (2016-07-09 11:31:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-312126271-3749253831-833728702-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-312126271-3749253831-833728702-503 - Limited - Disabled)
Gast (S-1-5-21-312126271-3749253831-833728702-501 - Limited - Disabled)
jillsy (S-1-5-21-312126271-3749253831-833728702-1000 - Administrator - Enabled) => C:\Users\jillsy
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1914 - Die Schalen des Zorns (HKLM-x32\...\{404E1E52-9302-45D2-B4F8-50D2251C391E}) (Version: 1.00.0000 - Rondomedia)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{5D6CB70E-6FA7-4E5E-8A12-06612313E671}) (Version: 18.0.0 - Helmut Buhler)
Act of Aggression (HKLM-x32\...\Steam App 318020) (Version: - Eugen Systems)
Act of War: Direct Action (HKLM-x32\...\Steam App 2710) (Version: - Eugen Systems)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.1 - Daum Games EU)
C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version: - )
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{B9A7CCBE-48F7-4B3E-BD20-76ADDD4DC69F}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{78F60BDD-1923-4CF7-B6BD-087D06D7B5BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
Diablo (HKLM-x32\...\Diablo) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.45.1 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lazarus 1.6 (HKLM\...\lazarus_is1) (Version: 1.6 - Lazarus Team)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
MIDEAST CRISIS 2 version R2 (HKLM-x32\...\{A81B2C6E-A802-4818-990F-7F79406137DD}_is1) (Version: R2 - ISOTX)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
SleepTimer Ultimate 1.3 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Tropico 4 (HKLM\...\Steam App 57690) (Version: - Haemimont Games)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4D0776BB-71B7-49A2-A439-24791A4620E1}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{37BF2365-3EC7-45E4-9D88-61489F932A0B}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\so_activex_x64.dll ()
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\jillsy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-312126271-3749253831-833728702-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {064AC6C9-67BD-45C6-8F39-56CA7AF82686} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {174D5D9D-46E8-4235-ACFA-EA9BF9EB9A3E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {20B94A30-CBD8-46B9-9595-670264DC5376} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {21F9C832-E96E-4600-B8F4-3D606AA21B23} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2D28D19F-B6CA-4587-84D9-E8CF7F67CF23} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {323A0982-F7B3-4197-9123-9FA232AC52C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {358BFA47-7A2C-40A4-8ADA-7A3D8D3F5925} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-05] (Dropbox, Inc.)
Task: {3CFCCA2B-94C2-4EA2-A3FD-E1D2EDAEFEB3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E07DE44-1508-4D69-AA14-850CE8DD3B39} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {3E1A6103-6074-4ECF-AE3A-9399908A2598} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4BD801F1-98F1-499C-8C67-EA9CFDA2F1B0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4C12F624-CD6E-4200-89AA-B50F98AFB759} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {56827C03-33B0-4ECA-BFF9-3CAFF8E92B29} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {5D2082D5-0538-4F93-AFB4-B7660BFCAE9B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5DABAA15-4C26-40D9-B303-9E674AA14BF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5F596DF6-0231-4F8E-955D-FD09C9032B51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {66FE4EE1-5180-4799-9F89-488E7FAE9085} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6D960A5E-88D4-457B-AB9D-F4507C6519F6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {709B1D72-55DC-4552-B423-871876EE9251} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-05] (Dropbox, Inc.)
Task: {70FF3EDA-2B7D-4FA2-B8C8-F3B1828A9DA9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {7633CC86-516D-45AE-A048-642AFE90EEF8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7A4D0F93-1C14-4DE6-B771-00C1D94E4F33} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7BE17038-C26F-47A3-854B-19798E95BAE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {7BF99AB2-3C95-4B63-A2E4-ADE6F5A0A0D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {832E8ED5-2F46-4C09-93C4-63E2B430C78E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8D024F7D-7620-4409-A17D-2940589DF870} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8D675281-6933-4CBC-88DF-AD617BECBB41} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9509CFC8-3697-4CF9-BC32-88B5C7954BEA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A1BE34D3-5264-4F1C-B4D1-314EBA0E9F98} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AA064424-4059-4080-90CE-2E23DA7ED549} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {ADB41004-8919-4A4B-A3DF-07B78E7A5102} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C0ACA51C-420B-4089-8AA3-332596AE6C15} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {CC1A6232-8A8C-40BE-849B-8E4635166083} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {DE47A6B6-E261-4533-B262-36F02C1D9FEC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E3ADED06-FA5B-41AF-8BC5-29E14A99FCE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E7D9221A-C774-4C26-990A-6400154BC98C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E8F30760-71B7-4C4E-B656-53117BCBB20A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EC4DABE1-AD8A-4E68-A8B6-A8E839D43998} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {F0972386-6C09-4F9C-8989-B2031F96C713} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {F36B1155-DB86-470D-8C4A-C8EBC83DADF5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F3C0F9DE-EBDE-4395-861D-94D7064A15FF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F42AE2B5-B8DF-4F89-8C77-E9A2784B8CAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F8DE3D6C-6F43-4131-A1B1-4F3CCA45ABC1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-04 17:50 - 2016-08-25 23:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-15 16:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-15 16:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-27 07:17 - 2016-04-27 07:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-15 16:58 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-15 16:58 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-15 16:58 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-15 16:58 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-15 16:58 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-19 18:33 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-02-19 18:33 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-03 00:14 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00012520 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00015080 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2016-04-06 18:20 - 2016-04-06 18:20 - 00014056 _____ () C:\Users\jillsy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2016-02-06 18:00 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-09 14:13 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-09 14:13 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-09 14:13 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-09 14:13 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7915 mehr Seiten.
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7915 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-08-12 10:10 - 00453382 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15555 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-312126271-3749253831-833728702-1000\Control Panel\Desktop\\Wallpaper -> d:\bilder\sowjetischeplakate\schwert1.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: WarThunderLauncher => D:\WarThunder\launcher.exe
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-312126271-3749253831-833728702-1000\...\StartupApproved\Run: => "World of Tanks"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{AACDF63B-D40D-4F0A-8636-48873F6B0421}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8FABF8CE-37D1-4DBF-9F81-43800E786FA0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5E1C8A5E-45B1-458D-9909-4CD746544EDF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{962782A3-FA60-449A-AE9D-15CEF816D86E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{67748C26-4A6E-4FC3-8C40-9893A6A552B8}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{6A1E02F5-FADC-49B4-A238-98E04AC647B3}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{C61EDE1A-91E9-4714-A1DE-E87E14210CC7}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{7F09FEC4-37E5-45E9-8F67-7A7A38E54001}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{AFDC21FB-1BC9-447D-B65A-7CC415D692DF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{35B5AA27-E645-4E1A-81C9-06D72588B47A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggressionRE.exe
FirewallRules: [{FF590341-91BE-4757-8E52-CEAB1193D036}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{7618482C-B2B6-4A82-9AC7-8B8077163684}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{5511882F-C769-410D-B0E0-2B7ABD27C747}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{94F1E3C1-914F-4F92-97CE-2C77B43921F5}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe
FirewallRules: [{DB6BEFB9-A767-43C3-AB6C-5783FC1FF955}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [{3E77EE4E-6E5A-4ADC-AB69-64610006BD7B}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe
FirewallRules: [UDP Query User{6D063738-BD5B-4FAD-A290-FA02AEFEC190}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [TCP Query User{1D3D431C-B549-49AE-991A-532D780F1DE9}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{9209E8EA-2BB9-4D82-BF75-0E0A1A2D533A}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{205F8B49-8A93-4F18-AAF9-4F4B6953544A}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe
FirewallRules: [{E0A403D2-090C-465A-9F6C-95A24B29560E}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{E3690EB0-5D6E-4A4E-AD86-099822FE738D}] => (Allow) D:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{8AE1BB22-242C-4C02-9CF7-818228182564}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{37C1C86D-7AAD-4F76-B47D-AF8680E618A6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of War Direct Action\ActOfWar.exe
FirewallRules: [{D6BC6C3A-0D64-4D73-9966-E78FFA096493}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{5CC528AD-E341-4591-97A4-1CCDF88E79DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Act of Aggression\ActOfAggression.exe
FirewallRules: [{52995D18-FCCA-45B0-A5E6-36BBFD1EF3B1}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{883599A2-5B54-4042-AAF2-B2170841FF29}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [UDP Query User{03FE5F30-F354-45EA-A15E-BA33C32130CB}D:\programme\diablo iii\diablo iii.exe] => (Allow) D:\programme\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6F6B4E3C-9384-4E6C-948D-4FCE09A156B2}D:\programme\diablo iii\diablo iii.exe] => (Allow) D:\programme\diablo iii\diablo iii.exe
FirewallRules: [{DEBCCFD7-DB82-4ACA-B427-D8CA91A76E0E}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{97FB9579-476D-46EB-BE3F-F71CE81BED77}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{1531CF88-EF03-4DAC-93D4-BE3CDE102383}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{00E6566D-1B9A-49FD-A3AB-CFA4F0B26260}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{8FF2DC62-6AD7-4D45-A117-F7ABA70A6A31}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{F49A8781-0C66-4911-93B7-868E331F8521}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{5F3D7D78-B75B-4171-8249-DBB80350C164}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{8A6B5A0F-72DA-4280-B78C-C60E3E556C04}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [UDP Query User{461B8AB0-44F0-45DF-A8EA-A8DCBCE1BF5B}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{00BA6E45-4791-4434-9A56-00786B6E0A50}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [{D7CBB0F1-EEA4-4AAA-BB4B-0DFA89C50840}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{73F893B3-6B56-4FED-8EAD-EB81940F9DF2}] => (Allow) D:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{F3C02990-B2F6-42C6-BEF0-3F242DA35AA0}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{93E5F605-849D-4190-B392-0BEB00367C48}] => (Allow) D:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{B0ABB26D-C703-47A8-8467-598DC165C564}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{5575D054-B00A-4130-B647-521F19905DE0}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [UDP Query User{DFEAFEF5-D247-4A92-908C-04001182C60C}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [TCP Query User{C769BDA3-2F5C-487D-BC53-4B2CFC7D81DC}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [{13893BF9-AB9F-40B0-B94B-82B2FAEF3C0A}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{0F1CC654-D2DE-4750-BFB8-AA306364FD19}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{516B9B6F-467F-4815-8FDF-58CDE0C2DDBB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{44B95D1A-9549-4B1F-B9F0-12EB362E10AA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3D7F2E91-1A99-40BB-8649-8B65C9954F55}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E23B3EAF-1123-45F5-ABEB-BE995AC21B49}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{58804AD4-FF69-485F-BF54-37BA48ADAF64}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD339C48-6AD6-4936-8B9D-946617204F43}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC2BC506-0032-4DCF-A9CC-2BD0414D1FD7}] => (Allow) LPort=8090
FirewallRules: [{8BC0BC66-AB15-4EA7-80FC-3F19CB553C93}] => (Allow) LPort=20443
FirewallRules: [{12C5B701-858F-447A-81E4-50EE710103E7}] => (Allow) LPort=33333
FirewallRules: [{8A7EF1FE-6A3A-48CC-9575-2C17170243C2}] => (Allow) LPort=6881
FirewallRules: [{85C629FC-42ED-4FC8-8C0F-58B5DB4679AB}] => (Allow) LPort=27022
FirewallRules: [{3339D352-EE52-4CB0-B6FF-AC843F8F03D7}] => (Allow) LPort=7853
FirewallRules: [{313C2E5B-3123-4164-B0CA-2DB138FCFC18}] => (Allow) LPort=7852
FirewallRules: [{C5562991-4E7B-4794-A169-A6CDFB4D9009}] => (Allow) LPort=7850
FirewallRules: [{EA8A0011-D4B1-44D7-9774-E865CAA4182D}] => (Allow) LPort=3478
FirewallRules: [{4E709B90-BD51-4EC4-B9CD-27FDD2A8730D}] => (Allow) LPort=20010
FirewallRules: [{8FE73A51-32F4-4CB7-8BF9-3A38A0BF83C4}] => (Allow) LPort=443
FirewallRules: [{EB3C80FC-F699-4660-BBF5-353BEBACB66C}] => (Allow) LPort=80
FirewallRules: [{954A91D5-8BC7-421D-AFA5-8C6546148A4C}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{F9510989-4D5B-4E83-B0A4-59437614C826}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{29B225A6-2A86-4248-A8E9-B29E93D042F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AF17ADBD-2C18-4BD4-BE43-7C8E7E285D7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B66ED9E6-2BBA-4DEC-B105-5D023054EB06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0757FC4A-726E-4720-B231-F0A0779D5E1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59997915-8434-4E1E-9291-EEFED046D99A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4DA1FB18-3A1D-42ED-AE9E-792CD16211E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{68FB3B1F-1C5D-4106-BDC5-E7D4BDDAF137}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E63005B9-E27E-4E79-A3C9-8E78D6268DB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3ADCC28E-F23B-46D8-929B-CDEB7F6B1438}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{25F1A8AD-FD4E-4864-8779-C6D0C0F7FA6D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CDE65032-D32A-454F-9E27-645F154445C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{0F9323FB-F690-4CA9-B489-46E14BE83130}D:\programme\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) D:\programme\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{5244EB6E-FC50-4F96-9E0C-4C3FC6D3049D}D:\programme\starcraft ii\versions\base44983\sc2_x64.exe] => (Allow) D:\programme\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{CAC8D796-AAC4-4062-8D33-8F3874D2A0DF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
22-08-2016 17:14:23 22.August2016 Alees GUT
31-08-2016 00:28:07 30.aug, vor nvidia
31-08-2016 19:06:05 Sysinternals 1.6.12
05-09-2016 00:14:13 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/05/2016 12:33:13 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/05/2016 12:29:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x2150
Startzeit der fehlerhaften Anwendung: 0x01d206fb4857d432
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: a156efc8-6e2d-4e88-877b-3af8f73615d7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/05/2016 12:25:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x23e8
Startzeit der fehlerhaften Anwendung: 0x01d206faccdc4a65
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: c71b3e3b-c3a1-4f1a-852e-f48199a1fbd1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/05/2016 12:14:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/04/2016 07:34:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/03/2016 07:25:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/03/2016 04:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x571682e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb7f
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003e008
ID des fehlerhaften Prozesses: 0x21f0
Startzeit der fehlerhaften Anwendung: 0x01d205f1778964ca
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 289e6b0b-e3a2-422a-a888-47e1daf9bb75
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/02/2016 07:17:01 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/02/2016 06:31:41 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/01/2016 07:07:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (09/05/2016 04:31:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (09/05/2016 04:31:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.09.2016 um 00:56:38 unerwartet heruntergefahren.
Error: (09/05/2016 04:31:11 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (09/05/2016 04:31:11 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841173568
Error: (09/05/2016 12:29:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WD Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 12:25:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WD Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 12:22:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WD Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 12:16:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (09/05/2016 12:16:30 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
Error: (09/05/2016 12:16:02 AM) (Source: DCOM) (EventID: 10010) (User: jillsy-PC)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-09-01 22:34:33.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-10 18:52:34.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-26 10:21:08.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-23 13:57:05.075
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-17 02:30:07.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-16 01:18:12.273
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 16:42:32.027
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 16:35:22.941
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 13:23:16.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-09 13:19:07.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16333.87 MB
Verfügbarer physikalischer RAM: 13776.28 MB
Summe virtueller Speicher: 32717.87 MB
Verfügbarer virtueller Speicher: 29890.22 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:446.47 GB) (Free:339.75 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1302.35 GB) (Free:979.96 GB) NTFS
Drive e: (My Book) (Fixed) (Total:1862.98 GB) (Free:378.93 GB) NTFS
Drive h: (Sicherung) (Fixed) (Total:560.66 GB) (Free:155.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 9371220B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
05.09.2016, 20:11
| #14 |
| /// TB-Ausbilder | Neuer Computer Servus, sieht bisher gut aus. ESET Online Scanner
|
|
06.09.2016, 10:56
| #15 |
| | Neuer Computer ESET log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=38b09310bef4e746bdcbcf8d68e9dcef
# end=init
# utc_time=2016-09-05 09:04:42
# local_time=2016-09-05 11:04:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30657
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=38b09310bef4e746bdcbcf8d68e9dcef
# end=updated
# utc_time=2016-09-05 09:11:54
# local_time=2016-09-05 11:11:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=38b09310bef4e746bdcbcf8d68e9dcef
# engine=30657
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-05 11:55:04
# local_time=2016-09-06 01:55:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 99 11585 16967427 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4495120 26933847 0 0
# scanned=283300
# found=0
# cleaned=0
# scan_time=9790
Kannst du das ticket offenbehalten? Danke für deine Hilfe bisher! Bin etwa drei bis vier Wochen im Spital. Kannst du das Ticket offenbehalten? Wäre sehr froh darum =) Freundliche Grüsse, jillsy2k |
|
| Themen zu Neuer Computer |
| adware-scan, compu, computer, einiger, neuer, neuer computer, neues, sicherheit, system |
Linear-Darstellung
