Mögliche Root-Kit Infektion Trojan.Multi.ProxyChanger.gen

erebor · 10.12.2016, 10:50

Hey,

ich habe folgendes Problem.

Mein "Kaspersky Internet Security" hat eben angeschlagen und mir gemeldet, dass eine infizierte Datei gefunden wurde und mir empfohlen sie zu "desinfizieren" während der PC neu startet. Dem habe ich direkt zugestimmt.

Beim Herunterfahren erschien dann kurz eine Windows-Fehlermeldung, dass irgendwas nicht installiert werden konnte.

Nach dem Neustart erhielt ich die Nachricht, dass Kaspersky die Bedrohung desinfiziert hätte und das ein Windows-Update nicht erfolgreich installiert werden konnte.

Als ich mir den Log im Kaspersky angeguckt habe ist mir aufgefallen, dass Kaspersky einen fehlgeschlagenen Versuch bei der Rootkit-Suche geloggt hat, aber auch die erfolgreiche Meldung "Gefundene Objekte:1, gelöschte Objekte:2".

Ich habe Kaspersky eine vollständige Untersuchung machen lassen, ohne Befund.

Ich würde gerne sicher gehen, dass auch wirklich alles weg ist, deshalb bitte ich hier um Experten-Hilfe!

Ich hänge die Log-Einträge von Kaspersky mal unten an die Mail an.

Danke und Gruß
erebor

Code:

ATTFilter

Logs:
10.12.2016 10.07.43	Rootkit-Suche (abgebrochen)		Ende: Heute, 10.12.2016 10:07
10.12.2016 09.56.52	Ein Objekt (Systemspeicher) wurde gefunden.	System Memory	Systemspeicher: System Memory	Objektname: Trojan.Multi.ProxyChanger.gen
10.12.2016 09.56.51	Rootkit-Suche	Die Aufgabe wurde gestartet.	Zeitpunkt: Heute, 10.12.2016 09:56


10.12.2016 10.10.34	Aktive Desinfektion	Die Aufgabe wurde abgeschlossen.	Ende: Heute, 10.12.2016 10:10
10.12.2016 10.07.48	Das gefundene Objekt (Systemspeicher) wurde desinfiziert.	System Memory	Systemspeicher: System Memory	Objektname: Trojan.Multi.ProxyChanger.gen
10.12.2016 10.07.48	Das gefundene Objekt (Systemspeicher) wurde desinfiziert.	System Memory	Systemspeicher: System Memory	Objektname: Trojan.Multi.ProxyChanger.gen
10.12.2016 10.07.43	Ein Objekt (Systemspeicher) wurde gefunden.	System Memory	Systemspeicher: System Memory	Objektname: Trojan.Multi.ProxyChanger.gen
10.12.2016 10.07.43	Aktive Desinfektion	Die Aufgabe wurde gestartet.	Zeitpunkt: Heute, 10.12.2016 10:07

deeprybka · 10.12.2016, 11:37

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

erebor · 10.12.2016, 12:10

Hallo Jürgen,

danke schon einmal für deine Hilfe und deine Zeit.

Hier die entsprechenden Logs:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
durchgeführt von Chris (Administrator) auf CHRIS-PC (10-12-2016 12:05:20)
Gestartet von C:\Users\Chris\Downloads
Geladene Profile: Chris (Verfügbare Profile: Chris & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_intelx86
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(RedFox) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
() C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe
(WhatsApp) C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\WhatsApp.exe
(WhatsApp) C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\WhatsApp.exe
(WhatsApp) C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\WhatsApp.exe
(WhatsApp) C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\WhatsApp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [69416 2015-12-17] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8746792 2015-12-17] (Space Sciences Laboratory)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-11] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25838592 2016-11-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [GoodSync] => C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe [12404960 2016-11-15] ()
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Google Update] => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2016-03-28] (RedFox)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyServer.lnk [2014-12-01]
ShortcutTarget: TwonkyServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{288d840f-bed8-48df-8c41-5268d704db33}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> DefaultScope {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll => Keine Datei
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-22] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965 [2016-12-10]
FF Homepage: Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965 -> hxxp://google.de/
FF Extension: (LastPass) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\support@lastpass.com [2016-11-26]
FF Extension: (uBlock Origin) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\uBlock0@raymondhill.net.xpi [2016-12-02]
FF Extension: (Session Manager) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-11-16]
FF Extension: (Video DownloadHelper) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-11]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-07-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @networksurveillance.com/camclictrl -> C:\Program Files (x86)\NetworkSurveillanceNP\npCamCliCtrl.dll [2012-04-10] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Chris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-19] (Citrix Online)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://web.whatsapp.com/"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default [2016-11-11]
CHR Extension: (Google Präsentationen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-28]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28]
CHR Extension: (Google Tabellen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-28]
CHR Extension: (Kaspersky Protection) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Amazon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2016-02-28]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-11]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Chris\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2013-05-31] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [7942880 2016-11-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-14] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [881480 2013-04-19] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-04-19] (PacketVideo)
R2 VirtualComService; C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe [16384 2015-06-27] (AK) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 evserial7; C:\WINDOWS\System32\drivers\evserial7.sys [71432 2011-10-31] (ELTIMA Software)
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-27] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-02] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-02] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-02] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-02] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
R3 VSBC7; C:\WINDOWS\System32\drivers\evsbc7.sys [36616 2011-10-31] (ELTIMA Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-10 12:05 - 2016-12-10 12:05 - 00037005 _____ C:\Users\Chris\Downloads\FRST.txt
2016-12-10 12:04 - 2016-12-10 12:05 - 02420224 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2016-12-10 10:46 - 2016-12-10 10:46 - 00000693 _____ C:\Users\Chris\Desktop\virus.txt
2016-12-10 10:45 - 2016-12-10 10:45 - 00000858 _____ C:\Users\Chris\Documents\virus2.txt
2016-12-10 10:13 - 2016-12-10 10:13 - 00000000 ___HD C:\OneDriveTemp
2016-12-07 18:13 - 2016-12-07 18:13 - 00001538 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-07 18:02 - 2016-12-07 18:02 - 74795512 _____ (Promethean) C:\Users\Chris\Downloads\ActivInspire_v2.8.66693_AppOnly_setup.exe
2016-12-07 07:10 - 2016-12-07 07:10 - 00045745 _____ C:\Users\Chris\Desktop\AB 13 Die Schulzeit meiner Großeltern.pdf
2016-12-07 07:06 - 2016-12-07 07:06 - 00018799 _____ C:\Users\Chris\Desktop\Vertretung NaWi 7g.pdf
2016-12-07 07:03 - 2016-12-07 07:03 - 00040945 _____ C:\Users\Chris\Desktop\Vertretung GL.pdf
2016-12-07 06:57 - 2016-12-10 09:25 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-05 20:04 - 2016-12-05 20:04 - 00207141 _____ C:\Users\Chris\Downloads\S0-6B43556B4931495056307630774279353667583234673D3D.pdf
2016-12-05 18:51 - 2016-12-05 18:51 - 00209255 _____ C:\Users\Chris\Downloads\muster-widerrufsformular.pdf
2016-12-05 07:49 - 2016-12-05 07:49 - 00077883 _____ C:\Users\Chris\Downloads\48949100_2016_Nr.011_Kontoauszug_vom_30.11.2016_20161205074913.pdf
2016-12-02 22:54 - 2016-12-02 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-02 22:07 - 2016-12-02 22:07 - 02017022 _____ C:\Users\Chris\Downloads\flyer_flachdach_din_68800.pdf
2016-12-02 21:07 - 2016-12-02 21:07 - 00856774 _____ C:\Users\Chris\Downloads\BA_19820_V2.0_DE.pdf
2016-12-02 06:53 - 2016-12-02 06:53 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-12-02 06:52 - 2016-12-02 06:52 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-12-02 06:52 - 2016-12-02 06:52 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-12-02 06:52 - 2016-12-02 06:52 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-11-27 09:13 - 2016-11-27 09:13 - 02436658 _____ C:\Users\Chris\Downloads\2011-11-22_0507842.pdf
2016-11-26 11:51 - 2016-11-27 16:54 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\LastPass
2016-11-24 23:03 - 2016-11-24 23:03 - 00330752 _____ C:\Users\Chris\Desktop\dhp-#nichtegal-infobrief-schulen.pdf
2016-11-22 11:27 - 2016-11-22 11:27 - 35148554 _____ C:\Users\Chris\Downloads\Chinese Jump Rope (Gummitwist) - Klasse 5 - 2015 _ 2016.mp4
2016-11-21 19:24 - 2016-12-05 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-21 17:52 - 2016-11-21 17:52 - 00010049 _____ C:\Users\Chris\Downloads\Familienzuschlag_2016.pdf
2016-11-21 17:51 - 2016-11-21 17:51 - 00018975 _____ C:\Users\Chris\Downloads\Amts-_und_Stellenzulagen_2016.pdf
2016-11-21 17:51 - 2016-11-21 17:51 - 00013913 _____ C:\Users\Chris\Downloads\Besoldungsordnung_A_2016.pdf
2016-11-21 17:13 - 2016-11-21 17:13 - 00065301 _____ C:\Users\Chris\Downloads\2016_amtsangemessene_versorgung_musterantrag.pdf
2016-11-21 17:13 - 2016-11-21 17:13 - 00064905 _____ C:\Users\Chris\Downloads\161019_amtsangemessene_besoldung_musterantrag_aktive.pdf
2016-11-20 16:55 - 2016-11-20 16:55 - 00863029 _____ C:\Users\Chris\Downloads\pappmache.pdf
2016-11-20 12:59 - 2016-11-20 12:59 - 02978125 _____ C:\Users\Chris\Downloads\UR-0009-Jump-Style-Probematerial.pdf
2016-11-19 08:14 - 2016-11-19 08:14 - 01099414 _____ C:\Users\Chris\Downloads\2016-7TKS-aufgeschlossen-Programmheft1.pdf
2016-11-19 08:13 - 2016-11-19 08:13 - 00413278 _____ C:\Users\Chris\Downloads\2016_11_17_TKS_aufgeschlossen_Vorank.pdf
2016-11-19 08:06 - 2016-12-10 10:25 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Mozilla
2016-11-18 21:22 - 2016-12-02 22:44 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla Firefox
2016-11-18 21:04 - 2016-11-18 21:04 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Temp
2016-11-16 20:42 - 2016-11-16 20:42 - 00039611 _____ C:\Users\Chris\Downloads\2016-11-16 20_42_08 SuS-Zugangsdaten.pdf
2016-11-16 20:42 - 2016-11-16 20:42 - 00024654 _____ C:\Users\Chris\Downloads\2016-11-16 20_42_28 SuS-Zugangsdaten.pdf
2016-11-16 20:41 - 2016-11-16 20:41 - 00029050 _____ C:\Users\Chris\Downloads\2016-11-16 20_41_35 LuL-Zugangsdaten.pdf
2016-11-14 08:04 - 2016-11-14 08:04 - 01658744 _____ C:\Users\Chris\Downloads\BrMain483.exe
2016-11-14 08:01 - 2016-11-14 08:01 - 00010475 _____ C:\Users\Chris\Downloads\rectangle25_a4_rgb.pdf
2016-11-14 07:21 - 2016-11-14 07:21 - 07653480 _____ C:\Users\Chris\Downloads\SaalDesignSoftware4.0.exe
2016-11-14 07:21 - 2016-11-14 07:21 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaalDesignSoftware.lnk
2016-11-14 07:21 - 2016-11-14 07:21 - 00001105 _____ C:\Users\Public\Desktop\SaalDesignSoftware.lnk
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\SaalDesignSoftware
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Program Files (x86)\SaalDesignSoftware
2016-11-13 18:43 - 2016-11-13 18:44 - 17853716 _____ C:\Users\Chris\Downloads\DLR_Unser_Sonnensystem.pdf
2016-11-13 18:40 - 2016-11-13 18:40 - 00397675 _____ C:\Users\Chris\Downloads\Groessenvergleich der Planeten unseres Sonnensystems.pdf
2016-11-11 06:48 - 2016-11-11 06:52 - 373931981 _____ C:\Users\Chris\Desktop\Marc Lubetzki – The Strength Summit.mp4
2016-11-11 06:48 - 2016-11-11 06:48 - 00000000 ____D C:\Users\Chris\dwhelper
2016-11-11 06:44 - 2016-11-11 06:44 - 00590671 _____ C:\Users\Chris\Downloads\Marc Lubetzki  The Strength Summit (1).mp4
2016-11-11 06:44 - 2016-11-11 06:44 - 00580126 _____ C:\Users\Chris\Downloads\Marc Lubetzki  The Strength Summit.mp4
2016-11-10 22:46 - 2016-11-10 22:46 - 00024652 _____ C:\Users\Chris\Downloads\2016-11-10 22_46_36 SuS-Zugangsdaten.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-10 12:05 - 2016-02-25 09:23 - 00000000 ____D C:\FRST
2016-12-10 12:04 - 2016-09-26 15:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-10 11:59 - 2016-05-31 19:51 - 00000000 ____D C:\ProgramData\BOINC
2016-12-10 11:43 - 2016-02-24 18:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-10 11:13 - 2015-12-10 21:51 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-12-10 10:52 - 2016-05-12 06:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\WhatsApp
2016-12-10 10:18 - 2016-09-26 15:39 - 01996200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-10 10:18 - 2016-07-16 23:51 - 00736306 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-10 10:18 - 2016-07-16 23:51 - 00168236 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-10 10:13 - 2015-12-10 21:49 - 00000000 ___RD C:\Users\Chris\OneDrive
2016-12-10 10:13 - 2015-12-07 20:03 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-10 10:13 - 2014-12-01 18:50 - 00000000 ____D C:\ProgramData\TwonkyServer
2016-12-10 10:12 - 2016-09-26 15:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-10 10:12 - 2016-09-26 15:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-10 10:12 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-10 10:12 - 2014-05-11 18:32 - 00000000 ____D C:\ProgramData\TEMP
2016-12-10 10:12 - 2014-02-13 18:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\GoodSync
2016-12-10 09:58 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-10 09:34 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-10 09:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-10 09:26 - 2016-07-14 08:38 - 00000000 ____D C:\Users\Chris\AppData\Local\WhatsApp
2016-12-10 09:26 - 2016-05-12 06:25 - 00002292 _____ C:\Users\Chris\Desktop\WhatsApp.lnk
2016-12-10 09:26 - 2016-05-12 06:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-12-10 09:25 - 2016-05-12 06:25 - 00000000 ____D C:\Users\Chris\AppData\Local\SquirrelTemp
2016-12-10 09:25 - 2015-12-10 21:49 - 00002437 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-08 19:19 - 2015-12-10 21:47 - 00000000 ____D C:\Users\Chris\AppData\Local\Packages
2016-12-07 18:19 - 2014-02-13 18:13 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2016-12-07 18:13 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-07 18:12 - 2016-09-26 20:06 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-07 18:12 - 2016-06-20 22:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-07 18:12 - 2016-06-02 21:39 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-05 20:05 - 2014-02-13 18:19 - 00000336 _____ C:\WINDOWS\BRCALIB.INI
2016-12-05 16:51 - 2015-12-10 22:33 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-05 16:51 - 2015-12-10 22:33 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-05 16:51 - 2014-02-14 10:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-05 16:51 - 2014-02-13 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-05 16:51 - 2014-02-13 17:50 - 00000000 ____D C:\Users\Chris\AppData\Local\NVIDIA Corporation
2016-12-05 06:53 - 2014-02-14 18:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-02 22:54 - 2015-12-10 22:33 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-02 22:43 - 2016-09-26 15:47 - 00004290 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-12-02 22:43 - 2016-09-26 15:47 - 00004058 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-12-02 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-26 12:23 - 2014-06-01 14:56 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-11-20 17:14 - 2015-11-13 09:15 - 00000000 ____D C:\Users\Chris\Desktop\NaWi-Logo
2016-11-19 17:24 - 2014-02-13 17:49 - 00000000 ____D C:\Users\Chris\AppData\Local\NVIDIA
2016-11-19 08:08 - 2014-03-20 08:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2016-11-19 08:07 - 2016-09-26 15:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-19 08:07 - 2016-09-26 15:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-19 08:07 - 2016-09-26 15:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-19 08:07 - 2014-02-11 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-17 22:18 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-17 22:17 - 2013-04-23 09:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-16 20:38 - 2014-02-18 19:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TeamViewer
2016-11-15 19:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-15 06:45 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-14 07:21 - 2014-08-28 08:42 - 00000000 ____D C:\Users\Chris\AppData\Local\Adobe
2016-11-14 07:21 - 2014-02-14 08:39 - 00000000 ____D C:\ProgramData\Adobe
2016-11-14 07:21 - 2014-02-14 08:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-14 07:21 - 2014-02-13 17:51 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Adobe
2016-11-14 07:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-14 07:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-14 07:04 - 2014-03-02 20:21 - 00000000 ____D C:\ProgramData\tmp
2016-11-13 19:08 - 2016-09-26 15:39 - 00000000 ____D C:\Users\Chris
2016-11-12 07:59 - 2015-12-10 21:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-12 07:58 - 2016-09-26 15:38 - 00579736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-11 07:05 - 2013-08-22 09:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-11 07:02 - 2013-04-22 15:17 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-10 11:50 - 2016-09-26 15:47 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 06:44 - 2016-02-28 19:09 - 00002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-06-15 21:11 - 2016-02-14 09:03 - 0004608 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-23 08:27 - 2016-06-14 17:07 - 0001149 _____ () C:\Users\Chris\AppData\Local\OfficeMix.txt
2016-08-31 16:18 - 2016-08-31 16:18 - 0000380 _____ () C:\Users\Chris\AppData\Local\OfficeMix_16_0.txt
2016-03-14 18:54 - 2016-03-14 18:54 - 0007145 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel
2014-02-16 17:08 - 2016-06-01 20:30 - 0007611 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2014-03-03 12:53 - 2014-03-03 12:53 - 0000011 _____ () C:\ProgramData\.tv7
2014-02-14 18:12 - 2016-01-24 08:12 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-02-24 18:51 - 2016-02-24 18:51 - 0235717 _____ () C:\ProgramData\1456336221.bdinstall.bin
2016-03-22 17:07 - 2016-03-22 17:07 - 0025767 _____ () C:\ProgramData\1458662861.bdinstall.bin
2016-03-31 21:52 - 2016-03-31 21:52 - 0025975 _____ () C:\ProgramData\1459457553.bdinstall.bin
2016-06-14 15:58 - 2016-06-14 15:58 - 0025973 _____ () C:\ProgramData\1465916327.bdinstall.bin
2016-06-14 16:58 - 2016-06-14 16:58 - 0025974 _____ () C:\ProgramData\1465919934.bdinstall.bin
2016-06-14 16:59 - 2016-06-14 16:59 - 0025975 _____ () C:\ProgramData\1465919942.bdinstall.bin
2016-06-14 16:59 - 2016-06-14 16:59 - 0026778 _____ () C:\ProgramData\1465919952.bdinstall.bin
2016-09-20 19:56 - 2016-09-20 19:56 - 0026834 _____ () C:\ProgramData\agent.1474397808.bdinstall.bin
2016-11-02 06:37 - 2016-11-02 06:37 - 0028757 _____ () C:\ProgramData\agent.1478065071.bdinstall.bin
2014-04-29 07:42 - 2014-04-29 07:43 - 0009868 _____ () C:\ProgramData\DVRClient.log
2014-04-29 07:43 - 2014-04-29 08:02 - 0160512 _____ () C:\ProgramData\DVRServerMediaDevices.log
2014-04-29 07:43 - 2014-04-29 07:44 - 0001088 _____ () C:\ProgramData\DVRServerNetworkCameras.log
2014-04-29 07:41 - 2014-04-29 07:41 - 0000832 _____ () C:\ProgramData\DVRServerTools.log
2016-02-19 13:33 - 2016-02-19 13:33 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Chris\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Chris\AppData\Local\Temp\nvStInst.exe
C:\Users\Chris\AppData\Local\Temp\_is58C4.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-04 16:34

==================== Ende von FRST.txt ============================

erebor · 10.12.2016, 12:11

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016
durchgeführt von Chris (10-12-2016 12:06:12)
Gestartet von C:\Users\Chris\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-26 14:48:23)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2784361696-2099732649-3132497725-500 - Administrator - Disabled)
Chris (S-1-5-21-2784361696-2099732649-3132497725-1001 - Administrator - Enabled) => C:\Users\Chris
DefaultAccount (S-1-5-21-2784361696-2099732649-3132497725-503 - Limited - Disabled)
Gast (S-1-5-21-2784361696-2099732649-3132497725-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2784361696-2099732649-3132497725-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ActivInspire Core Resources (DEU) v1 (HKLM-x32\...\{06C9F624-9F53-4C89-9720-1601A295769A}) (Version: 1.6.3 - Promethean)
ActivInspire Help (DEU) v1 (HKLM-x32\...\{B18A62F5-296F-4BC4-B8DD-A9FB16EE9106}) (Version: 1.6.3 - Promethean)
ActivInspire HWR Resources (DEU) v1 (HKLM-x32\...\{CB2158F5-B05D-41BF-B8F8-05A85695BA4E}) (Version: 1.7.1 - Promethean)
ActivInspire v2 (HKLM-x32\...\{3596E106-2A9A-4005-8EDD-CFD18AC3B969}) (Version: 2.7.66643 - Promethean)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AK-VirtualCom (HKLM-x32\...\{55D9A696-A3F5-48D8-82A5-F509BBD28189}) (Version: 2.0.0 - AK-NORD)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.5 - RedFox)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender)
BOINC (HKLM\...\{EC6C20A3-D9C4-4775-8EEC-4C11E64E2779}) (Version: 7.6.22 - Space Sciences Laboratory, U.C. Berkeley)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.51.0007 - Brother)
Brother MFL-Pro Suite DCP-9055CDN (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CamCliCtrl (HKLM-x32\...\{1C38E027-8447-4344-9B8C-A831C628BF63}) (Version: 1.0.6510 - NetworkSurveillanceNP)
Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 15.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EZ CD Audio Converter Free (64-bit) (HKLM-x32\...\EZ CD Audio Converter Free (64-bit)) (Version: 1.6.1 - Poikosoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version:  - musetips.com)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.12.713 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.12.713 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.7.1117 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.71.0 - Siber Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Photos Backup (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoPro (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (x32 Version: 5.9.2733 - GoPro, Inc.) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Jumpian (HKLM-x32\...\{e2a1b9e8-f43a-41a4-97e2-1875e5933719}) (Version: 1.7.0.13 - Synnotech AG)
Jumpian (x32 Version: 1.7.0.13 - Synnotech AG) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B7802BC1-5F76-48D2-A622-98195BD50B87}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MakeMKV v1.9.1 (HKLM-x32\...\MakeMKV) (Version: v1.9.1 - GuinpinSoft inc)
MassFaces 4.2.5.141 (HKLM-x32\...\{D7B24A43-A287-41AC-9957-F616A2B25A9D}_is1) (Version: 4.2.5.141 - Havy Alegria)
MediaCoder x64 0.8.41.5815 (HKLM\...\MediaCoder x64) (Version: 0.8.41.5815 - Mediatronic)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation)
MKVToolNix 9.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 9.4.0 - Moritz Bunkus)
Morgan Multimedia Motion JPEG Codec 3.0.0.9 (HKLM-x32\...\Morgan Multimedia Motion JPEG Codec_is1) (Version: 3.0.0.9 - Morgan Multimedia)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Firefox 50.0.2 (x86 de) (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom)
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OEKOWI 5.207.ch (HKLM-x32\...\{0506FA2D-F846-4536-930B-0FC372BDE853}) (Version: 5.207.0 - Ernst Schmidheiny Stiftung)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office Mix (HKLM-x32\...\{9c7fb62c-70e4-4bd0-b9f1-d84aa18ff93d}) (Version: 0.1.5720.0 - Microsoft Corporation)
Office Mix 32-bit (x32 Version: 0.1.5720.0 - Microsoft) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.6 (HKLM\...\{EEDDD7E2-A7A2-4FA9-8C32-ADB29A5096FF}) (Version: 5.1.6 - Oracle Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (64bit) (HKLM\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.74.1 - proDAD GmbH)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
S3 Browser version 4.9.3 (HKLM\...\S3 Browser_is1) (Version: 4.9.3.0 - NetSDK Software, LLC)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SecurView Pro 2.1.1 (HKLM-x32\...\DVRServer.Application_is1) (Version: 2.1.1 - TRENDnet)
SecurView Pro Codecs 2.1.1 (HKLM-x32\...\DVRCodecs_is1) (Version: 2.1.1 - TRENDnet)
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
SetupWizard (HKLM-x32\...\{CE7BDBA3-B8F4-4B2A-8FB7-7C439D6E6077}) (Version: 1.0.2904 - TRENDnet)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version:  - )
SteuerBerater 2015-2016 (HKLM-x32\...\{342BD7F7-8BBD-403A-B09B-F3361A1365E3}) (Version: 15.11.0 - Akademische Arbeitsgemeinschaft)
SteuerBerater für Lehrer 2013-2014 (HKLM-x32\...\{E84E9818-988D-44E1-A996-FC05F83A64DC}) (Version: 1.00.9 - Akademische Arbeitsgemeinschaft)
SteuerBerater für Lehrer 2014-2015 (HKLM-x32\...\{425E7795-9051-4EA3-8E85-32B9B6725247}) (Version: 15.03.0 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.37.107 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung Lehrer 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.12.92 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung Lehrer 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.42.175 - Akademische Arbeitsgemeinschaft)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Thecus Setup Wizard 2.0.4 (HKLM-x32\...\Thecus Setup Wizard) (Version: 2.0.4 - Thecus, Inc.)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.1.0 - PacketVideo)
TwonkyManager (HKLM-x32\...\TwonkyManager) (Version: 3.1.0 (55) - PacketVideo)
Unity Web Player (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS 2008 CRT Package (HKLM-x32\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {18ABF9E6-9468-D082-B069-DAE985889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5EC3F743-9468-D082-1567-B2AF85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05CA85CC-800F-430A-B300-CD228FEA6CD0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {0EAD5BD0-E399-4CCD-BB00-1E445ACA3EB5} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
Task: {1F61DF53-C97C-4B2F-A65F-517065407262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {20FA996A-5F21-400B-B4FF-1F4FC4C56C21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {238E5C74-8143-4713-8CF6-7772CD04C222} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {25C348BF-A43B-4553-8FC1-35F927733361} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2CB7A611-6648-4E15-A5B1-1BFF9E77BD68} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2F6536DD-1D7F-4F6A-B48C-A8F0F88A4684} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {30322D93-AA36-4B24-9259-6A23DDC8D63A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31A00C32-9B1A-4666-9CDD-6CD18BC6A83C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {329C6455-D140-4176-A2B1-060296753F8F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {360550D1-9545-418D-A2A3-C1FDFFEC60AD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3EBC1F2E-8B52-4D38-A8D8-DDBFED624D4B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {4517231F-FF08-4D92-BE96-A57F01B948FF} - System32\Tasks\{90C4F098-DC86-4290-9EC3-6FBFA505B2C0} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsMain
Task: {45FD276B-29B2-4629-AE1D-125AEFE5F34D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4BEE47F8-7A7C-47B5-A100-0ED768743CD5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5575FF3E-165E-4332-8F79-EEEA7E62AC78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5629CE8C-87B5-48D4-93A5-2E53A110CB73} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5669705E-F6B3-41F2-BDB9-AF18D8C8AAC2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63CCAACF-A9EF-4E21-A61E-4ECE6CBF8205} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {698D1C76-15E2-430D-9655-862A90D959F5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.)
Task: {7A895C41-84C7-4084-8D93-3C27E59837F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E245809-0AE1-4486-A6C9-8F4E012BAA79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {84074052-5CF3-4A8E-89D4-503E78C7BC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B2B927B-1071-4CBF-A15A-82EB8D2F74DB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8C701934-5C35-4180-8B41-810A2E6827F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8C898A53-3106-490A-99BB-11CE5AC6B833} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9CB717A9-CD2F-4415-8583-10C9A069D7FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A7FAE584-D2D4-4FEC-9884-03038D2A659D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AD320376-9B1E-414E-AB61-E7F4E962DB26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B04F8EB6-D7E1-4225-AFC4-FC7CD348D5B2} - System32\Tasks\{87744C1F-53F1-4916-8388-6B9518B6203F} => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe [2015-12-07] (Gas Powered Games)
Task: {B286AAE8-1334-4432-87B2-FF2AB48700D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B5220E85-934A-4E3A-90B8-E2F31DE82BC8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE28265D-C88D-4A1F-9DA7-53C7F25EADAC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF3A86BD-4EFD-48E9-8A79-9A927A1E894F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C115C74A-62B6-4CF1-BA02-554ADF3C33FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {C23352CC-33FD-4E06-A385-234D2931D254} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C733F89E-2B0B-4C67-B9F1-2338E0DE4D1A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB38AA2D-C7E0-4333-BDE8-3C294320D158} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {CDA1BD3F-BDA2-489A-8FE4-66978652720A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-14] (Adobe Systems Incorporated)
Task: {CE34CAFC-0242-4A50-BCB0-2321EC97CB51} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D241E9EF-E6E9-4CDD-B24C-43E7630F9D2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {D453B5F2-CC20-40E3-B177-5813F73B06BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DB32C87C-E23D-43AE-9B54-EFD661BFB883} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DC724AC5-4861-45BB-9F73-4E05E2B09D13} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DED83FBC-F8D1-41CA-9F9A-2BA67C5A04E3} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {EC9BAC6B-06F8-4B47-8D89-B9C7BF640AA1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0C2AE48-B72C-48AE-BEFC-4197AB22AF9A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F235A244-DCAE-4C58-9496-8476437D46B8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation)
Task: {F416ACC6-C393-4895-AB96-B96592798483} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-11] (Microsoft Corporation)
Task: {F424049C-22F0-44BE-B66C-B643B85C180B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6729825-C0F0-4CE1-B16D-D08D6FC8E516} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {FCF26027-4B4F-4DF2-8048-CAEC3ABDB226} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.)
Task: {FD5BFC95-5B38-42C2-ACF7-F0ECF9E3B8E2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FDF99E09-FC95-4738-9CD4-D12822C80E56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-01 09:07 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-22 00:07 - 2016-04-22 00:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:07 - 2016-04-22 00:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-03-03 17:47 - 2013-05-31 15:02 - 00099328 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2016-10-28 16:39 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-28 06:12 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2014-02-14 12:29 - 2014-02-14 12:29 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2014-02-13 18:18 - 2010-03-16 00:18 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2013-04-19 09:35 - 2013-04-19 09:35 - 00881480 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2016-09-26 15:38 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-28 06:12 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-01 09:07 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-10 09:25 - 2016-12-10 09:25 - 01678560 _____ () C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-26 16:35 - 2016-09-26 16:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 19:45 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 19:44 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 19:45 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 19:44 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 19:44 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 19:44 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 19:44 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-17 22:16 - 2016-11-17 22:17 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 22:16 - 2016-11-17 22:17 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 22:16 - 2016-11-17 22:17 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2013-10-15 11:31 - 2013-10-15 11:31 - 00106496 _____ () C:\Program Files\BOINC\zlib1.dll
2016-05-11 23:39 - 2016-05-11 23:39 - 01088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2016-06-05 21:32 - 2016-06-05 21:32 - 01181184 _____ () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_intelx86
2016-05-31 19:59 - 2016-05-31 19:59 - 01600000 _____ () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
2016-11-15 14:52 - 2016-11-15 14:52 - 12404960 _____ () C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe
2014-09-30 01:51 - 2014-09-30 01:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-05-11 23:39 - 2016-05-11 23:39 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2016-11-15 14:52 - 2016-11-15 14:52 - 07942880 _____ () C:\Program Files\Siber Systems\GoodSync\gs-server.exe
2016-12-10 09:26 - 2016-12-08 08:43 - 02259968 _____ () C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\ffmpeg.dll
2016-12-10 09:26 - 2016-12-08 08:43 - 02917376 _____ () C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\libglesv2.dll
2016-12-10 09:26 - 2016-12-08 08:43 - 00095232 _____ () C:\Users\Chris\AppData\Local\WhatsApp\app-0.2.2732\libegl.dll
2016-12-10 10:52 - 2016-12-10 10:52 - 00458240 _____ () \\?\C:\Users\Chris\AppData\Local\Temp\B892.tmp.node
2016-12-10 10:52 - 2016-12-10 10:52 - 00173568 _____ () \\?\C:\Users\Chris\AppData\Local\Temp\C006.tmp.node
2016-11-09 19:44 - 2016-11-02 11:16 - 04046848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Signals.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-06-27 13:05 - 2015-06-27 13:05 - 00028672 _____ () C:\Program Files (x86)\AK-NORD\AK-VirtualCom\AxInterop.VSPortLib.dll
2016-12-10 09:25 - 2016-12-10 09:25 - 01244376 _____ () C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2015-04-05 07:04 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-07 20:04 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-07 20:04 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-07 20:04 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-07 20:04 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-07 20:04 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-07 20:04 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:56 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-15 10:12 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2014-02-13 18:18 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-12-10 22:33 - 2016-10-29 00:50 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-12-02 22:54 - 2016-10-29 00:50 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-02 22:54 - 2016-10-29 00:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-02 22:54 - 2016-10-29 00:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-10 22:33 - 2016-10-29 00:50 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-10 22:33 - 2016-10-29 00:50 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-10 22:33 - 2016-11-28 15:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-10 22:33 - 2016-10-29 00:50 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 22:33 - 2016-10-29 00:51 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-02 22:54 - 2016-10-29 00:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-02 22:54 - 2016-10-29 00:53 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-10 22:33 - 2016-11-28 15:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-09 09:27 - 2016-10-29 00:52 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-10 22:33 - 2016-11-28 15:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-02 22:54 - 2016-10-29 00:49 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-02 22:54 - 2016-11-28 15:16 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-02 22:54 - 2016-11-28 15:05 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-02 22:54 - 2016-11-28 15:16 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-02 22:54 - 2016-11-28 15:16 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-10 22:33 - 2016-10-29 00:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-02 22:54 - 2016-11-28 15:17 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-02 22:54 - 2016-10-29 00:56 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-02 22:54 - 2016-10-29 00:56 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-02 22:54 - 2016-11-28 15:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-04-16 07:56 - 2016-11-28 15:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2014-02-11 13:33 - 2013-08-08 21:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 [200]
AlternateDataStreams: C:\ProgramData\TEMP:B3ED3AFF [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-24 17:50 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: ActivControl => 2
MSCONFIG\Services: TwonkyProxy => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TwonkyServer.lnk => C:\Windows\pss\TwonkyServer.lnk.CommonStartup
MSCONFIG\startupreg: ActivManager => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Chris\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKLM\...\StartupApproved\Run: => "InstallerLauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{FDFC4A65-4368-476A-AF0B-A9F05AFE00F9}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{70F778F0-0ED7-4950-8C56-D45247261EF6}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{32D5312A-1915-4FA1-A1EF-9EC603C03B99}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{28BD0502-2560-499E-BD79-94D95F6D655A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{56CFA0FE-C76F-47CA-9404-2961A4DD05C6}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6496E3DC-A871-444B-A7BA-280DCF4E6270}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B298FBB5-0DF0-42D8-AD78-6189A3BC4F2A}] => LPort=1900
FirewallRules: [{E8744C05-06FA-4BD4-8D41-8DED909E6DEF}] => LPort=2869
FirewallRules: [{210BE3C7-A10C-41EA-98DC-0FAC1E013518}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2DAF1A96-EF88-41D1-90F4-39994D8C8C81}] => C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{36D1F673-2BAC-4A86-BC34-4C51D3EAB299}] => C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{BD64D782-E616-4E2E-887A-BF33F9581C41}] => C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{B1186A25-E080-491D-BE7E-E7F7B134F891}] => C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe
FirewallRules: [{199D41DA-A13A-45C0-8096-5180295F4FCB}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B02EEDED-DD26-4E5C-8561-52C34160ADC6}] => C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe
FirewallRules: [{4B3C3410-A33B-4D16-AE32-2766D8974EF6}] => C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe
FirewallRules: [{841E2F4F-6E7D-4C21-AEAC-14EA4350E943}] => C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{18CD0A41-B660-4A3F-BFFB-D3BA6B20F5B6}] => C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{4314ECF5-ADD9-40E3-B71E-6BAC1C41EBF9}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{316C7C74-FCED-483D-91B4-523C1AC33CF3}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{87CB2900-DCC7-4B1E-91B7-9EAA3FA21D33}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C28CBE78-434B-4189-8B8C-3446BB415BC8}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAE3138D-FEA0-4535-AB7D-EA6E46B82A05}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5BB0E675-6DA9-419D-8F3D-1D349BF29D7E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5F334ECD-8481-48B6-86DC-97EFB2CDD91E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E309845C-1B36-4FD1-B1A0-20FEF36F86C6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C03A4D85-B5B6-4163-AAED-D92B72DAD52E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7F0D25F-DE63-425E-B6D0-0FAC77CF8183}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD37C495-C1DC-4D80-9E4C-AA56F000B587}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF82E3FB-2C9B-4A40-ABEF-F1AD88DD71DE}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1174B74E-E4A8-4423-9C28-D3D549F1E163}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2860BF5E-FC21-474B-89DA-7BE82102FB3E}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{F17B068A-E39B-4D40-955E-B66E03274DAF}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{F1E198F8-9D99-40C4-B5F2-8A693638A34C}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{D7323C18-B3A5-4582-8558-2831CEEF8196}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{A5300B72-AFC8-4C82-B5B3-82E2B938EBCE}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{015E2CDC-5BF3-49E8-B5A9-B80CD29EB81E}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{8BE80EDF-C82F-410F-9AAD-8E57ED859838}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{CF2550B5-9690-47B3-B7A0-D5D129592503}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{22FCAA54-1523-4716-ABA3-A5757DBD1970}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{0CECECD2-71C4-4451-BC77-D2836A59BD42}] => LPort=3
FirewallRules: [{C52578EF-8E5A-49DD-A039-283EECBF1FFB}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7AEA68DA-2252-4F5E-8076-85ACB5294B55}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F88D6433-5C95-4D37-8DF5-77EA668E2A9C}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0D3BBA8-B508-4046-93FC-12BC0A6E4D53}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AA5D992F-3889-4A48-8DDF-CA0DE60CC912}] => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{F81DA445-0A20-45FC-8F3C-0BE02B3ABB18}] => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{75F810B0-9358-4A39-B16B-DD2BB209AF4A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{52F524B0-350C-4400-A9C7-0C8C82AE7AD2}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D0CD440A-56B0-4B5B-B458-811AE41F1914}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DDEB8839-B6D4-4CA0-B5D5-E2C4663A4C1A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{264AA3EF-B977-473A-89FE-567E38CF0E96}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B22AC9C6-8EC1-49E5-8166-C7388636E032}] => C:\Program Files\Siber Systems\GoodSync\gs-server.exe
FirewallRules: [{98E91D1F-93C5-4905-A078-F6EE13BAAEAC}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

29-11-2016 06:53:42 Geplanter Prüfpunkt
08-12-2016 18:08:48 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/10/2016 10:31:27 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/10/2016 10:12:32 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (12/10/2016 09:55:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (12/10/2016 09:27:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/08/2016 06:08:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/08/2016 05:39:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (12/08/2016 04:57:39 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/07/2016 05:59:33 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/07/2016 08:21:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHRIS-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/07/2016 07:38:22 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (12/10/2016 10:13:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Kumulatives Update für Windows 10 Version 1607 für x64-basierte Systeme (KB3201845)

Error: (12/10/2016 10:12:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/10/2016 10:12:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/10/2016 10:10:46 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
Die maximale Anzahl der Kennwörter, die in einem einzelnen System gespeichert werden können, wurde überschritten.

Error: (12/10/2016 10:09:55 AM) (Source: DCOM) (EventID: 10001) (User: CHRIS-PC)
Description: Ein DCOM-Server konnte nicht gestartet werden: {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} als Nicht verfügbar/Nicht verfügbar. Fehler:
"5"
Aufgetreten beim Start dieses Befehls:
C:\Windows\System32\smartscreen.exe -Embedding

Error: (12/10/2016 09:24:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/08/2016 04:54:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/07/2016 06:13:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (12/07/2016 06:13:13 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/07/2016 06:13:09 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1240 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 16324.79 MB
Verfügbarer physikalischer RAM: 11669.39 MB
Summe virtueller Speicher: 32708.79 MB
Verfügbarer virtueller Speicher: 27592.92 MB

==================== Laufwerke ================================

Drive c: (Win7Prox64) (Fixed) (Total:222.69 GB) (Free:61 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:159.05 GB) NTFS
Drive g: (Work) (Fixed) (Total:238.47 GB) (Free:27.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 96F600A9)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 54ED8154)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 341E10E5)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka · 10.12.2016, 16:49

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

erebor · 10.12.2016, 17:34

Geteilter Log wegen zuvielen Zeichen.
Teil 1:

Code:

ATTFilter

17:30:11.0279 0x0254  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
17:30:15.0313 0x0254  ============================================================
17:30:15.0313 0x0254  Current date / time: 2016/12/10 17:30:15.0313
17:30:15.0313 0x0254  SystemInfo:
17:30:15.0317 0x0254  
17:30:15.0317 0x0254  OS Version: 10.0.14393 ServicePack: 0.0
17:30:15.0317 0x0254  Product type: Workstation
17:30:15.0317 0x0254  ComputerName: CHRIS-PC
17:30:15.0317 0x0254  UserName: Chris
17:30:15.0317 0x0254  Windows directory: C:\WINDOWS
17:30:15.0317 0x0254  System windows directory: C:\WINDOWS
17:30:15.0317 0x0254  Running under WOW64
17:30:15.0317 0x0254  Processor architecture: Intel x64
17:30:15.0317 0x0254  Number of processors: 8
17:30:15.0317 0x0254  Page size: 0x1000
17:30:15.0317 0x0254  Boot type: Normal boot
17:30:15.0317 0x0254  CodeIntegrityOptions = 0x00000001
17:30:15.0317 0x0254  ============================================================
17:30:15.0424 0x0254  KLMD registered as C:\WINDOWS\system32\drivers\03363939.sys
17:30:15.0424 0x0254  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
17:30:15.0551 0x0254  System UUID: {44699A39-A3EA-2949-C5E6-ACE5AD3F0A1E}
17:30:15.0924 0x0254  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:16.0127 0x0254  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:16.0136 0x0254  Drive \Device\Harddisk2\DR2 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0xE73F9, SectorsPerTrack: 0x3, TracksPerCylinder: 0xB0, Type 'K0', Flags 0x00000040
17:30:16.0140 0x0254  ============================================================
17:30:16.0140 0x0254  \Device\Harddisk0\DR0:
17:30:16.0140 0x0254  MBR partitions:
17:30:16.0140 0x0254  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BD61000
17:30:16.0140 0x0254  \Device\Harddisk1\DR1:
17:30:16.0140 0x0254  MBR partitions:
17:30:16.0140 0x0254  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:30:16.0140 0x0254  \Device\Harddisk2\DR2:
17:30:16.0140 0x0254  MBR partitions:
17:30:16.0140 0x0254  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCF2000
17:30:16.0140 0x0254  ============================================================
17:30:16.0142 0x0254  C: <-> \Device\Harddisk0\DR0\Partition1
17:30:16.0155 0x0254  D: <-> \Device\Harddisk1\DR1\Partition1
17:30:16.0155 0x0254  G: <-> \Device\Harddisk2\DR2\Partition1
17:30:16.0155 0x0254  ============================================================
17:30:16.0155 0x0254  Initialize success
17:30:16.0155 0x0254  ============================================================
17:30:55.0888 0x1c74  ============================================================
17:30:55.0888 0x1c74  Scan started
17:30:55.0888 0x1c74  Mode: Manual; SigCheck; TDLFS; 
17:30:55.0888 0x1c74  ============================================================
17:30:55.0888 0x1c74  KSN ping started
17:30:56.0053 0x1c74  KSN ping finished: true
17:30:57.0688 0x1c74  ================ Scan system memory ========================
17:30:57.0688 0x1c74  System memory - ok
17:30:57.0689 0x1c74  ================ Scan services =============================
17:30:57.0741 0x1c74  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:30:57.0817 0x1c74  1394ohci - ok
17:30:57.0832 0x1c74  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:30:57.0851 0x1c74  3ware - ok
17:30:57.0859 0x1c74  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
17:30:57.0872 0x1c74  AAV UpdateService - ok
17:30:57.0891 0x1c74  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:30:57.0926 0x1c74  ACPI - ok
17:30:57.0935 0x1c74  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
17:30:57.0952 0x1c74  AcpiDev - ok
17:30:57.0959 0x1c74  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:30:57.0977 0x1c74  acpiex - ok
17:30:57.0982 0x1c74  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:30:57.0998 0x1c74  acpipagr - ok
17:30:58.0003 0x1c74  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:30:58.0019 0x1c74  AcpiPmi - ok
17:30:58.0023 0x1c74  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:30:58.0039 0x1c74  acpitime - ok
17:30:58.0048 0x1c74  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:58.0060 0x1c74  AdobeARMservice - ok
17:30:58.0088 0x1c74  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:58.0104 0x1c74  AdobeFlashPlayerUpdateSvc - ok
17:30:58.0134 0x1c74  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:30:58.0180 0x1c74  ADP80XX - ok
17:30:58.0203 0x1c74  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:30:58.0233 0x1c74  AFD - ok
17:30:58.0247 0x1c74  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:30:58.0271 0x1c74  ahcache - ok
17:30:58.0275 0x1c74  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
17:30:58.0291 0x1c74  AJRouter - ok
17:30:58.0296 0x1c74  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
17:30:58.0308 0x1c74  ALG - ok
17:30:58.0313 0x1c74  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:30:58.0326 0x1c74  AmdK8 - ok
17:30:58.0330 0x1c74  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:30:58.0342 0x1c74  AmdPPM - ok
17:30:58.0346 0x1c74  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:30:58.0356 0x1c74  amdsata - ok
17:30:58.0362 0x1c74  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:30:58.0375 0x1c74  amdsbs - ok
17:30:58.0379 0x1c74  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:30:58.0388 0x1c74  amdxata - ok
17:30:58.0393 0x1c74  [ C52568A5AF986C205F71649FCE37E764, 52569192F6B7B95C55A54015D7AE35C1FD0B37D12B5487D386175B4AD67BAB73 ] AnyDVD          C:\WINDOWS\system32\Drivers\AnyDVD.sys
17:30:58.0405 0x1c74  AnyDVD - ok
17:30:58.0409 0x1c74  [ 5B0F4FB165256DE463A51E3A3127969E, 6751ADFFE95FA671C584427A9624EEB79518DE08132FD7A83148700B75487316 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
17:30:58.0422 0x1c74  AppHostSvc - ok
17:30:58.0427 0x1c74  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:30:58.0438 0x1c74  AppID - ok
17:30:58.0443 0x1c74  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:30:58.0457 0x1c74  AppIDSvc - ok
17:30:58.0461 0x1c74  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:30:58.0475 0x1c74  Appinfo - ok
17:30:58.0481 0x1c74  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:58.0489 0x1c74  Apple Mobile Device Service - ok
17:30:58.0492 0x1c74  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
17:30:58.0505 0x1c74  applockerfltr - ok
17:30:58.0514 0x1c74  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:30:58.0529 0x1c74  AppMgmt - ok
17:30:58.0540 0x1c74  [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:30:58.0564 0x1c74  AppReadiness - ok
17:30:58.0579 0x1c74  [ 6010A920FDE5BFE4EA056F9736FBDC06, F55F68D5AD1F272BC285E716E02090C62FC87476DD6CE7ABA6BE7EF8EF6178DE ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
17:30:58.0603 0x1c74  AppVClient - ok
17:30:58.0608 0x1c74  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
17:30:58.0619 0x1c74  AppvStrm - ok
17:30:58.0624 0x1c74  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
17:30:58.0635 0x1c74  AppvVemgr - ok
17:30:58.0640 0x1c74  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
17:30:58.0651 0x1c74  AppvVfs - ok
17:30:58.0688 0x1c74  [ F9F4CFCB3845EABF81A654001C80854C, 2CB7BED0A838585903056E41D46C2604B5EECA3B6C673497A22BFFCAE7986C5F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:30:58.0751 0x1c74  AppXSvc - ok
17:30:58.0762 0x1c74  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:30:58.0772 0x1c74  arcsas - ok
17:30:58.0783 0x1c74  [ 5EE26734A882478AF6696092E2E0F352, 6CACFF521B3B839F73EBEB6EFBFDCCA8A8BC319DDB254BE3EFE29A39040B2C26 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:30:58.0794 0x1c74  aspnet_state - ok
17:30:58.0797 0x1c74  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
17:30:58.0808 0x1c74  AsyncMac - ok
17:30:58.0811 0x1c74  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:30:58.0820 0x1c74  atapi - ok
17:30:58.0829 0x1c74  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:30:58.0847 0x1c74  AudioEndpointBuilder - ok
17:30:58.0863 0x1c74  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:30:58.0895 0x1c74  Audiosrv - ok
17:30:58.0909 0x1c74  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
17:30:58.0920 0x1c74  AVP17.0.0 - ok
17:30:58.0924 0x1c74  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:30:58.0937 0x1c74  AxInstSV - ok
17:30:58.0948 0x1c74  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:30:58.0966 0x1c74  b06bdrv - ok
17:30:58.0970 0x1c74  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:30:58.0981 0x1c74  BasicDisplay - ok
17:30:58.0984 0x1c74  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:30:58.0994 0x1c74  BasicRender - ok
17:30:58.0998 0x1c74  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
17:30:59.0008 0x1c74  bcmfn - ok
17:30:59.0011 0x1c74  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:30:59.0021 0x1c74  bcmfn2 - ok
17:30:59.0029 0x1c74  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:30:59.0047 0x1c74  BDESVC - ok
17:30:59.0051 0x1c74  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:30:59.0060 0x1c74  Beep - ok
17:30:59.0075 0x1c74  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
17:30:59.0104 0x1c74  BFE - ok
17:30:59.0122 0x1c74  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
17:30:59.0158 0x1c74  BITS - ok
17:30:59.0172 0x1c74  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:30:59.0185 0x1c74  Bonjour Service - ok
17:30:59.0190 0x1c74  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:30:59.0203 0x1c74  bowser - ok
17:30:59.0208 0x1c74  [ 6BD0474FA77F6B475D9C4D1A8C7ECD8D, 3B992D4222D1CB78F11D8409406AC596D7EF2970A3A00BF6974F1198F48BC70F ] BRA_Scheduler   C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
17:30:59.0213 0x1c74  BRA_Scheduler - detected UnsignedFile.Multi.Generic ( 1 )
17:30:59.0535 0x1c74  BRA_Scheduler ( UnsignedFile.Multi.Generic ) - warning
17:30:59.0659 0x1c74  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:30:59.0706 0x1c74  BrokerInfrastructure - ok
17:30:59.0722 0x1c74  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
17:30:59.0743 0x1c74  Browser - ok
17:30:59.0751 0x1c74  [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
17:30:59.0767 0x1c74  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:31:00.0021 0x1c74  Detect skipped due to KSN trusted
17:31:00.0021 0x1c74  BrYNSvc - ok
17:31:00.0029 0x1c74  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:31:00.0047 0x1c74  BthAvrcpTg - ok
17:31:00.0052 0x1c74  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:31:00.0070 0x1c74  BthHFEnum - ok
17:31:00.0075 0x1c74  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:31:00.0091 0x1c74  bthhfhid - ok
17:31:00.0101 0x1c74  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:31:00.0130 0x1c74  BthHFSrv - ok
17:31:00.0135 0x1c74  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:31:00.0153 0x1c74  BTHMODEM - ok
17:31:00.0162 0x1c74  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:31:00.0184 0x1c74  bthserv - ok
17:31:00.0189 0x1c74  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
17:31:00.0206 0x1c74  buttonconverter - ok
17:31:00.0212 0x1c74  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
17:31:00.0235 0x1c74  CapImg - ok
17:31:00.0241 0x1c74  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:31:00.0261 0x1c74  cdfs - ok
17:31:00.0274 0x1c74  [ B737F6FB33A6F79BCBC293A5B32C1C4E, B2EAF621052A4CBEE78208ECF1AC9286BD1EB431019372254E442319308112F8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
17:31:00.0306 0x1c74  CDPSvc - ok
17:31:00.0317 0x1c74  [ 2531EF3423A9FE1692005A41907E3BE3, 4E7D3E216937305B73CBCC5031F513CEC38F4FEFE3F2291DED5F37641221CCA0 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
17:31:00.0346 0x1c74  CDPUserSvc - ok
17:31:00.0358 0x1c74  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:31:00.0379 0x1c74  cdrom - ok
17:31:00.0387 0x1c74  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:31:00.0413 0x1c74  CertPropSvc - ok
17:31:00.0425 0x1c74  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
17:31:00.0448 0x1c74  cht4iscsi - ok
17:31:00.0496 0x1c74  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
17:31:00.0570 0x1c74  cht4vbd - ok
17:31:00.0581 0x1c74  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:31:00.0598 0x1c74  circlass - ok
17:31:00.0610 0x1c74  [ 39591D8510CEC3BA6ED4330EE689B791, E827DEA20AB338308D6E4EEFEF551088088B77CD10BF08C8BE568090E04172E2 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:31:00.0634 0x1c74  CLFS - ok
17:31:00.0708 0x1c74  [ BDED70145D7F931CAD02BD531BEB38B7, 6B6355482F7FD44ECD958BBFDC9795C8F79A60EB5294349DCB0DBBECE607A5B6 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
17:31:00.0798 0x1c74  ClickToRunSvc - ok
17:31:00.0821 0x1c74  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
17:31:00.0843 0x1c74  ClipSVC - ok
17:31:00.0847 0x1c74  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
17:31:00.0858 0x1c74  clreg - ok
17:31:00.0865 0x1c74  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:31:00.0874 0x1c74  CmBatt - ok
17:31:00.0881 0x1c74  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
17:31:00.0890 0x1c74  cm_km - ok
17:31:00.0902 0x1c74  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:31:00.0921 0x1c74  CNG - ok
17:31:00.0924 0x1c74  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
17:31:00.0933 0x1c74  cnghwassist - ok
17:31:00.0951 0x1c74  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
17:31:00.0960 0x1c74  CompositeBus - ok
17:31:00.0963 0x1c74  COMSysApp - ok
17:31:00.0966 0x1c74  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:31:00.0975 0x1c74  condrv - ok
17:31:00.0989 0x1c74  [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
17:31:01.0011 0x1c74  CoreMessagingRegistrar - ok
17:31:01.0017 0x1c74  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:31:01.0030 0x1c74  CryptSvc - ok
17:31:01.0033 0x1c74  [ 5228B7A738DC90A06AE4F4A7412CB1E9, 7049F3C939EFE76A5556C2A2C04386DB51DAF61D56B679F4868BB0983C996EBB ] CrystalSysInfo  C:\Program Files\MediaCoder\SysInfoX64.sys
17:31:01.0040 0x1c74  CrystalSysInfo - ok
17:31:01.0052 0x1c74  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:31:01.0074 0x1c74  CSC - ok
17:31:01.0088 0x1c74  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:31:01.0114 0x1c74  CscService - ok
17:31:01.0118 0x1c74  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:31:01.0127 0x1c74  dam - ok
17:31:01.0132 0x1c74  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
17:31:01.0141 0x1c74  dbupdate - ok
17:31:01.0145 0x1c74  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
17:31:01.0152 0x1c74  dbupdatem - ok
17:31:01.0155 0x1c74  dbx - ok
17:31:01.0158 0x1c74  [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
17:31:01.0168 0x1c74  DbxSvc - ok
17:31:01.0185 0x1c74  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:31:01.0217 0x1c74  DcomLaunch - ok
17:31:01.0223 0x1c74  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
17:31:01.0240 0x1c74  DcpSvc - ok
17:31:01.0251 0x1c74  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:31:01.0275 0x1c74  defragsvc - ok
17:31:01.0285 0x1c74  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:31:01.0305 0x1c74  DeviceAssociationService - ok
17:31:01.0310 0x1c74  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:31:01.0326 0x1c74  DeviceInstall - ok
17:31:01.0330 0x1c74  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
17:31:01.0340 0x1c74  DevQueryBroker - ok
17:31:01.0346 0x1c74  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:31:01.0359 0x1c74  Dfsc - ok
17:31:01.0363 0x1c74  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:31:01.0372 0x1c74  dg_ssudbus - ok
17:31:01.0380 0x1c74  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:31:01.0399 0x1c74  Dhcp - ok
17:31:01.0405 0x1c74  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
17:31:01.0418 0x1c74  diagnosticshub.standardcollector.service - ok
17:31:01.0451 0x1c74  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:31:01.0508 0x1c74  DiagTrack - ok
17:31:01.0522 0x1c74  [ 5BD0B9453D1A7D7381411BDDF7BBB49F, A74FAE6167A36FC6861F01BFA0AFD5B9E2433B9287BE20C76DE58E0F4130EBEB ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
17:31:01.0533 0x1c74  DigitalWave.Update.Service - ok
17:31:01.0538 0x1c74  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:31:01.0547 0x1c74  disk - ok
17:31:01.0556 0x1c74  [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
17:31:01.0577 0x1c74  DmEnrollmentSvc - ok
17:31:01.0580 0x1c74  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:31:01.0591 0x1c74  dmvsc - ok
17:31:01.0594 0x1c74  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
17:31:01.0609 0x1c74  dmwappushservice - ok
17:31:01.0616 0x1c74  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:31:01.0633 0x1c74  Dnscache - ok
17:31:01.0640 0x1c74  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:31:01.0656 0x1c74  dot3svc - ok
17:31:01.0662 0x1c74  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
17:31:01.0676 0x1c74  DPS - ok
17:31:01.0679 0x1c74  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
17:31:01.0688 0x1c74  drmkaud - ok
17:31:01.0693 0x1c74  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:31:01.0710 0x1c74  DsmSvc - ok
17:31:01.0715 0x1c74  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
17:31:01.0731 0x1c74  DsSvc - ok
17:31:01.0779 0x1c74  [ 125C83C44EEE61E2ED5893F23AEF0FC9, D6599AFFA1A554124AEF6862C69027F9FF9B343362091439866641A1CFB0E76A ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:31:01.0853 0x1c74  DXGKrnl - ok
17:31:01.0864 0x1c74  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:31:01.0893 0x1c74  EapHost - ok
17:31:01.0968 0x1c74  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:31:02.0077 0x1c74  ebdrv - ok
17:31:02.0089 0x1c74  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
17:31:02.0107 0x1c74  EFS - ok
17:31:02.0112 0x1c74  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:31:02.0128 0x1c74  EhStorClass - ok
17:31:02.0134 0x1c74  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:31:02.0151 0x1c74  EhStorTcgDrv - ok
17:31:02.0156 0x1c74  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
17:31:02.0168 0x1c74  ElbyCDFL - ok
17:31:02.0172 0x1c74  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:31:02.0182 0x1c74  ElbyCDIO - ok
17:31:02.0189 0x1c74  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
17:31:02.0214 0x1c74  embeddedmode - ok
17:31:02.0224 0x1c74  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
17:31:02.0258 0x1c74  EntAppSvc - ok
17:31:02.0262 0x1c74  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:31:02.0278 0x1c74  ErrDev - ok
17:31:02.0296 0x1c74  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
17:31:02.0330 0x1c74  EventSystem - ok
17:31:02.0339 0x1c74  [ 3D0F78B4129E670C78AA03E8A1E0EA0B, 6B7D41A0EC9ECE960227C52E19D573AF581CD2EB09D2A400BECD4FCE5C9DB7C0 ] evserial7       C:\WINDOWS\System32\drivers\evserial7.sys
17:31:02.0349 0x1c74  evserial7 - ok
17:31:02.0360 0x1c74  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:31:02.0389 0x1c74  exfat - ok
17:31:02.0401 0x1c74  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:31:02.0425 0x1c74  fastfat - ok
17:31:02.0443 0x1c74  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:31:02.0484 0x1c74  Fax - ok
17:31:02.0493 0x1c74  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:31:02.0510 0x1c74  fdc - ok
17:31:02.0515 0x1c74  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:31:02.0536 0x1c74  fdPHost - ok
17:31:02.0540 0x1c74  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:31:02.0561 0x1c74  FDResPub - ok
17:31:02.0568 0x1c74  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:31:02.0590 0x1c74  fhsvc - ok
17:31:02.0595 0x1c74  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
17:31:02.0614 0x1c74  FileCrypt - ok
17:31:02.0620 0x1c74  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:31:02.0635 0x1c74  FileInfo - ok
17:31:02.0639 0x1c74  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:31:02.0659 0x1c74  Filetrace - ok
17:31:02.0664 0x1c74  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:31:02.0681 0x1c74  flpydisk - ok
17:31:02.0693 0x1c74  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:31:02.0717 0x1c74  FltMgr - ok
17:31:02.0759 0x1c74  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:31:02.0846 0x1c74  FontCache - ok
17:31:02.0856 0x1c74  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:31:02.0869 0x1c74  FontCache3.0.0.0 - ok
17:31:02.0890 0x1c74  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
17:31:02.0941 0x1c74  FrameServer - ok
17:31:02.0950 0x1c74  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:31:02.0966 0x1c74  FsDepends - ok
17:31:02.0970 0x1c74  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:31:02.0984 0x1c74  Fs_Rec - ok
17:31:03.0002 0x1c74  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:31:03.0034 0x1c74  fvevol - ok
17:31:03.0043 0x1c74  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:31:03.0052 0x1c74  GEARAspiWDM - ok
17:31:03.0056 0x1c74  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:31:03.0072 0x1c74  gencounter - ok
17:31:03.0077 0x1c74  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
17:31:03.0093 0x1c74  genericusbfn - ok
17:31:03.0098 0x1c74  [ BDA6549A7E5255396A5CB41CE2905668, 1877F31F184AFACF24A92C4956307E40C745F36ACD8488F2DCBA0FAE2B0484AD ] GoProDeviceDetectionService C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
17:31:03.0109 0x1c74  GoProDeviceDetectionService - ok
17:31:03.0116 0x1c74  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:31:03.0135 0x1c74  GPIOClx0101 - ok
17:31:03.0165 0x1c74  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:31:03.0226 0x1c74  gpsvc - ok
17:31:03.0235 0x1c74  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
17:31:03.0250 0x1c74  GpuEnergyDrv - ok
17:31:03.0376 0x1c74  [ 275DCAD276C622A76842B3E0A2127AC7, 78D533F8629080873A2E6636622FAC2FC4CF639A4A42563479E8D8DC64ACADE0 ] GsServer        C:\Program Files\Siber Systems\GoodSync\gs-server.exe
17:31:03.0499 0x1c74  GsServer - ok
17:31:03.0515 0x1c74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:31:03.0523 0x1c74  gupdate - ok
17:31:03.0527 0x1c74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:31:03.0534 0x1c74  gupdatem - ok
17:31:03.0538 0x1c74  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:31:03.0546 0x1c74  gusvc - ok
17:31:03.0550 0x1c74  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:31:03.0562 0x1c74  HDAudBus - ok
17:31:03.0566 0x1c74  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:31:03.0575 0x1c74  HidBatt - ok
17:31:03.0579 0x1c74  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:31:03.0590 0x1c74  HidBth - ok
17:31:03.0594 0x1c74  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:31:03.0604 0x1c74  hidi2c - ok
17:31:03.0608 0x1c74  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
17:31:03.0617 0x1c74  hidinterrupt - ok
17:31:03.0621 0x1c74  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:31:03.0631 0x1c74  HidIr - ok
17:31:03.0635 0x1c74  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:31:03.0645 0x1c74  hidserv - ok
17:31:03.0649 0x1c74  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:31:03.0659 0x1c74  HidUsb - ok
17:31:03.0666 0x1c74  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:31:03.0683 0x1c74  HomeGroupListener - ok
17:31:03.0693 0x1c74  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:31:03.0714 0x1c74  HomeGroupProvider - ok
17:31:03.0718 0x1c74  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:31:03.0727 0x1c74  HpSAMD - ok
17:31:03.0746 0x1c74  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:31:03.0773 0x1c74  HTTP - ok
17:31:03.0778 0x1c74  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
17:31:03.0790 0x1c74  HvHost - ok
17:31:03.0795 0x1c74  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
17:31:03.0805 0x1c74  hvservice - ok
17:31:03.0808 0x1c74  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:31:03.0816 0x1c74  hwpolicy - ok
17:31:03.0821 0x1c74  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:31:03.0830 0x1c74  hyperkbd - ok
17:31:03.0835 0x1c74  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:31:03.0847 0x1c74  i8042prt - ok
17:31:03.0850 0x1c74  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
17:31:03.0860 0x1c74  iagpio - ok
17:31:03.0864 0x1c74  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
17:31:03.0876 0x1c74  iai2c - ok
17:31:03.0879 0x1c74  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
17:31:03.0891 0x1c74  iaLPSS2i_GPIO2 - ok
17:31:03.0896 0x1c74  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
17:31:03.0907 0x1c74  iaLPSS2i_I2C - ok
17:31:03.0911 0x1c74  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:31:03.0918 0x1c74  iaLPSSi_GPIO - ok
17:31:03.0923 0x1c74  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:31:03.0935 0x1c74  iaLPSSi_I2C - ok
17:31:03.0947 0x1c74  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:31:03.0964 0x1c74  iaStorA - ok
17:31:03.0977 0x1c74  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:31:03.0998 0x1c74  iaStorAV - ok
17:31:04.0002 0x1c74  [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:31:04.0008 0x1c74  IAStorDataMgrSvc - ok
17:31:04.0017 0x1c74  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:31:04.0032 0x1c74  iaStorV - ok
17:31:04.0044 0x1c74  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
17:31:04.0062 0x1c74  ibbus - ok
17:31:04.0068 0x1c74  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
17:31:04.0083 0x1c74  icssvc - ok
17:31:04.0101 0x1c74  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:31:04.0134 0x1c74  IKEEXT - ok
17:31:04.0143 0x1c74  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
17:31:04.0153 0x1c74  IndirectKmd - ok
17:31:04.0211 0x1c74  [ 46C58BFDE42460C5FD7222CD3BE11402, 40D74C81DDA5A18894A8D487C716D41849B22E390012184DFB5F2231A3687256 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:31:04.0288 0x1c74  IntcAzAudAddService - ok
17:31:04.0316 0x1c74  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:31:04.0350 0x1c74  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
17:31:04.0603 0x1c74  Detect skipped due to KSN trusted
17:31:04.0604 0x1c74  Intel(R) Capability Licensing Service Interface - ok
17:31:04.0627 0x1c74  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:31:04.0656 0x1c74  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:31:04.0662 0x1c74  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:31:04.0676 0x1c74  intelide - ok
17:31:04.0681 0x1c74  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:31:04.0697 0x1c74  intelpep - ok
17:31:04.0703 0x1c74  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:31:04.0722 0x1c74  intelppm - ok
17:31:04.0727 0x1c74  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
17:31:04.0742 0x1c74  iorate - ok
17:31:04.0749 0x1c74  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:31:04.0767 0x1c74  IpFilterDriver - ok
17:31:04.0791 0x1c74  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:31:04.0845 0x1c74  iphlpsvc - ok
17:31:04.0855 0x1c74  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:31:04.0872 0x1c74  IPMIDRV - ok
17:31:04.0880 0x1c74  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:31:04.0904 0x1c74  IPNAT - ok
17:31:04.0921 0x1c74  [ F4B68F7C1666A2A6CD1D37A08F1D6DF1, 63A3D85B07D10E6B3F4E84FDD6EA6C00F2756E1C9B3E57C11A2FFCD815E99946 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:31:04.0946 0x1c74  iPod Service - ok
17:31:04.0956 0x1c74  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
17:31:04.0977 0x1c74  irda - ok
17:31:04.0981 0x1c74  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:31:04.0999 0x1c74  IRENUM - ok
17:31:05.0003 0x1c74  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
17:31:05.0021 0x1c74  irmon - ok
17:31:05.0026 0x1c74  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:31:05.0040 0x1c74  isapnp - ok
17:31:05.0050 0x1c74  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:31:05.0072 0x1c74  iScsiPrt - ok
17:31:05.0079 0x1c74  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:31:05.0093 0x1c74  jhi_service - ok
17:31:05.0098 0x1c74  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:31:05.0114 0x1c74  kbdclass - ok
17:31:05.0118 0x1c74  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:31:05.0135 0x1c74  kbdhid - ok
17:31:05.0139 0x1c74  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
17:31:05.0157 0x1c74  kdnic - ok
17:31:05.0165 0x1c74  [ 8388468214713C94154C547DDB4F96CC, 661365BAB7F20E1EF1B7B97146C3F49744EF7AAC342E0FB64481CF116135C7C1 ] Ke2200          C:\WINDOWS\System32\drivers\e22w7x64.sys
17:31:05.0179 0x1c74  Ke2200 - ok
17:31:05.0184 0x1c74  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:31:05.0201 0x1c74  KeyIso - ok
17:31:05.0216 0x1c74  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
17:31:05.0240 0x1c74  kl1 - ok
17:31:05.0246 0x1c74  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
17:31:05.0258 0x1c74  klbackupdisk - ok
17:31:05.0264 0x1c74  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
17:31:05.0277 0x1c74  klbackupflt - ok
17:31:05.0282 0x1c74  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
17:31:05.0295 0x1c74  kldisk - ok
17:31:05.0299 0x1c74  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
17:31:05.0316 0x1c74  klelam - ok
17:31:05.0324 0x1c74  [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
17:31:05.0338 0x1c74  klflt - ok
17:31:05.0351 0x1c74  [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
17:31:05.0372 0x1c74  klhk - ok
17:31:05.0383 0x1c74  [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids           C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
17:31:05.0400 0x1c74  klids - ok
17:31:05.0426 0x1c74  [ 2CE22F21119A089277B067A1B1BDC592, 7CDE229899B6344967098FB03C7C1C360CC3DC2DCC096F8AAC6CC96536FF1AE9 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
17:31:05.0461 0x1c74  KLIF - ok
17:31:05.0470 0x1c74  [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
17:31:05.0482 0x1c74  KLIM6 - ok
17:31:05.0488 0x1c74  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
17:31:05.0498 0x1c74  klkbdflt - ok
17:31:05.0503 0x1c74  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
17:31:05.0514 0x1c74  klmouflt - ok
17:31:05.0520 0x1c74  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
17:31:05.0531 0x1c74  klpd - ok
17:31:05.0536 0x1c74  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\WINDOWS\System32\drivers\kltap.sys
17:31:05.0546 0x1c74  kltap - ok
17:31:05.0555 0x1c74  [ 66516A704F1D378E58B85D79633C103D, 54E3EB342D2FD17CF742A8ACADCA81A553216AA289955DD176A54D6414727DA5 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
17:31:05.0569 0x1c74  klupd_klif_arkmon - ok
17:31:05.0578 0x1c74  [ 2E4BA532C84671D6085E62F37FDB73D8, 3F02D533A9DE0B4A887A2F0809A28679F40BA45079517C805D66EF1F1F4B14A9 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
17:31:05.0594 0x1c74  klupd_klif_klark - ok
17:31:05.0602 0x1c74  [ ED7EE25160FB863263174A30AF7F4CD5, DAF5DDFBBE39E8F87F721757F59777131724C56890A840092128975E90296251 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
17:31:05.0613 0x1c74  klupd_klif_klbg - ok
17:31:05.0620 0x1c74  [ 7F66F0B1B483264063948EA9B782A5CA, F7AC4D3F7A5ADDDCA36EAC311ACE0F2FCDCB44DE5282F7A3B34DB3DCFE12B11B ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
17:31:05.0634 0x1c74  klupd_klif_mark - ok
17:31:05.0641 0x1c74  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
17:31:05.0652 0x1c74  klwfp - ok
17:31:05.0658 0x1c74  [ EF1AFCADCA485B3846D7A8B71F87509B, C27B579742389ACD8804EC372CBA3C4FDFFB1A8AA6280AE1353BC089E8E34C76 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
17:31:05.0671 0x1c74  Klwtp - ok
17:31:05.0679 0x1c74  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
17:31:05.0694 0x1c74  kneps - ok
17:31:05.0703 0x1c74  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
17:31:05.0718 0x1c74  KSDE1.0.0 - ok
17:31:05.0725 0x1c74  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:31:05.0741 0x1c74  KSecDD - ok
17:31:05.0748 0x1c74  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:31:05.0764 0x1c74  KSecPkg - ok
17:31:05.0768 0x1c74  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:31:05.0789 0x1c74  ksthunk - ok
17:31:05.0798 0x1c74  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:31:05.0817 0x1c74  KtmRm - ok
17:31:05.0824 0x1c74  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:31:05.0842 0x1c74  LanmanServer - ok
17:31:05.0849 0x1c74  [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:31:05.0866 0x1c74  LanmanWorkstation - ok
17:31:05.0875 0x1c74  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:31:05.0885 0x1c74  LBTServ - ok
17:31:05.0890 0x1c74  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
17:31:05.0896 0x1c74  LEqdUsb - ok
17:31:05.0899 0x1c74  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
17:31:05.0911 0x1c74  lfsvc - ok
17:31:05.0915 0x1c74  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
17:31:05.0920 0x1c74  LHidEqd - ok
17:31:05.0924 0x1c74  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:31:05.0929 0x1c74  LHidFilt - ok
17:31:05.0933 0x1c74  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
17:31:05.0944 0x1c74  LicenseManager - ok
17:31:05.0948 0x1c74  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
17:31:05.0959 0x1c74  lltdio - ok
17:31:05.0965 0x1c74  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:31:05.0982 0x1c74  lltdsvc - ok
17:31:05.0985 0x1c74  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:31:05.0996 0x1c74  lmhosts - ok
17:31:06.0000 0x1c74  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:31:06.0005 0x1c74  LMouFilt - ok
17:31:06.0013 0x1c74  [ 7D9E57CCA9829230A8D8C37012D9B260, 6646DC52B3CFC71E2F31BF3B196AF49E354D38C9E89928959EE4E9F7E4AA3E27 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:31:06.0025 0x1c74  LMS - ok
17:31:06.0031 0x1c74  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:31:06.0041 0x1c74  LSI_SAS - ok
17:31:06.0046 0x1c74  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
17:31:06.0056 0x1c74  LSI_SAS2i - ok
17:31:06.0060 0x1c74  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
17:31:06.0070 0x1c74  LSI_SAS3i - ok
17:31:06.0074 0x1c74  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:31:06.0083 0x1c74  LSI_SSS - ok
17:31:06.0096 0x1c74  [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM             C:\WINDOWS\System32\lsm.dll
17:31:06.0123 0x1c74  LSM - ok
17:31:06.0128 0x1c74  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:31:06.0142 0x1c74  luafv - ok
17:31:06.0146 0x1c74  [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker      C:\WINDOWS\System32\moshost.dll
17:31:06.0158 0x1c74  MapsBroker - ok
17:31:06.0161 0x1c74  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
17:31:06.0167 0x1c74  MBfilt - ok
17:31:06.0170 0x1c74  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:31:06.0180 0x1c74  megasas - ok
17:31:06.0183 0x1c74  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
17:31:06.0193 0x1c74  megasas2i - ok
17:31:06.0204 0x1c74  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:31:06.0223 0x1c74  megasr - ok
17:31:06.0227 0x1c74  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:31:06.0234 0x1c74  MEIx64 - ok
17:31:06.0238 0x1c74  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
17:31:06.0250 0x1c74  MessagingService - ok
17:31:06.0266 0x1c74  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
17:31:06.0289 0x1c74  mlx4_bus - ok
17:31:06.0294 0x1c74  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
17:31:06.0305 0x1c74  MMCSS - ok
17:31:06.0309 0x1c74  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:31:06.0320 0x1c74  Modem - ok
17:31:06.0323 0x1c74  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:31:06.0333 0x1c74  monitor - ok
17:31:06.0337 0x1c74  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:31:06.0346 0x1c74  mouclass - ok
17:31:06.0349 0x1c74  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:31:06.0359 0x1c74  mouhid - ok
17:31:06.0363 0x1c74  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:31:06.0372 0x1c74  mountmgr - ok
17:31:06.0377 0x1c74  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:06.0386 0x1c74  MozillaMaintenance - ok
17:31:06.0390 0x1c74  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:31:06.0401 0x1c74  mpsdrv - ok
17:31:06.0417 0x1c74  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:31:06.0448 0x1c74  MpsSvc - ok
17:31:06.0454 0x1c74  [ 4FC62380457DE25B69011D3542E954AC, D212DDD2446618A6215CF9FC370FA2634F027BC92D1D4999E019BEF8A86AA6EB ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
17:31:06.0468 0x1c74  MQAC - ok
17:31:06.0473 0x1c74  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:31:06.0486 0x1c74  MRxDAV - ok
17:31:06.0496 0x1c74  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:31:06.0512 0x1c74  mrxsmb - ok
17:31:06.0519 0x1c74  [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:31:06.0534 0x1c74  mrxsmb10 - ok
17:31:06.0541 0x1c74  [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:31:06.0552 0x1c74  mrxsmb20 - ok
17:31:06.0557 0x1c74  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
17:31:06.0569 0x1c74  MsBridge - ok
17:31:06.0575 0x1c74  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:31:06.0588 0x1c74  MSDTC - ok
17:31:06.0594 0x1c74  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:31:06.0604 0x1c74  Msfs - ok
17:31:06.0608 0x1c74  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:31:06.0617 0x1c74  msgpiowin32 - ok
17:31:06.0620 0x1c74  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:31:06.0629 0x1c74  mshidkmdf - ok
17:31:06.0632 0x1c74  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:31:06.0642 0x1c74  mshidumdf - ok
17:31:06.0645 0x1c74  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:31:06.0653 0x1c74  msisadrv - ok
17:31:06.0658 0x1c74  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:31:06.0672 0x1c74  MSiSCSI - ok
17:31:06.0675 0x1c74  msiserver - ok
17:31:06.0678 0x1c74  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
17:31:06.0692 0x1c74  MSKSSRV - ok
17:31:06.0695 0x1c74  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
17:31:06.0707 0x1c74  MsLldp - ok
17:31:06.0711 0x1c74  [ F3EF38D07A4ADCDF922EEEAF0FED7D4D, B9D436BFA29AA0A7B00889D96C4F8BC33C1809E19B7A71A69AB2E534E9794BF0 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
17:31:06.0722 0x1c74  MSMQ - ok
17:31:06.0725 0x1c74  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
17:31:06.0738 0x1c74  MSPCLOCK - ok
17:31:06.0741 0x1c74  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
17:31:06.0755 0x1c74  MSPQM - ok
17:31:06.0765 0x1c74  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:31:06.0781 0x1c74  MsRPC - ok
17:31:06.0789 0x1c74  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
17:31:06.0806 0x1c74  MsSecFlt - ok
17:31:06.0811 0x1c74  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:31:06.0824 0x1c74  mssmbios - ok
17:31:06.0828 0x1c74  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
17:31:06.0851 0x1c74  MSTEE - ok
17:31:06.0856 0x1c74  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:31:06.0872 0x1c74  MTConfig - ok
17:31:06.0878 0x1c74  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:31:06.0894 0x1c74  Mup - ok
17:31:06.0899 0x1c74  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:31:06.0915 0x1c74  mvumis - ok
17:31:06.0932 0x1c74  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:31:06.0969 0x1c74  NativeWifiP - ok
17:31:06.0980 0x1c74  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:31:07.0004 0x1c74  NcaSvc - ok
17:31:07.0014 0x1c74  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:31:07.0044 0x1c74  NcbService - ok
17:31:07.0050 0x1c74  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:31:07.0078 0x1c74  NcdAutoSetup - ok
17:31:07.0084 0x1c74  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
17:31:07.0101 0x1c74  ndfltr - ok
17:31:07.0129 0x1c74  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:31:07.0176 0x1c74  NDIS - ok
17:31:07.0185 0x1c74  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
17:31:07.0203 0x1c74  NdisCap - ok
17:31:07.0209 0x1c74  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
17:31:07.0235 0x1c74  NdisImPlatform - ok
17:31:07.0239 0x1c74  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:31:07.0263 0x1c74  NdisTapi - ok
17:31:07.0268 0x1c74  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
17:31:07.0286 0x1c74  Ndisuio - ok
17:31:07.0290 0x1c74  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:31:07.0307 0x1c74  NdisVirtualBus - ok
17:31:07.0316 0x1c74  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
17:31:07.0345 0x1c74  NdisWan - ok
17:31:07.0353 0x1c74  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:31:07.0382 0x1c74  ndiswanlegacy - ok
17:31:07.0387 0x1c74  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
17:31:07.0412 0x1c74  ndproxy - ok
17:31:07.0418 0x1c74  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:31:07.0444 0x1c74  Ndu - ok
17:31:07.0450 0x1c74  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
17:31:07.0469 0x1c74  NetAdapterCx - ok
17:31:07.0474 0x1c74  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
17:31:07.0488 0x1c74  NetBIOS - ok
17:31:07.0500 0x1c74  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:31:07.0526 0x1c74  NetBT - ok
17:31:07.0531 0x1c74  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:31:07.0547 0x1c74  Netlogon - ok
17:31:07.0556 0x1c74  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
17:31:07.0584 0x1c74  Netman - ok
17:31:07.0594 0x1c74  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:07.0610 0x1c74  NetMsmqActivator - ok
17:31:07.0616 0x1c74  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:07.0631 0x1c74  NetPipeActivator - ok
17:31:07.0646 0x1c74  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:31:07.0682 0x1c74  netprofm - ok
17:31:07.0695 0x1c74  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
17:31:07.0722 0x1c74  NetSetupSvc - ok
17:31:07.0728 0x1c74  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:07.0743 0x1c74  NetTcpActivator - ok
17:31:07.0748 0x1c74  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:07.0763 0x1c74  NetTcpPortSharing - ok
17:31:07.0776 0x1c74  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
17:31:07.0806 0x1c74  NgcCtnrSvc - ok
17:31:07.0830 0x1c74  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
17:31:07.0887 0x1c74  NgcSvc - ok
17:31:07.0903 0x1c74  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:31:07.0933 0x1c74  NlaSvc - ok
17:31:07.0939 0x1c74  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:31:07.0956 0x1c74  Npfs - ok
17:31:07.0961 0x1c74  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:31:07.0977 0x1c74  npsvctrig - ok
17:31:07.0981 0x1c74  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:31:08.0000 0x1c74  nsi - ok
17:31:08.0007 0x1c74  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:31:08.0023 0x1c74  nsiproxy - ok
17:31:08.0077 0x1c74  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
17:31:08.0157 0x1c74  NTFS - ok
17:31:08.0168 0x1c74  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:31:08.0184 0x1c74  Null - ok
17:31:08.0194 0x1c74  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
17:31:08.0208 0x1c74  NVHDA - ok
17:31:08.0443 0x1c74  [ 76ECA562B95DB26C64BEC14BB188A3F6, B4DB40D391B227393EEC13659C64B03499632FD11A75E5183BE8A0C8F3C9688B ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys
17:31:08.0662 0x1c74  nvlddmkm - ok
17:31:08.0710 0x1c74  [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:31:08.0745 0x1c74  NvNetworkService - ok
17:31:08.0755 0x1c74  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:31:08.0766 0x1c74  nvraid - ok
17:31:08.0776 0x1c74  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:31:08.0787 0x1c74  nvstor - ok
17:31:08.0791 0x1c74  [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:31:08.0797 0x1c74  NvStreamKms - ok
17:31:08.0854 0x1c74  [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
17:31:08.0916 0x1c74  NvStreamNetworkSvc - ok
17:31:08.0963 0x1c74  [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:31:09.0008 0x1c74  NvStreamSvc - ok
17:31:09.0022 0x1c74  [ C7C75E4D199802EFCE0BEC2F6F823E31, 97084D9D0711242DBBC06E96B52A926159DCA2EBB9199C542FB8013E31F989BE ] NvStUSB         C:\WINDOWS\system32\drivers\nvstusb.sys
17:31:09.0036 0x1c74  NvStUSB - ok
17:31:09.0040 0x1c74  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:31:09.0046 0x1c74  nvvad_WaveExtensible - ok
17:31:09.0054 0x1c74  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
17:31:09.0072 0x1c74  OneSyncSvc - ok
17:31:09.0080 0x1c74  [ 90488CE0BF08D3FCCF090E9A3CD16945, 7ACEACCEDAD2D25CB79689E4F6A2840AACA743ADA078371D7C9225A1C4C12DE3 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:09.0091 0x1c74  ose - ok
17:31:09.0099 0x1c74  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:31:09.0117 0x1c74  p2pimsvc - ok
17:31:09.0126 0x1c74  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:31:09.0152 0x1c74  p2psvc - ok
17:31:09.0156 0x1c74  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:31:09.0168 0x1c74  Parport - ok
17:31:09.0173 0x1c74  [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:31:09.0183 0x1c74  partmgr - ok
17:31:09.0193 0x1c74  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:31:09.0211 0x1c74  PcaSvc - ok
17:31:09.0220 0x1c74  [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:31:09.0234 0x1c74  pci - ok
17:31:09.0237 0x1c74  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:31:09.0246 0x1c74  pciide - ok
17:31:09.0250 0x1c74  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:31:09.0260 0x1c74  pcmcia - ok
17:31:09.0264 0x1c74  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:31:09.0273 0x1c74  pcw - ok
17:31:09.0279 0x1c74  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:31:09.0294 0x1c74  pdc - ok
17:31:09.0312 0x1c74  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:31:09.0358 0x1c74  PEAUTH - ok
17:31:09.0405 0x1c74  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:31:09.0495 0x1c74  PeerDistSvc - ok
17:31:09.0506 0x1c74  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
17:31:09.0522 0x1c74  percsas2i - ok
17:31:09.0527 0x1c74  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
17:31:09.0542 0x1c74  percsas3i - ok
17:31:09.0565 0x1c74  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:31:09.0582 0x1c74  PerfHost - ok
17:31:09.0608 0x1c74  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
17:31:09.0654 0x1c74  PhoneSvc - ok
17:31:09.0666 0x1c74  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
17:31:09.0692 0x1c74  PimIndexMaintenanceSvc - ok
17:31:09.0732 0x1c74  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
17:31:09.0804 0x1c74  pla - ok
17:31:09.0812 0x1c74  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:31:09.0839 0x1c74  PlugPlay - ok
17:31:09.0842 0x1c74  PnkBstrA - ok
17:31:09.0847 0x1c74  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:31:09.0864 0x1c74  PNRPAutoReg - ok
17:31:09.0875 0x1c74  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:31:09.0905 0x1c74  PNRPsvc - ok
17:31:09.0917 0x1c74  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:31:09.0949 0x1c74  PolicyAgent - ok
17:31:09.0960 0x1c74  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
17:31:09.0984 0x1c74  Power - ok
17:31:09.0990 0x1c74  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
17:31:10.0016 0x1c74  PptpMiniport - ok
17:31:10.0091 0x1c74  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:31:10.0232 0x1c74  PrintNotify - ok
17:31:10.0246 0x1c74  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:31:10.0265 0x1c74  Processor - ok
17:31:10.0293 0x1c74  [ BA2DA685FB152180908C7D778B2BBD61, 335C81941855D3DE90443E47E42D44645BE2AB736334DB96C0890D82EEF03475 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
17:31:10.0330 0x1c74  ProductAgentService - ok
17:31:10.0346 0x1c74  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:31:10.0378 0x1c74  ProfSvc - ok
17:31:10.0385 0x1c74  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
17:31:10.0403 0x1c74  Psched - ok
17:31:10.0413 0x1c74  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:31:10.0441 0x1c74  QWAVE - ok
17:31:10.0446 0x1c74  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:31:10.0463 0x1c74  QWAVEdrv - ok
17:31:10.0467 0x1c74  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:31:10.0483 0x1c74  RasAcd - ok
17:31:10.0489 0x1c74  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
17:31:10.0509 0x1c74  RasAgileVpn - ok
17:31:10.0515 0x1c74  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:31:10.0535 0x1c74  RasAuto - ok
17:31:10.0541 0x1c74  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
17:31:10.0566 0x1c74  Rasl2tp - ok
17:31:10.0584 0x1c74  [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:31:10.0625 0x1c74  RasMan - ok
17:31:10.0631 0x1c74  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:31:10.0651 0x1c74  RasPppoe - ok
17:31:10.0656 0x1c74  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
17:31:10.0681 0x1c74  RasSstp - ok
17:31:10.0694 0x1c74  [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:31:10.0719 0x1c74  rdbss - ok
17:31:10.0725 0x1c74  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:31:10.0740 0x1c74  rdpbus - ok
17:31:10.0747 0x1c74  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:31:10.0768 0x1c74  RDPDR - ok
17:31:10.0775 0x1c74  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:31:10.0788 0x1c74  RdpVideoMiniport - ok
17:31:10.0797 0x1c74  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:31:10.0809 0x1c74  rdyboost - ok
17:31:10.0825 0x1c74  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
17:31:10.0850 0x1c74  ReFSv1 - ok
17:31:10.0862 0x1c74  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:31:10.0886 0x1c74  RemoteAccess - ok
17:31:10.0891 0x1c74  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:31:10.0908 0x1c74  RemoteRegistry - ok
17:31:10.0920 0x1c74  [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
17:31:10.0946 0x1c74  RetailDemo - ok
17:31:10.0952 0x1c74  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
17:31:10.0966 0x1c74  RmSvc - ok
17:31:10.0969 0x1c74  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:31:10.0982 0x1c74  RpcEptMapper - ok
17:31:10.0985 0x1c74  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:31:10.0995 0x1c74  RpcLocator - ok
17:31:11.0011 0x1c74  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:31:11.0042 0x1c74  RpcSs - ok
17:31:11.0048 0x1c74  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
17:31:11.0059 0x1c74  rspndr - ok
17:31:11.0062 0x1c74  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:31:11.0072 0x1c74  s3cap - ok
17:31:11.0076 0x1c74  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:31:11.0087 0x1c74  SamSs - ok
17:31:11.0092 0x1c74  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:31:11.0103 0x1c74  sbp2port - ok
17:31:11.0111 0x1c74  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:31:11.0129 0x1c74  SCardSvr - ok
17:31:11.0134 0x1c74  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:31:11.0150 0x1c74  ScDeviceEnum - ok
17:31:11.0154 0x1c74  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:31:11.0166 0x1c74  scfilter - ok
17:31:11.0184 0x1c74  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:31:11.0220 0x1c74  Schedule - ok
17:31:11.0225 0x1c74  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
17:31:11.0234 0x1c74  scmbus - ok
17:31:11.0239 0x1c74  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
17:31:11.0251 0x1c74  scmdisk0101 - ok
17:31:11.0257 0x1c74  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:31:11.0272 0x1c74  SCPolicySvc - ok
17:31:11.0279 0x1c74  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:31:11.0292 0x1c74  sdbus - ok
17:31:11.0297 0x1c74  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
17:31:11.0311 0x1c74  SDRSVC - ok
17:31:11.0316 0x1c74  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:31:11.0326 0x1c74  sdstor - ok
17:31:11.0329 0x1c74  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:31:11.0340 0x1c74  seclogon - ok
17:31:11.0344 0x1c74  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
17:31:11.0356 0x1c74  SENS - ok
17:31:11.0360 0x1c74  Sense - ok
17:31:11.0382 0x1c74  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
17:31:11.0422 0x1c74  SensorDataService - ok
17:31:11.0436 0x1c74  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
17:31:11.0456 0x1c74  SensorService - ok
17:31:11.0462 0x1c74  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:31:11.0477 0x1c74  SensrSvc - ok
17:31:11.0483 0x1c74  [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64      C:\WINDOWS\System32\Drivers\Sentinel64.sys
17:31:11.0490 0x1c74  Sentinel64 - ok
17:31:11.0494 0x1c74  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:31:11.0503 0x1c74  SerCx - ok
17:31:11.0509 0x1c74  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:31:11.0519 0x1c74  SerCx2 - ok
17:31:11.0522 0x1c74  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:31:11.0532 0x1c74  Serenum - ok
17:31:11.0536 0x1c74  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:31:11.0547 0x1c74  Serial - ok
17:31:11.0550 0x1c74  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:31:11.0560 0x1c74  sermouse - ok
17:31:11.0572 0x1c74  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:31:11.0592 0x1c74  SessionEnv - ok
17:31:11.0598 0x1c74  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:31:11.0608 0x1c74  sfloppy - ok
17:31:11.0619 0x1c74  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:31:11.0641 0x1c74  SharedAccess - ok
17:31:11.0654 0x1c74  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:31:11.0683 0x1c74  ShellHWDetection - ok
17:31:11.0688 0x1c74  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
17:31:11.0703 0x1c74  shpamsvc - ok
17:31:11.0708 0x1c74  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:31:11.0717 0x1c74  SiSRaid2 - ok
17:31:11.0721 0x1c74  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:31:11.0731 0x1c74  SiSRaid4 - ok
17:31:11.0736 0x1c74  [ D4BDC7EF97E33C79F6EB5DCCBA2BBBDA, 0FFAAE3FC4C269EBEB75BFCEB23803CFBD91F4C08AFE83C3EBCB9DC7AC62C201 ] SIVDriver       C:\Windows\system32\Drivers\SIVX64.sys
17:31:11.0744 0x1c74  SIVDriver - ok
17:31:11.0747 0x1c74  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
17:31:11.0759 0x1c74  smphost - ok
17:31:11.0772 0x1c74  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
17:31:11.0811 0x1c74  SmsRouter - ok
17:31:11.0821 0x1c74  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:31:11.0838 0x1c74  SNMPTRAP - ok
17:31:11.0854 0x1c74  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:31:11.0884 0x1c74  spaceport - ok
17:31:11.0890 0x1c74  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:31:11.0906 0x1c74  SpbCx - ok
17:31:11.0927 0x1c74  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:31:11.0975 0x1c74  Spooler - ok
17:31:12.0099 0x1c74  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:31:12.0271 0x1c74  sppsvc - ok
17:31:12.0293 0x1c74  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:31:12.0324 0x1c74  srv - ok
17:31:12.0347 0x1c74  [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:31:12.0389 0x1c74  srv2 - ok
17:31:12.0402 0x1c74  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:31:12.0428 0x1c74  srvnet - ok
17:31:12.0437 0x1c74  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:31:12.0464 0x1c74  SSDPSRV - ok
17:31:12.0472 0x1c74  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:31:12.0499 0x1c74  SstpSvc - ok
17:31:12.0506 0x1c74  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:31:12.0520 0x1c74  ssudmdm - ok
17:31:12.0613 0x1c74  [ FD881B87C853EB2F0B8B7B5CC71D6FE3, 780038C203C9277C366794302D90BC0AE75568863F1FB7044197BA20D798E4BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
17:31:12.0786 0x1c74  StateRepository - ok
17:31:12.0831 0x1c74  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:31:12.0874 0x1c74  Steam Client Service - ok
17:31:12.0881 0x1c74  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:31:12.0896 0x1c74  stexstor - ok
17:31:12.0900 0x1c74  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
17:31:12.0916 0x1c74  StillCam - ok
17:31:12.0934 0x1c74  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:31:12.0977 0x1c74  stisvc - ok
17:31:12.0988 0x1c74  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:31:13.0006 0x1c74  storahci - ok
17:31:13.0013 0x1c74  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:31:13.0029 0x1c74  storflt - ok
17:31:13.0034 0x1c74  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:31:13.0050 0x1c74  stornvme - ok
17:31:13.0056 0x1c74  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
17:31:13.0074 0x1c74  storqosflt - ok
17:31:13.0086 0x1c74  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:31:13.0118 0x1c74  StorSvc - ok
17:31:13.0123 0x1c74  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
17:31:13.0138 0x1c74  storufs - ok
17:31:13.0143 0x1c74  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:31:13.0157 0x1c74  storvsc - ok
17:31:13.0162 0x1c74  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll

erebor · 10.12.2016, 17:34

Teil 2:

Code:

ATTFilter

17:31:13.0183 0x1c74  svsvc - ok
17:31:13.0187 0x1c74  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:31:13.0201 0x1c74  swenum - ok
17:31:13.0214 0x1c74  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
17:31:13.0250 0x1c74  swprv - ok
17:31:13.0259 0x1c74  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
17:31:13.0275 0x1c74  Synth3dVsc - ok
17:31:13.0299 0x1c74  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:31:13.0336 0x1c74  SysMain - ok
17:31:13.0349 0x1c74  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:31:13.0368 0x1c74  SystemEventsBroker - ok
17:31:13.0373 0x1c74  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:31:13.0388 0x1c74  TabletInputService - ok
17:31:13.0395 0x1c74  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:31:13.0413 0x1c74  TapiSrv - ok
17:31:13.0454 0x1c74  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:31:13.0506 0x1c74  Tcpip - ok
17:31:13.0551 0x1c74  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
17:31:13.0604 0x1c74  Tcpip6 - ok
17:31:13.0614 0x1c74  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:31:13.0624 0x1c74  tcpipreg - ok
17:31:13.0630 0x1c74  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:31:13.0640 0x1c74  tdx - ok
17:31:13.0756 0x1c74  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:31:13.0875 0x1c74  TeamViewer - ok
17:31:13.0888 0x1c74  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:31:13.0897 0x1c74  terminpt - ok
17:31:13.0915 0x1c74  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
17:31:13.0949 0x1c74  TermService - ok
17:31:13.0955 0x1c74  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:31:13.0971 0x1c74  Themes - ok
17:31:13.0978 0x1c74  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
17:31:13.0996 0x1c74  TieringEngineService - ok
17:31:14.0008 0x1c74  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
17:31:14.0032 0x1c74  tiledatamodelsvc - ok
17:31:14.0038 0x1c74  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
17:31:14.0053 0x1c74  TimeBrokerSvc - ok
17:31:14.0058 0x1c74  [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
17:31:14.0071 0x1c74  TPM - ok
17:31:14.0075 0x1c74  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:31:14.0089 0x1c74  TrkWks - ok
17:31:14.0095 0x1c74  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\WINDOWS\system32\drivers\truecrypt.sys
17:31:14.0105 0x1c74  truecrypt - ok
17:31:14.0110 0x1c74  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:31:14.0122 0x1c74  TrustedInstaller - ok
17:31:14.0127 0x1c74  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
17:31:14.0138 0x1c74  tsusbflt - ok
17:31:14.0141 0x1c74  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:31:14.0151 0x1c74  TsUsbGD - ok
17:31:14.0156 0x1c74  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
17:31:14.0168 0x1c74  tsusbhub - ok
17:31:14.0173 0x1c74  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
17:31:14.0186 0x1c74  tunnel - ok
17:31:14.0189 0x1c74  TwonkyProxy - ok
17:31:14.0191 0x1c74  TwonkyServer - ok
17:31:14.0196 0x1c74  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
17:31:14.0210 0x1c74  tzautoupdate - ok
17:31:14.0213 0x1c74  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:31:14.0223 0x1c74  UASPStor - ok
17:31:14.0228 0x1c74  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
17:31:14.0240 0x1c74  UcmCx0101 - ok
17:31:14.0245 0x1c74  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
17:31:14.0256 0x1c74  UcmTcpciCx0101 - ok
17:31:14.0261 0x1c74  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
17:31:14.0273 0x1c74  UcmUcsi - ok
17:31:14.0281 0x1c74  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
17:31:14.0298 0x1c74  Ucx01000 - ok
17:31:14.0303 0x1c74  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
17:31:14.0318 0x1c74  UdeCx - ok
17:31:14.0330 0x1c74  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:31:14.0363 0x1c74  udfs - ok
17:31:14.0371 0x1c74  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:31:14.0386 0x1c74  UEFI - ok
17:31:14.0390 0x1c74  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
17:31:14.0406 0x1c74  UevAgentDriver - ok
17:31:14.0436 0x1c74  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
17:31:14.0498 0x1c74  UevAgentService - ok
17:31:14.0512 0x1c74  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
17:31:14.0534 0x1c74  Ufx01000 - ok
17:31:14.0540 0x1c74  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
17:31:14.0557 0x1c74  UfxChipidea - ok
17:31:14.0564 0x1c74  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
17:31:14.0582 0x1c74  ufxsynopsys - ok
17:31:14.0590 0x1c74  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:31:14.0610 0x1c74  UI0Detect - ok
17:31:14.0616 0x1c74  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:31:14.0632 0x1c74  umbus - ok
17:31:14.0637 0x1c74  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:31:14.0652 0x1c74  UmPass - ok
17:31:14.0662 0x1c74  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:31:14.0689 0x1c74  UmRdpService - ok
17:31:14.0719 0x1c74  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
17:31:14.0782 0x1c74  UnistoreSvc - ok
17:31:14.0802 0x1c74  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:31:14.0843 0x1c74  upnphost - ok
17:31:14.0848 0x1c74  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
17:31:14.0862 0x1c74  UrsChipidea - ok
17:31:14.0867 0x1c74  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
17:31:14.0882 0x1c74  UrsCx01000 - ok
17:31:14.0887 0x1c74  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
17:31:14.0901 0x1c74  UrsSynopsys - ok
17:31:14.0908 0x1c74  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:31:14.0925 0x1c74  usbccgp - ok
17:31:14.0932 0x1c74  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:31:14.0951 0x1c74  usbcir - ok
17:31:14.0957 0x1c74  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:31:14.0973 0x1c74  usbehci - ok
17:31:14.0988 0x1c74  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:31:15.0015 0x1c74  usbhub - ok
17:31:15.0031 0x1c74  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:31:15.0060 0x1c74  USBHUB3 - ok
17:31:15.0065 0x1c74  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:31:15.0081 0x1c74  usbohci - ok
17:31:15.0085 0x1c74  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:31:15.0102 0x1c74  usbprint - ok
17:31:15.0107 0x1c74  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
17:31:15.0125 0x1c74  usbser - ok
17:31:15.0132 0x1c74  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:31:15.0150 0x1c74  USBSTOR - ok
17:31:15.0155 0x1c74  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:31:15.0171 0x1c74  usbuhci - ok
17:31:15.0183 0x1c74  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:31:15.0207 0x1c74  USBXHCI - ok
17:31:15.0243 0x1c74  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
17:31:15.0316 0x1c74  UserDataSvc - ok
17:31:15.0349 0x1c74  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
17:31:15.0407 0x1c74  UserManager - ok
17:31:15.0427 0x1c74  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
17:31:15.0466 0x1c74  UsoSvc - ok
17:31:15.0476 0x1c74  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:31:15.0492 0x1c74  VaultSvc - ok
17:31:15.0515 0x1c74  [ CE945C0BA2F2AAB911FC4E400C342B4D, 65EEE0A1CA87574B4FE40925100CFF6AD426BEA5778DC64E7D8C5376325384D2 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
17:31:15.0547 0x1c74  VBoxDrv - ok
17:31:15.0558 0x1c74  [ 4C736FE8F8F58C03ECE0D2F9C1759C88, 11F576002A4896E862AF2DE91599C54E1C46B04475B05EC7D971353FC7326E39 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
17:31:15.0570 0x1c74  VBoxNetAdp - ok
17:31:15.0578 0x1c74  [ 422BC1CD644C8C8C3F3258F08F0DF584, 11304A5A0D910171515C874BD7A41051C4FD891673A8516812105F55490707B3 ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
17:31:15.0591 0x1c74  VBoxNetLwf - ok
17:31:15.0599 0x1c74  [ 364662D90DBBE5FDCA3F6264E97D893E, 4B7BCE29968C239FD2CC60D3D2AFECC4E1D9359CA4F8D96F033C7858DC9B7359 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
17:31:15.0610 0x1c74  VBoxUSBMon - ok
17:31:15.0615 0x1c74  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
17:31:15.0628 0x1c74  VClone - ok
17:31:15.0633 0x1c74  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:31:15.0648 0x1c74  vdrvroot - ok
17:31:15.0667 0x1c74  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
17:31:15.0712 0x1c74  vds - ok
17:31:15.0725 0x1c74  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:31:15.0743 0x1c74  VerifierExt - ok
17:31:15.0763 0x1c74  [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:31:15.0791 0x1c74  vhdmp - ok
17:31:15.0795 0x1c74  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
17:31:15.0805 0x1c74  vhf - ok
17:31:15.0808 0x1c74  [ F84C9860C0D7450A14226719AD825BCD, C7E9DD88780592EF5E64FC3706C37FA37CD0668B2CCE1D770A292F7EA6F5B3A9 ] VirtualComService C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe
17:31:15.0811 0x1c74  VirtualComService - detected UnsignedFile.Multi.Generic ( 1 )
17:31:16.0061 0x1c74  VirtualComService ( UnsignedFile.Multi.Generic ) - warning
17:31:16.0136 0x1c74  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:31:16.0146 0x1c74  vmbus - ok
17:31:16.0149 0x1c74  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:31:16.0159 0x1c74  VMBusHID - ok
17:31:16.0164 0x1c74  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
17:31:16.0173 0x1c74  vmgid - ok
17:31:16.0181 0x1c74  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
17:31:16.0198 0x1c74  vmicguestinterface - ok
17:31:16.0204 0x1c74  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
17:31:16.0220 0x1c74  vmicheartbeat - ok
17:31:16.0226 0x1c74  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
17:31:16.0242 0x1c74  vmickvpexchange - ok
17:31:16.0250 0x1c74  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
17:31:16.0270 0x1c74  vmicrdv - ok
17:31:16.0277 0x1c74  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
17:31:16.0293 0x1c74  vmicshutdown - ok
17:31:16.0300 0x1c74  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
17:31:16.0315 0x1c74  vmictimesync - ok
17:31:16.0322 0x1c74  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
17:31:16.0338 0x1c74  vmicvmsession - ok
17:31:16.0346 0x1c74  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
17:31:16.0362 0x1c74  vmicvss - ok
17:31:16.0367 0x1c74  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:31:16.0376 0x1c74  volmgr - ok
17:31:16.0384 0x1c74  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:31:16.0398 0x1c74  volmgrx - ok
17:31:16.0407 0x1c74  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:31:16.0422 0x1c74  volsnap - ok
17:31:16.0425 0x1c74  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
17:31:16.0433 0x1c74  volume - ok
17:31:16.0437 0x1c74  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:31:16.0447 0x1c74  vpci - ok
17:31:16.0450 0x1c74  [ 0BF7D10D1562CC3E32EC71D1291F8B25, 36ABB8CC5E25281862B07FCE8C7ACEB495F72713290917A332BE51AAF68E16E5 ] VSBC7           C:\WINDOWS\System32\drivers\evsbc7.sys
17:31:16.0456 0x1c74  VSBC7 - ok
17:31:16.0461 0x1c74  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:31:16.0472 0x1c74  vsmraid - ok
17:31:16.0497 0x1c74  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:31:16.0542 0x1c74  VSS - ok
17:31:16.0554 0x1c74  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:31:16.0568 0x1c74  VSTXRAID - ok
17:31:16.0571 0x1c74  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:31:16.0581 0x1c74  vwifibus - ok
17:31:16.0585 0x1c74  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
17:31:16.0596 0x1c74  vwififlt - ok
17:31:16.0606 0x1c74  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
17:31:16.0630 0x1c74  W32Time - ok
17:31:16.0635 0x1c74  [ 4053FB949F48647A327BC18DFEEA4374, 52511C35854A673ADCD9084FEF9BC6A339BCA0290374B81140A371D67B13A8FB ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
17:31:16.0646 0x1c74  w3logsvc - ok
17:31:16.0657 0x1c74  [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:31:16.0681 0x1c74  W3SVC - ok
17:31:16.0686 0x1c74  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:31:16.0696 0x1c74  WacomPen - ok
17:31:16.0706 0x1c74  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
17:31:16.0727 0x1c74  WalletService - ok
17:31:16.0731 0x1c74  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:31:16.0747 0x1c74  wanarp - ok
17:31:16.0751 0x1c74  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:31:16.0773 0x1c74  wanarpv6 - ok
17:31:16.0789 0x1c74  [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:31:16.0824 0x1c74  WAS - ok
17:31:16.0861 0x1c74  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:31:16.0938 0x1c74  wbengine - ok
17:31:16.0966 0x1c74  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:31:17.0017 0x1c74  WbioSrvc - ok
17:31:17.0028 0x1c74  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
17:31:17.0045 0x1c74  wcifs - ok
17:31:17.0064 0x1c74  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:31:17.0116 0x1c74  Wcmsvc - ok
17:31:17.0133 0x1c74  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:31:17.0167 0x1c74  wcncsvc - ok
17:31:17.0177 0x1c74  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
17:31:17.0194 0x1c74  wcnfs - ok
17:31:17.0199 0x1c74  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:31:17.0215 0x1c74  WdBoot - ok
17:31:17.0237 0x1c74  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:31:17.0271 0x1c74  Wdf01000 - ok
17:31:17.0286 0x1c74  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:31:17.0307 0x1c74  WdFilter - ok
17:31:17.0314 0x1c74  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:31:17.0338 0x1c74  WdiServiceHost - ok
17:31:17.0343 0x1c74  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:31:17.0368 0x1c74  WdiSystemHost - ok
17:31:17.0387 0x1c74  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
17:31:17.0432 0x1c74  wdiwifi - ok
17:31:17.0444 0x1c74  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:31:17.0461 0x1c74  WdNisDrv - ok
17:31:17.0464 0x1c74  WdNisSvc - ok
17:31:17.0475 0x1c74  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:31:17.0505 0x1c74  WebClient - ok
17:31:17.0514 0x1c74  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:31:17.0542 0x1c74  Wecsvc - ok
17:31:17.0547 0x1c74  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:31:17.0569 0x1c74  WEPHOSTSVC - ok
17:31:17.0576 0x1c74  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:31:17.0602 0x1c74  wercplsupport - ok
17:31:17.0610 0x1c74  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:31:17.0634 0x1c74  WerSvc - ok
17:31:17.0642 0x1c74  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
17:31:17.0659 0x1c74  WFPLWFS - ok
17:31:17.0666 0x1c74  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:31:17.0687 0x1c74  WiaRpc - ok
17:31:17.0693 0x1c74  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:31:17.0707 0x1c74  WIMMount - ok
17:31:17.0710 0x1c74  WinDefend - ok
17:31:17.0721 0x1c74  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
17:31:17.0737 0x1c74  WindowsTrustedRT - ok
17:31:17.0742 0x1c74  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
17:31:17.0755 0x1c74  WindowsTrustedRTProxy - ok
17:31:17.0777 0x1c74  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:31:17.0826 0x1c74  WinHttpAutoProxySvc - ok
17:31:17.0836 0x1c74  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
17:31:17.0851 0x1c74  WinMad - ok
17:31:17.0863 0x1c74  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:31:17.0889 0x1c74  Winmgmt - ok
17:31:17.0950 0x1c74  [ A26570B4A21AD6F4D597148D3C22274E, 594BD3B9B9B4027E5A7025CAB715378FB565FC5E00A0315A2EC3A6EFBC9CC72E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:31:18.0074 0x1c74  WinRM - ok
17:31:18.0092 0x1c74  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
17:31:18.0111 0x1c74  WINUSB - ok
17:31:18.0117 0x1c74  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
17:31:18.0133 0x1c74  WinVerbs - ok
17:31:18.0151 0x1c74  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
17:31:18.0191 0x1c74  wisvc - ok
17:31:18.0249 0x1c74  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:31:18.0337 0x1c74  WlanSvc - ok
17:31:18.0374 0x1c74  [ 8CBA7957D7F7B48C0D396E40AA2FBCDA, 15B0B46B0C6B90350948BA4780C0AADC16FD1754F56D14F5F5C23560190EFAFF ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:31:18.0432 0x1c74  wlidsvc - ok
17:31:18.0442 0x1c74  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:31:18.0450 0x1c74  WmiAcpi - ok
17:31:18.0459 0x1c74  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:31:18.0472 0x1c74  wmiApSrv - ok
17:31:18.0475 0x1c74  WMPNetworkSvc - ok
17:31:18.0481 0x1c74  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:31:18.0493 0x1c74  Wof - ok
17:31:18.0524 0x1c74  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:31:18.0577 0x1c74  workfolderssvc - ok
17:31:18.0586 0x1c74  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:31:18.0599 0x1c74  WPDBusEnum - ok
17:31:18.0604 0x1c74  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:31:18.0614 0x1c74  WpdUpFltr - ok
17:31:18.0620 0x1c74  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
17:31:18.0636 0x1c74  WpnService - ok
17:31:18.0640 0x1c74  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
17:31:18.0653 0x1c74  WpnUserService - ok
17:31:18.0657 0x1c74  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:31:18.0667 0x1c74  ws2ifsl - ok
17:31:18.0674 0x1c74  [ FF190115CBA067F58C981F0A9F43ABDF, C90353C748C02DB38B561C250682E12C82985A6F7ED7D497AF5DE10EC243FCBA ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:31:18.0689 0x1c74  wscsvc - ok
17:31:18.0693 0x1c74  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:31:18.0702 0x1c74  WSDPrintDevice - ok
17:31:18.0705 0x1c74  WSearch - ok
17:31:18.0744 0x1c74  [ 6BA66FE47BFAF223AEE6C98F28EB4D8E, 3B380329594DAD5BB50301F5A8A912BF6121788F395133C70C893879F68450FB ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:31:18.0807 0x1c74  wuauserv - ok
17:31:18.0818 0x1c74  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:31:18.0829 0x1c74  WudfPf - ok
17:31:18.0835 0x1c74  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
17:31:18.0850 0x1c74  WUDFRd - ok
17:31:18.0855 0x1c74  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:31:18.0868 0x1c74  wudfsvc - ok
17:31:18.0874 0x1c74  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:31:18.0888 0x1c74  WUDFWpdFs - ok
17:31:18.0893 0x1c74  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:31:18.0907 0x1c74  WUDFWpdMtp - ok
17:31:18.0929 0x1c74  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:31:18.0971 0x1c74  WwanSvc - ok
17:31:18.0993 0x1c74  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
17:31:19.0029 0x1c74  XblAuthManager - ok
17:31:19.0054 0x1c74  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
17:31:19.0092 0x1c74  XblGameSave - ok
17:31:19.0104 0x1c74  [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
17:31:19.0119 0x1c74  xboxgip - ok
17:31:19.0138 0x1c74  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
17:31:19.0176 0x1c74  XboxNetApiSvc - ok
17:31:19.0185 0x1c74  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
17:31:19.0196 0x1c74  xinputhid - ok
17:31:19.0198 0x1c74  ================ Scan global ===============================
17:31:19.0203 0x1c74  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
17:31:19.0216 0x1c74  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
17:31:19.0224 0x1c74  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
17:31:19.0246 0x1c74  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
17:31:19.0255 0x1c74  [ Global ] - ok
17:31:19.0256 0x1c74  ================ Scan MBR ==================================
17:31:19.0258 0x1c74  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:19.0358 0x1c74  \Device\Harddisk0\DR0 - ok
17:31:19.0360 0x1c74  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:31:19.0434 0x1c74  \Device\Harddisk1\DR1 - ok
17:31:19.0437 0x1c74  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:31:19.0476 0x1c74  \Device\Harddisk2\DR2 - ok
17:31:19.0476 0x1c74  ================ Scan VBR ==================================
17:31:19.0482 0x1c74  [ 4405F57935A2EAAB605417B0FDEBDCDF ] \Device\Harddisk0\DR0\Partition1
17:31:19.0483 0x1c74  \Device\Harddisk0\DR0\Partition1 - ok
17:31:19.0486 0x1c74  [ 71707DAD94D23FFC3C0134441D303138 ] \Device\Harddisk1\DR1\Partition1
17:31:19.0487 0x1c74  \Device\Harddisk1\DR1\Partition1 - ok
17:31:19.0489 0x1c74  [ 271DB34D8933271825700C5054EA039E ] \Device\Harddisk2\DR2\Partition1
17:31:19.0491 0x1c74  \Device\Harddisk2\DR2\Partition1 - ok
17:31:19.0492 0x1c74  ================ Scan generic autorun ======================
17:31:19.0643 0x1c74  [ 934E557BC878D8201D04AE60DF4DC1DE, 4D14B2A4FBA67C5662E2795FC8EB2A8B69D2723BE475EF8E4D1A1B30344D2FEB ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:31:19.0823 0x1c74  RTHDVCPL - ok
17:31:19.0836 0x1c74  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
17:31:19.0862 0x1c74  Logitech Download Assistant - ok
17:31:19.0866 0x1c74  [ E6A3062BDB2E18EBDEB69CF7F7A3A070, 48AB0CCA0230DCBB47CCC765659E390A4A42AC7303A27B835B9FBB1168AC7BF1 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:31:19.0888 0x1c74  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
17:31:20.0138 0x1c74  Detect skipped due to KSN trusted
17:31:20.0138 0x1c74  IAStorIcon - ok
17:31:20.0191 0x1c74  [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:31:20.0259 0x1c74  NvBackend - ok
17:31:20.0332 0x1c74  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:31:20.0416 0x1c74  EvtMgr6 - ok
17:31:20.0429 0x1c74  [ 404A6E6550DB206EA6E9B1AC642102B2, 33CAF3CDEF820DFC97844BBCA56B95B6D31D1C682C69A29D14F7A0C9058AC8EF ] C:\Program Files\iTunes\iTunesHelper.exe
17:31:20.0442 0x1c74  iTunesHelper - ok
17:31:20.0447 0x1c74  [ 02EBCEDBEA20933D2C6C1FA9AAF70F5C, 996A8DDF7A97459673F9A0BDB00F34984860D0FB93293093FCF47422905BC0C7 ] C:\Program Files\BOINC\boinctray.exe
17:31:20.0459 0x1c74  boinctray - ok
17:31:20.0645 0x1c74  [ 6D9E565C6F0B4FC2A6BB0E7734280278, 12F9A4E261318A3A90D3FE10D5080693D5F30FEC168D37DBF7DA188EE28AC9FB ] C:\Program Files\BOINC\boincmgr.exe
17:31:20.0835 0x1c74  boincmgr - ok
17:31:20.0868 0x1c74  [ BA973512967321769A17B5193703C229, 227DF8C8B6297271EE860B6813C7897B5EA7979B0279A9A0E8EA46689FFEF76B ] C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
17:31:20.0894 0x1c74  GoPro Tray App - ok
17:31:20.0899 0x1c74  [ 5D666FC778E7754CC7103402D814809B, 7E9B205B74440D455155014EE8D6FD0D1C647B016D72A28F16709F50BC005D3F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
17:31:20.0905 0x1c74  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
17:31:21.0157 0x1c74  Detect skipped due to KSN trusted
17:31:21.0157 0x1c74  ControlCenter4 - ok
17:31:21.0209 0x1c74  [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
17:31:21.0290 0x1c74  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
17:31:21.0537 0x1c74  Detect skipped due to KSN trusted
17:31:21.0537 0x1c74  BrStsMon00 - ok
17:31:21.0543 0x1c74  [ 68B7A5320065FCC7F4DF5A0DC3281EA5, 1B0526C04F78A0F824C20AF92C887488A897A228A13DD8939C2E115039466C34 ] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
17:31:21.0547 0x1c74  CloneCDTray - detected UnsignedFile.Multi.Generic ( 1 )
17:31:21.0793 0x1c74  Detect skipped due to KSN trusted
17:31:21.0793 0x1c74  CloneCDTray - ok
17:31:21.0801 0x1c74  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
17:31:21.0811 0x1c74  VirtualCloneDrive - ok
17:31:21.0820 0x1c74  [ 3A767D4CF95CAC1299554B89C4DE5920, E18D2BD562981A4BA54A677C8838ABE9056D1704EC2CC1A8B465390CAC9D1875 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
17:31:21.0835 0x1c74  KiesTrayAgent - ok
17:31:21.0839 0x1c74  Dropbox - ok
17:31:21.0847 0x1c74  [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
17:31:21.0863 0x1c74  PDFPrint - ok
17:31:21.0878 0x1c74  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:21.0900 0x1c74  SunJavaUpdateSched - ok
17:31:22.0115 0x1c74  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:31:22.0351 0x1c74  OneDriveSetup - ok
17:31:22.0552 0x1c74  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:31:22.0766 0x1c74  OneDriveSetup - ok
17:31:23.0039 0x1c74  [ 6EA915E51767CB576EFEA0397BA86837, 0B5D5AF51D1AEBD616E454C4C36445D2EAAD7E95551C56F34B6ED446D24E75F1 ] C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe
17:31:23.0314 0x1c74  GoodSync - ok
17:31:23.0334 0x1c74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
17:31:23.0340 0x1c74  Google Update - ok
17:31:23.0385 0x1c74  [ D2CE6EA0E9F641D7153462D40C6B4193, 3AAE5239F951E29497D759326BDC23E19644B763DC5661CA4E4980418195C37D ] C:\Program Files (x86)\Steam\steam.exe
17:31:23.0431 0x1c74  Steam - ok
17:31:23.0462 0x1c74  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Chris\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:31:23.0493 0x1c74  OneDrive - ok
17:31:23.0497 0x1c74  [ E9F83222854D007CD8AEF41D10E9728A, 5725C118071462D802A8F51933CFB0E4B7857DECC302F1B365ED95EBF2C838E0 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
17:31:23.0504 0x1c74  AnyDVD - ok
17:31:23.0641 0x1c74  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:31:23.0778 0x1c74  OneDriveSetup - ok
17:31:23.0795 0x1c74  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
17:31:23.0833 0x1c74  WAB Migrate - ok
17:31:23.0838 0x1c74  Waiting for KSN requests completion. In queue: 293
17:31:24.0874 0x1c74  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
17:31:24.0895 0x1c74  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
17:31:24.0896 0x1c74  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
17:31:24.0968 0x1c74  ============================================================
17:31:24.0968 0x1c74  Scan finished
17:31:24.0968 0x1c74  ============================================================
17:31:24.0976 0x35bc  Detected object count: 2
17:31:24.0976 0x35bc  Actual detected object count: 2
17:31:43.0123 0x35bc  BRA_Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:43.0123 0x35bc  BRA_Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:43.0124 0x35bc  VirtualComService ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:43.0124 0x35bc  VirtualComService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:32:01.0356 0x05a8  Deinitialize success

deeprybka · 10.12.2016, 18:04

Schritt 1

Downloade Dir bitte

AdwCleaner auf Deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere Dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit Deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Jetzt bitte Suchscan durchführen:

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

erebor · 11.12.2016, 10:15

Code:

ATTFilter

# AdwCleaner v6.040 - Bericht erstellt am 10/12/2016 um 19:03:55
# Aktualisiert am 02/12/2016 von Malwarebytes
# Datenbank : 2016-12-09.3 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Chris - CHRIS-PC
# Gestartet von : C:\Users\Chris\Desktop\AdwCleaner_6.040.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CDeviceRecognitionICanTek.CDeviceReco
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CDeviceRecognitionICanTek.CDeviceReco.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\CDeviceRecognitionICanTek.CDeviceReco
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\CDeviceRecognitionICanTek.CDeviceReco.1
[-] Schlüssel gelöscht: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\MICROSOFT\IDSC
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MICROSOFT\IDSC
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SprgFiles
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MICROSOFT\IDSC
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5891 Bytes] - [25/02/2016 09:51:17]
C:\AdwCleaner\AdwCleaner[C2].txt - [2132 Bytes] - [10/12/2016 19:03:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [355 Bytes] - [25/02/2016 09:34:46]
C:\AdwCleaner\AdwCleaner[S2].txt - [355 Bytes] - [25/02/2016 09:37:32]
C:\AdwCleaner\AdwCleaner[S3].txt - [355 Bytes] - [25/02/2016 09:38:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [355 Bytes] - [25/02/2016 09:40:36]
C:\AdwCleaner\AdwCleaner[S5].txt - [355 Bytes] - [25/02/2016 09:43:33]
C:\AdwCleaner\AdwCleaner[S6].txt - [5626 Bytes] - [25/02/2016 09:47:58]
C:\AdwCleaner\AdwCleaner[S7].txt - [2757 Bytes] - [10/12/2016 19:02:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2711 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 10.12.2016
Suchlaufzeit: 19:11
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.12.10.07
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Chris

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 396284
Abgelaufene Zeit: 8 Min., 14 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 1
PUP.Optional.IDSCProduct, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{841E2F4F-6E7D-4C21-AEAC-14EA4350E943}, v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Max Driver Updater\maxdu.exe|Name=MaxDriverUpdater|, In Quarantäne, [8d2229bcbedce353a8632d52a85b0ff1]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77, In Quarantäne, [57589a4b1f7b48eef09e8ff5e31fd12f], 
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\Updater, In Quarantäne, [57589a4b1f7b48eef09e8ff5e31fd12f], 

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7f22d11e3172e04196de762546672368
# end=init
# utc_time=2016-02-28 07:49:11
# local_time=2016-02-28 08:49:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 28344
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7f22d11e3172e04196de762546672368
# end=updated
# utc_time=2016-02-28 08:35:41
# local_time=2016-02-28 09:35:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7f22d11e3172e04196de762546672368
# engine=28344
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-28 10:20:59
# local_time=2016-02-28 11:20:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 37586 20916711 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10471547 10512202 0 0
# scanned=448236
# found=3
# cleaned=0
# scan_time=6317
sh=34D4E60CF7F9C9B6E3E70DEAD22643E6270F1F65 ft=1 fh=6e97efb4e55c812d vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\Downloads\Holo Backup Simple ADB Backup - CHIP-Installer.exe"
sh=39A1B20DEC8D8A49321A23FB0A5F39156030A0B9 ft=1 fh=48c3ad88baa7de0c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\Downloads\PDF Unlocker - CHIP-Installer.exe"
sh=01F09FEFE5C1CE66712C4962DA0D280EE04812F8 ft=1 fh=f9fd06229fff4b2b vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Chris\Downloads\PDFCrack - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7f22d11e3172e04196de762546672368
# end=init
# utc_time=2016-12-10 06:24:16
# local_time=2016-12-10 07:24:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 31693
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7f22d11e3172e04196de762546672368
# end=updated
# utc_time=2016-12-10 06:26:17
# local_time=2016-12-10 07:26:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7f22d11e3172e04196de762546672368
# engine=31693
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-10 08:37:31
# local_time=2016-12-10 09:37:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 8095 14336385 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6498086 12732867 0 0
# scanned=521883
# found=0
# cleaned=0
# scan_time=7873

deeprybka · 11.12.2016, 17:36

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

erebor · 11.12.2016, 18:40

Bis dato keine Probleme oder unerwünschten Meldungen.

Hier die Logs:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
durchgeführt von Chris (Administrator) auf CHRIS-PC (11-12-2016 18:38:07)
Gestartet von C:\Users\Chris\Desktop
Geladene Profile: Chris (Verfügbare Profile: Chris & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(RedFox) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
() C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
(Mozilla Corporation) C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
() C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Chris\Desktop\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [69416 2015-12-17] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8746792 2015-12-17] (Space Sciences Laboratory)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-11] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25838592 2016-11-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [GoodSync] => C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe [12404960 2016-11-15] ()
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Google Update] => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2016-03-28] (RedFox)
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyServer.lnk [2014-12-01]
ShortcutTarget: TwonkyServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{288d840f-bed8-48df-8c41-5268d704db33}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> DefaultScope {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll => Keine Datei
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-22] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965 [2016-12-11]
FF Homepage: Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965 -> hxxp://google.de/
FF Extension: (LastPass) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\support@lastpass.com [2016-11-26]
FF Extension: (uBlock Origin) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\uBlock0@raymondhill.net.xpi [2016-12-02]
FF Extension: (Session Manager) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-11-16]
FF Extension: (Video DownloadHelper) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-11-11]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-07-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @networksurveillance.com/camclictrl -> C:\Program Files (x86)\NetworkSurveillanceNP\npCamCliCtrl.dll [2012-04-10] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Chris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-19] (Citrix Online)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://web.whatsapp.com/"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default [2016-11-11]
CHR Extension: (Google Präsentationen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-28]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28]
CHR Extension: (Google Tabellen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-28]
CHR Extension: (Kaspersky Protection) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-11-11]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Amazon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2016-02-28]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-11]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Chris\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2013-05-31] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [7942880 2016-11-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-14] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [881480 2013-04-19] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-04-19] (PacketVideo)
R2 VirtualComService; C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe [16384 2015-06-27] (AK) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 evserial7; C:\WINDOWS\System32\drivers\evserial7.sys [71432 2011-10-31] (ELTIMA Software)
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-27] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-10] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-02] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-10] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-10] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
R3 VSBC7; C:\WINDOWS\System32\drivers\evsbc7.sys [36616 2011-10-31] (ELTIMA Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-11 18:37 - 2016-12-11 18:37 - 02420224 _____ (Farbar) C:\Users\Chris\Desktop\FRST64(1).exe
2016-12-11 17:11 - 2016-12-11 17:11 - 00370264 _____ C:\Users\Chris\Downloads\Anhang_332D08.pdf
2016-12-11 10:53 - 2016-12-11 10:53 - 00001558 _____ C:\Users\Chris\Desktop\Google Drive.lnk
2016-12-11 10:47 - 2016-12-11 10:47 - 00002180 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-12-11 10:47 - 2016-12-11 10:47 - 00002178 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-12-11 10:47 - 2016-12-11 10:47 - 00002168 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-12-11 10:47 - 2016-12-11 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-12-11 10:46 - 2016-12-11 10:46 - 01065376 _____ (Google Inc.) C:\Users\Chris\Downloads\googledrivesync.exe
2016-12-11 10:40 - 2016-12-11 10:40 - 00003420 _____ C:\Users\Chris\Desktop\eset.txt
2016-12-10 23:50 - 2016-12-10 23:50 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-12-10 19:23 - 2016-12-10 19:24 - 02870984 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe
2016-12-10 19:22 - 2016-12-10 19:22 - 00001741 _____ C:\Users\Chris\Desktop\mbam.txt
2016-12-10 19:21 - 2016-12-10 19:21 - 00000000 ___HD C:\OneDriveTemp
2016-12-10 19:13 - 2016-12-10 19:13 - 00002813 _____ C:\Users\Chris\Desktop\AdwCleaner[C2].txt
2016-12-10 19:10 - 2016-12-10 19:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-10 19:10 - 2016-12-10 19:10 - 00001240 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-10 19:10 - 2016-12-10 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-10 19:10 - 2016-12-10 19:10 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-10 19:10 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-10 19:10 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-10 19:10 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-10 19:09 - 2016-12-10 19:10 - 22851472 _____ (Malwarebytes ) C:\Users\Chris\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-10 18:55 - 2016-12-10 19:00 - 03968464 _____ C:\Users\Chris\Desktop\AdwCleaner_6.040.exe
2016-12-10 17:30 - 2016-12-10 17:32 - 00298068 _____ C:\Users\Chris\Desktop\TDSSKiller.3.1.0.12_10.12.2016_17.30.11_log.txt
2016-12-10 17:29 - 2016-12-10 17:30 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Chris\Desktop\tdsskiller.exe
2016-12-10 13:47 - 2016-12-10 13:47 - 00000960 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-12-10 13:47 - 2016-12-10 13:47 - 00000912 _____ C:\Users\Chris\Desktop\Start Tor Browser.lnk
2016-12-10 13:47 - 2016-12-10 13:47 - 00000000 ____D C:\Users\Chris\Desktop\Tor Browser
2016-12-10 13:46 - 2016-12-10 13:47 - 50910800 _____ C:\Users\Chris\Downloads\torbrowser-install-6.0.7_de.exe
2016-12-10 13:45 - 2016-12-10 13:45 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-12-10 13:45 - 2016-12-10 13:45 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-12-10 12:25 - 2016-12-11 18:38 - 00038376 _____ C:\Users\Chris\Desktop\FRST.txt
2016-12-10 12:25 - 2016-12-10 12:25 - 00070531 _____ C:\Users\Chris\Desktop\Addition.txt
2016-12-10 12:06 - 2016-12-10 12:25 - 00070531 _____ C:\Users\Chris\Downloads\Addition.txt
2016-12-10 12:05 - 2016-12-10 12:07 - 00054496 _____ C:\Users\Chris\Downloads\FRST.txt
2016-12-10 12:04 - 2016-12-10 12:05 - 02420224 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe
2016-12-10 10:46 - 2016-12-10 10:46 - 00000693 _____ C:\Users\Chris\Desktop\virus.txt
2016-12-10 10:45 - 2016-12-10 10:45 - 00000858 _____ C:\Users\Chris\Documents\virus2.txt
2016-12-07 18:13 - 2016-12-07 18:13 - 00001538 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-07 18:02 - 2016-12-07 18:02 - 74795512 _____ (Promethean) C:\Users\Chris\Downloads\ActivInspire_v2.8.66693_AppOnly_setup.exe
2016-12-07 07:10 - 2016-12-07 07:10 - 00045745 _____ C:\Users\Chris\Desktop\AB 13 Die Schulzeit meiner Großeltern.pdf
2016-12-07 07:06 - 2016-12-07 07:06 - 00018799 _____ C:\Users\Chris\Desktop\Vertretung NaWi 7g.pdf
2016-12-07 07:03 - 2016-12-07 07:03 - 00040945 _____ C:\Users\Chris\Desktop\Vertretung GL.pdf
2016-12-07 06:57 - 2016-12-10 09:25 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-05 20:04 - 2016-12-05 20:04 - 00207141 _____ C:\Users\Chris\Downloads\S0-6B43556B4931495056307630774279353667583234673D3D.pdf
2016-12-05 18:51 - 2016-12-05 18:51 - 00209255 _____ C:\Users\Chris\Downloads\muster-widerrufsformular.pdf
2016-12-05 07:49 - 2016-12-05 07:49 - 00077883 _____ C:\Users\Chris\Downloads\48949100_2016_Nr.011_Kontoauszug_vom_30.11.2016_20161205074913.pdf
2016-12-02 22:54 - 2016-12-02 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-02 22:07 - 2016-12-02 22:07 - 02017022 _____ C:\Users\Chris\Downloads\flyer_flachdach_din_68800.pdf
2016-12-02 21:07 - 2016-12-02 21:07 - 00856774 _____ C:\Users\Chris\Downloads\BA_19820_V2.0_DE.pdf
2016-12-02 06:53 - 2016-12-02 06:53 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-28 15:05 - 2016-11-28 15:05 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-11-27 09:13 - 2016-11-27 09:13 - 02436658 _____ C:\Users\Chris\Downloads\2011-11-22_0507842.pdf
2016-11-26 11:51 - 2016-11-27 16:54 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\LastPass
2016-11-24 23:03 - 2016-11-24 23:03 - 00330752 _____ C:\Users\Chris\Desktop\dhp-#nichtegal-infobrief-schulen.pdf
2016-11-22 11:27 - 2016-11-22 11:27 - 35148554 _____ C:\Users\Chris\Downloads\Chinese Jump Rope (Gummitwist) - Klasse 5 - 2015 _ 2016.mp4
2016-11-21 19:24 - 2016-12-05 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-21 17:52 - 2016-11-21 17:52 - 00010049 _____ C:\Users\Chris\Downloads\Familienzuschlag_2016.pdf
2016-11-21 17:51 - 2016-11-21 17:51 - 00018975 _____ C:\Users\Chris\Downloads\Amts-_und_Stellenzulagen_2016.pdf
2016-11-21 17:51 - 2016-11-21 17:51 - 00013913 _____ C:\Users\Chris\Downloads\Besoldungsordnung_A_2016.pdf
2016-11-21 17:13 - 2016-11-21 17:13 - 00065301 _____ C:\Users\Chris\Downloads\2016_amtsangemessene_versorgung_musterantrag.pdf
2016-11-21 17:13 - 2016-11-21 17:13 - 00064905 _____ C:\Users\Chris\Downloads\161019_amtsangemessene_besoldung_musterantrag_aktive.pdf
2016-11-20 16:55 - 2016-11-20 16:55 - 00863029 _____ C:\Users\Chris\Downloads\pappmache.pdf
2016-11-20 12:59 - 2016-11-20 12:59 - 02978125 _____ C:\Users\Chris\Downloads\UR-0009-Jump-Style-Probematerial.pdf
2016-11-19 08:14 - 2016-11-19 08:14 - 01099414 _____ C:\Users\Chris\Downloads\2016-7TKS-aufgeschlossen-Programmheft1.pdf
2016-11-19 08:13 - 2016-11-19 08:13 - 00413278 _____ C:\Users\Chris\Downloads\2016_11_17_TKS_aufgeschlossen_Vorank.pdf
2016-11-19 08:06 - 2016-12-11 17:17 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Mozilla
2016-11-18 21:22 - 2016-12-02 22:44 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla Firefox
2016-11-18 21:04 - 2016-11-18 21:04 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Temp
2016-11-16 20:42 - 2016-11-16 20:42 - 00039611 _____ C:\Users\Chris\Downloads\2016-11-16 20_42_08 SuS-Zugangsdaten.pdf
2016-11-16 20:42 - 2016-11-16 20:42 - 00024654 _____ C:\Users\Chris\Downloads\2016-11-16 20_42_28 SuS-Zugangsdaten.pdf
2016-11-16 20:41 - 2016-11-16 20:41 - 00029050 _____ C:\Users\Chris\Downloads\2016-11-16 20_41_35 LuL-Zugangsdaten.pdf
2016-11-14 08:04 - 2016-11-14 08:04 - 01658744 _____ C:\Users\Chris\Downloads\BrMain483.exe
2016-11-14 08:01 - 2016-11-14 08:01 - 00010475 _____ C:\Users\Chris\Downloads\rectangle25_a4_rgb.pdf
2016-11-14 07:21 - 2016-11-14 07:21 - 07653480 _____ C:\Users\Chris\Downloads\SaalDesignSoftware4.0.exe
2016-11-14 07:21 - 2016-11-14 07:21 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaalDesignSoftware.lnk
2016-11-14 07:21 - 2016-11-14 07:21 - 00001105 _____ C:\Users\Public\Desktop\SaalDesignSoftware.lnk
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\SaalDesignSoftware
2016-11-14 07:21 - 2016-11-14 07:21 - 00000000 ____D C:\Program Files (x86)\SaalDesignSoftware
2016-11-13 18:43 - 2016-11-13 18:44 - 17853716 _____ C:\Users\Chris\Downloads\DLR_Unser_Sonnensystem.pdf
2016-11-13 18:40 - 2016-11-13 18:40 - 00397675 _____ C:\Users\Chris\Downloads\Groessenvergleich der Planeten unseres Sonnensystems.pdf
2016-11-11 06:48 - 2016-11-11 06:52 - 373931981 _____ C:\Users\Chris\Desktop\Marc Lubetzki – The Strength Summit.mp4
2016-11-11 06:48 - 2016-11-11 06:48 - 00000000 ____D C:\Users\Chris\dwhelper
2016-11-11 06:44 - 2016-11-11 06:44 - 00590671 _____ C:\Users\Chris\Downloads\Marc Lubetzki  The Strength Summit (1).mp4
2016-11-11 06:44 - 2016-11-11 06:44 - 00580126 _____ C:\Users\Chris\Downloads\Marc Lubetzki  The Strength Summit.mp4

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-11 18:38 - 2016-02-25 09:23 - 00000000 ____D C:\FRST
2016-12-11 18:34 - 2016-05-31 19:51 - 00000000 ____D C:\ProgramData\BOINC
2016-12-11 18:31 - 2016-09-26 15:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-11 18:23 - 2015-12-10 21:51 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-12-11 17:58 - 2016-02-24 18:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-11 17:28 - 2016-05-12 06:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\WhatsApp
2016-12-11 10:47 - 2014-02-13 17:59 - 00000000 ____D C:\Users\Chris\AppData\Local\Google
2016-12-11 10:47 - 2014-02-13 17:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-11 10:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-11 08:25 - 2014-02-13 18:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\GoodSync
2016-12-10 19:27 - 2016-09-26 15:39 - 02054580 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-10 19:27 - 2016-07-16 23:51 - 00767682 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-10 19:27 - 2016-07-16 23:51 - 00177272 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-10 19:21 - 2015-12-10 21:49 - 00000000 ___RD C:\Users\Chris\OneDrive
2016-12-10 19:21 - 2015-12-07 20:03 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-10 19:21 - 2014-12-01 18:50 - 00000000 ____D C:\ProgramData\TwonkyServer
2016-12-10 19:20 - 2016-09-26 15:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-10 19:20 - 2016-09-26 15:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-10 19:20 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-10 19:20 - 2014-05-11 18:32 - 00000000 ____D C:\ProgramData\TEMP
2016-12-10 19:04 - 2014-02-14 18:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-10 19:03 - 2016-02-25 09:33 - 00000000 ____D C:\AdwCleaner
2016-12-10 12:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-10 09:34 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-10 09:26 - 2016-07-14 08:38 - 00000000 ____D C:\Users\Chris\AppData\Local\WhatsApp
2016-12-10 09:26 - 2016-05-12 06:25 - 00002292 _____ C:\Users\Chris\Desktop\WhatsApp.lnk
2016-12-10 09:26 - 2016-05-12 06:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-12-10 09:25 - 2016-05-12 06:25 - 00000000 ____D C:\Users\Chris\AppData\Local\SquirrelTemp
2016-12-10 09:25 - 2015-12-10 21:49 - 00002437 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-08 19:19 - 2015-12-10 21:47 - 00000000 ____D C:\Users\Chris\AppData\Local\Packages
2016-12-07 18:19 - 2014-02-13 18:13 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2016-12-07 18:13 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-07 18:12 - 2016-09-26 20:06 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-07 18:12 - 2016-06-20 22:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-07 18:12 - 2016-06-02 21:39 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-05 20:05 - 2014-02-13 18:19 - 00000336 _____ C:\WINDOWS\BRCALIB.INI
2016-12-05 16:51 - 2015-12-10 22:33 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-05 16:51 - 2015-12-10 22:33 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-05 16:51 - 2014-02-14 10:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-05 16:51 - 2014-02-13 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-05 16:51 - 2014-02-13 17:50 - 00000000 ____D C:\Users\Chris\AppData\Local\NVIDIA Corporation
2016-12-02 22:54 - 2015-12-10 22:33 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-02 22:43 - 2016-09-26 15:47 - 00004290 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-12-02 22:43 - 2016-09-26 15:47 - 00004058 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-12-02 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-26 12:23 - 2014-06-01 14:56 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-11-20 17:14 - 2015-11-13 09:15 - 00000000 ____D C:\Users\Chris\Desktop\NaWi-Logo
2016-11-19 17:24 - 2014-02-13 17:49 - 00000000 ____D C:\Users\Chris\AppData\Local\NVIDIA
2016-11-19 08:08 - 2014-03-20 08:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2016-11-19 08:07 - 2016-09-26 15:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-19 08:07 - 2016-09-26 15:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-19 08:07 - 2016-09-26 15:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-19 08:07 - 2014-02-11 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-17 22:18 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-17 22:17 - 2013-04-23 09:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-16 20:38 - 2014-02-18 19:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\TeamViewer
2016-11-15 19:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-15 06:45 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-14 07:21 - 2014-08-28 08:42 - 00000000 ____D C:\Users\Chris\AppData\Local\Adobe
2016-11-14 07:21 - 2014-02-14 08:39 - 00000000 ____D C:\ProgramData\Adobe
2016-11-14 07:21 - 2014-02-14 08:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-14 07:21 - 2014-02-13 17:51 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Adobe
2016-11-14 07:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-14 07:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-14 07:04 - 2014-03-02 20:21 - 00000000 ____D C:\ProgramData\tmp
2016-11-13 19:08 - 2016-09-26 15:39 - 00000000 ____D C:\Users\Chris
2016-11-12 07:59 - 2015-12-10 21:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-12 07:58 - 2016-09-26 15:38 - 00579736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-11 07:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-11 07:05 - 2013-08-22 09:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-11 07:02 - 2013-04-22 15:17 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-06-15 21:11 - 2016-02-14 09:03 - 0004608 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-23 08:27 - 2016-06-14 17:07 - 0001149 _____ () C:\Users\Chris\AppData\Local\OfficeMix.txt
2016-08-31 16:18 - 2016-08-31 16:18 - 0000380 _____ () C:\Users\Chris\AppData\Local\OfficeMix_16_0.txt
2016-03-14 18:54 - 2016-03-14 18:54 - 0007145 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel
2014-02-16 17:08 - 2016-06-01 20:30 - 0007611 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2014-03-03 12:53 - 2014-03-03 12:53 - 0000011 _____ () C:\ProgramData\.tv7
2014-02-14 18:12 - 2016-01-24 08:12 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-02-24 18:51 - 2016-02-24 18:51 - 0235717 _____ () C:\ProgramData\1456336221.bdinstall.bin
2016-03-22 17:07 - 2016-03-22 17:07 - 0025767 _____ () C:\ProgramData\1458662861.bdinstall.bin
2016-03-31 21:52 - 2016-03-31 21:52 - 0025975 _____ () C:\ProgramData\1459457553.bdinstall.bin
2016-06-14 15:58 - 2016-06-14 15:58 - 0025973 _____ () C:\ProgramData\1465916327.bdinstall.bin
2016-06-14 16:58 - 2016-06-14 16:58 - 0025974 _____ () C:\ProgramData\1465919934.bdinstall.bin
2016-06-14 16:59 - 2016-06-14 16:59 - 0025975 _____ () C:\ProgramData\1465919942.bdinstall.bin
2016-06-14 16:59 - 2016-06-14 16:59 - 0026778 _____ () C:\ProgramData\1465919952.bdinstall.bin
2016-09-20 19:56 - 2016-09-20 19:56 - 0026834 _____ () C:\ProgramData\agent.1474397808.bdinstall.bin
2016-11-02 06:37 - 2016-11-02 06:37 - 0028757 _____ () C:\ProgramData\agent.1478065071.bdinstall.bin
2014-04-29 07:42 - 2014-04-29 07:43 - 0009868 _____ () C:\ProgramData\DVRClient.log
2014-04-29 07:43 - 2014-04-29 08:02 - 0160512 _____ () C:\ProgramData\DVRServerMediaDevices.log
2014-04-29 07:43 - 2014-04-29 07:44 - 0001088 _____ () C:\ProgramData\DVRServerNetworkCameras.log
2014-04-29 07:41 - 2014-04-29 07:41 - 0000832 _____ () C:\ProgramData\DVRServerTools.log
2016-02-19 13:33 - 2016-02-19 13:33 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\libeay32.dll
C:\Users\Chris\AppData\Local\Temp\msvcr120.dll
C:\Users\Chris\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Chris\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Chris\AppData\Local\Temp\nvStInst.exe
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll
C:\Users\Chris\AppData\Local\Temp\_is58C4.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-04 16:34

==================== Ende von FRST.txt ============================

erebor · 11.12.2016, 18:41

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016
durchgeführt von Chris (11-12-2016 18:38:53)
Gestartet von C:\Users\Chris\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-26 14:48:23)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2784361696-2099732649-3132497725-500 - Administrator - Disabled)
Chris (S-1-5-21-2784361696-2099732649-3132497725-1001 - Administrator - Enabled) => C:\Users\Chris
DefaultAccount (S-1-5-21-2784361696-2099732649-3132497725-503 - Limited - Disabled)
Gast (S-1-5-21-2784361696-2099732649-3132497725-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2784361696-2099732649-3132497725-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ActivInspire Core Resources (DEU) v1 (HKLM-x32\...\{06C9F624-9F53-4C89-9720-1601A295769A}) (Version: 1.6.3 - Promethean)
ActivInspire Help (DEU) v1 (HKLM-x32\...\{B18A62F5-296F-4BC4-B8DD-A9FB16EE9106}) (Version: 1.6.3 - Promethean)
ActivInspire HWR Resources (DEU) v1 (HKLM-x32\...\{CB2158F5-B05D-41BF-B8F8-05A85695BA4E}) (Version: 1.7.1 - Promethean)
ActivInspire v2 (HKLM-x32\...\{3596E106-2A9A-4005-8EDD-CFD18AC3B969}) (Version: 2.7.66643 - Promethean)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AK-VirtualCom (HKLM-x32\...\{55D9A696-A3F5-48D8-82A5-F509BBD28189}) (Version: 2.0.0 - AK-NORD)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.5 - RedFox)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender)
BOINC (HKLM\...\{EC6C20A3-D9C4-4775-8EEC-4C11E64E2779}) (Version: 7.6.22 - Space Sciences Laboratory, U.C. Berkeley)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.51.0007 - Brother)
Brother MFL-Pro Suite DCP-9055CDN (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CamCliCtrl (HKLM-x32\...\{1C38E027-8447-4344-9B8C-A831C628BF63}) (Version: 1.0.6510 - NetworkSurveillanceNP)
Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 15.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EZ CD Audio Converter Free (64-bit) (HKLM-x32\...\EZ CD Audio Converter Free (64-bit)) (Version: 1.6.1 - Poikosoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version:  - musetips.com)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.12.713 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.12.713 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.7.1117 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.71.0 - Siber Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Photos Backup (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoPro (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (x32 Version: 5.9.2733 - GoPro, Inc.) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Jumpian (HKLM-x32\...\{e2a1b9e8-f43a-41a4-97e2-1875e5933719}) (Version: 1.7.0.13 - Synnotech AG)
Jumpian (x32 Version: 1.7.0.13 - Synnotech AG) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B7802BC1-5F76-48D2-A622-98195BD50B87}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden
MakeMKV v1.9.1 (HKLM-x32\...\MakeMKV) (Version: v1.9.1 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MassFaces 4.2.5.141 (HKLM-x32\...\{D7B24A43-A287-41AC-9957-F616A2B25A9D}_is1) (Version: 4.2.5.141 - Havy Alegria)
MediaCoder x64 0.8.41.5815 (HKLM\...\MediaCoder x64) (Version: 0.8.41.5815 - Mediatronic)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation)
MKVToolNix 9.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 9.4.0 - Moritz Bunkus)
Morgan Multimedia Motion JPEG Codec 3.0.0.9 (HKLM-x32\...\Morgan Multimedia Motion JPEG Codec_is1) (Version: 3.0.0.9 - Morgan Multimedia)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Firefox 50.0.2 (x86 de) (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom)
NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue)
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OEKOWI 5.207.ch (HKLM-x32\...\{0506FA2D-F846-4536-930B-0FC372BDE853}) (Version: 5.207.0 - Ernst Schmidheiny Stiftung)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office Mix (HKLM-x32\...\{9c7fb62c-70e4-4bd0-b9f1-d84aa18ff93d}) (Version: 0.1.5720.0 - Microsoft Corporation)
Office Mix 32-bit (x32 Version: 0.1.5720.0 - Microsoft) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.6 (HKLM\...\{EEDDD7E2-A7A2-4FA9-8C32-ADB29A5096FF}) (Version: 5.1.6 - Oracle Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (64bit) (HKLM\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.74.1 - proDAD GmbH)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
S3 Browser version 4.9.3 (HKLM\...\S3 Browser_is1) (Version: 4.9.3.0 - NetSDK Software, LLC)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SecurView Pro 2.1.1 (HKLM-x32\...\DVRServer.Application_is1) (Version: 2.1.1 - TRENDnet)
SecurView Pro Codecs 2.1.1 (HKLM-x32\...\DVRCodecs_is1) (Version: 2.1.1 - TRENDnet)
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
SetupWizard (HKLM-x32\...\{CE7BDBA3-B8F4-4B2A-8FB7-7C439D6E6077}) (Version: 1.0.2904 - TRENDnet)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version:  - )
SteuerBerater 2015-2016 (HKLM-x32\...\{342BD7F7-8BBD-403A-B09B-F3361A1365E3}) (Version: 15.11.0 - Akademische Arbeitsgemeinschaft)
SteuerBerater für Lehrer 2013-2014 (HKLM-x32\...\{E84E9818-988D-44E1-A996-FC05F83A64DC}) (Version: 1.00.9 - Akademische Arbeitsgemeinschaft)
SteuerBerater für Lehrer 2014-2015 (HKLM-x32\...\{425E7795-9051-4EA3-8E85-32B9B6725247}) (Version: 15.03.0 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.37.107 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung Lehrer 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.12.92 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung Lehrer 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.42.175 - Akademische Arbeitsgemeinschaft)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Thecus Setup Wizard 2.0.4 (HKLM-x32\...\Thecus Setup Wizard) (Version: 2.0.4 - Thecus, Inc.)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.1.0 - PacketVideo)
TwonkyManager (HKLM-x32\...\TwonkyManager) (Version: 3.1.0 (55) - PacketVideo)
Unity Web Player (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS 2008 CRT Package (HKLM-x32\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {18A94BBD-9468-D082-EBDB-D8E985889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5EC3F743-9468-D082-1567-B2AF85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05CA85CC-800F-430A-B300-CD228FEA6CD0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {0EAD5BD0-E399-4CCD-BB00-1E445ACA3EB5} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe
Task: {1F61DF53-C97C-4B2F-A65F-517065407262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {20FA996A-5F21-400B-B4FF-1F4FC4C56C21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {238E5C74-8143-4713-8CF6-7772CD04C222} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {25C348BF-A43B-4553-8FC1-35F927733361} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2CB7A611-6648-4E15-A5B1-1BFF9E77BD68} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2F6536DD-1D7F-4F6A-B48C-A8F0F88A4684} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {30322D93-AA36-4B24-9259-6A23DDC8D63A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31A00C32-9B1A-4666-9CDD-6CD18BC6A83C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {329C6455-D140-4176-A2B1-060296753F8F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {360550D1-9545-418D-A2A3-C1FDFFEC60AD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3EBC1F2E-8B52-4D38-A8D8-DDBFED624D4B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {4517231F-FF08-4D92-BE96-A57F01B948FF} - System32\Tasks\{90C4F098-DC86-4290-9EC3-6FBFA505B2C0} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsMain
Task: {45FD276B-29B2-4629-AE1D-125AEFE5F34D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4BEE47F8-7A7C-47B5-A100-0ED768743CD5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5575FF3E-165E-4332-8F79-EEEA7E62AC78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5629CE8C-87B5-48D4-93A5-2E53A110CB73} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5669705E-F6B3-41F2-BDB9-AF18D8C8AAC2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63CCAACF-A9EF-4E21-A61E-4ECE6CBF8205} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {698D1C76-15E2-430D-9655-862A90D959F5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.)
Task: {7A895C41-84C7-4084-8D93-3C27E59837F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E245809-0AE1-4486-A6C9-8F4E012BAA79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {84074052-5CF3-4A8E-89D4-503E78C7BC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B2B927B-1071-4CBF-A15A-82EB8D2F74DB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8C701934-5C35-4180-8B41-810A2E6827F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8C898A53-3106-490A-99BB-11CE5AC6B833} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9CB717A9-CD2F-4415-8583-10C9A069D7FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A7FAE584-D2D4-4FEC-9884-03038D2A659D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AD320376-9B1E-414E-AB61-E7F4E962DB26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B04F8EB6-D7E1-4225-AFC4-FC7CD348D5B2} - System32\Tasks\{87744C1F-53F1-4916-8388-6B9518B6203F} => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe [2015-12-07] (Gas Powered Games)
Task: {B286AAE8-1334-4432-87B2-FF2AB48700D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B5220E85-934A-4E3A-90B8-E2F31DE82BC8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE28265D-C88D-4A1F-9DA7-53C7F25EADAC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF3A86BD-4EFD-48E9-8A79-9A927A1E894F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C115C74A-62B6-4CF1-BA02-554ADF3C33FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {C23352CC-33FD-4E06-A385-234D2931D254} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C733F89E-2B0B-4C67-B9F1-2338E0DE4D1A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB38AA2D-C7E0-4333-BDE8-3C294320D158} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {CDA1BD3F-BDA2-489A-8FE4-66978652720A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-14] (Adobe Systems Incorporated)
Task: {CE34CAFC-0242-4A50-BCB0-2321EC97CB51} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D241E9EF-E6E9-4CDD-B24C-43E7630F9D2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {D453B5F2-CC20-40E3-B177-5813F73B06BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DB32C87C-E23D-43AE-9B54-EFD661BFB883} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DC724AC5-4861-45BB-9F73-4E05E2B09D13} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DED83FBC-F8D1-41CA-9F9A-2BA67C5A04E3} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {EC9BAC6B-06F8-4B47-8D89-B9C7BF640AA1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0C2AE48-B72C-48AE-BEFC-4197AB22AF9A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F235A244-DCAE-4C58-9496-8476437D46B8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation)
Task: {F416ACC6-C393-4895-AB96-B96592798483} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-11] (Microsoft Corporation)
Task: {F424049C-22F0-44BE-B66C-B643B85C180B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6729825-C0F0-4CE1-B16D-D08D6FC8E516} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {FCF26027-4B4F-4DF2-8048-CAEC3ABDB226} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.)
Task: {FD5BFC95-5B38-42C2-ACF7-F0ECF9E3B8E2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FDF99E09-FC95-4738-9CD4-D12822C80E56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-01 09:07 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-22 00:07 - 2016-04-22 00:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:07 - 2016-04-22 00:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-03-03 17:47 - 2013-05-31 15:02 - 00099328 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2016-10-28 16:39 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-28 06:12 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2014-02-14 12:29 - 2014-02-14 12:29 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2014-02-13 18:18 - 2010-03-16 00:18 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2013-04-19 09:35 - 2013-04-19 09:35 - 00881480 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2016-09-26 15:38 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-28 06:12 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-12-10 09:25 - 2016-12-10 09:25 - 01678560 _____ () C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-11-09 19:45 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-17 22:16 - 2016-11-17 22:17 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 22:16 - 2016-11-17 22:17 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 22:16 - 2016-11-17 22:17 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-10-28 16:39 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2013-10-15 11:31 - 2013-10-15 11:31 - 00106496 _____ () C:\Program Files\BOINC\zlib1.dll
2016-05-11 23:39 - 2016-05-11 23:39 - 01088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2016-11-15 14:52 - 2016-11-15 14:52 - 12404960 _____ () C:\Program Files\Siber Systems\GoodSync\GoodSync-v9.exe
2014-09-30 01:51 - 2014-09-30 01:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2016-05-11 23:39 - 2016-05-11 23:39 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2016-11-15 14:52 - 2016-11-15 14:52 - 07942880 _____ () C:\Program Files\Siber Systems\GoodSync\gs-server.exe
2016-10-01 09:07 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-26 16:35 - 2016-09-26 16:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 19:45 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 19:44 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 19:44 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 19:44 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 19:44 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 19:44 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-31 19:59 - 2016-05-31 19:59 - 01600000 _____ () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-09-24 18:42 - 2015-11-17 14:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-06-27 13:05 - 2015-06-27 13:05 - 00028672 _____ () C:\Program Files (x86)\AK-NORD\AK-VirtualCom\AxInterop.VSPortLib.dll
2015-04-05 07:04 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-07 20:04 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-07 20:04 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-07 20:04 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-07 20:04 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-07 20:04 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-07 20:04 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-07 20:04 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:56 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-15 10:12 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-12-10 09:25 - 2016-12-10 09:25 - 01244376 _____ () C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2014-02-13 18:18 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-12-10 22:33 - 2016-10-29 00:50 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-12-02 22:54 - 2016-10-29 00:50 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-02 22:54 - 2016-10-29 00:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-02 22:54 - 2016-10-29 00:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-10 22:33 - 2016-10-29 00:50 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-10 22:33 - 2016-10-29 00:50 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-10 22:33 - 2016-11-28 15:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-10 22:33 - 2016-10-29 00:50 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 22:33 - 2016-10-29 00:51 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-02 22:54 - 2016-10-29 00:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-02 22:54 - 2016-10-29 00:53 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-10 22:33 - 2016-11-28 15:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-09 09:27 - 2016-10-29 00:52 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-10 22:33 - 2016-11-28 15:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 18:19 - 2016-11-28 15:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-02 22:54 - 2016-10-29 00:49 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-02 22:54 - 2016-11-28 15:16 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-02 22:54 - 2016-11-28 15:05 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-02 22:54 - 2016-11-28 15:16 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-02 22:54 - 2016-11-28 15:16 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-10 22:33 - 2016-10-29 00:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-02 22:54 - 2016-11-28 15:17 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-02 22:54 - 2016-10-29 00:56 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-02 22:54 - 2016-10-29 00:56 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-02 22:54 - 2016-11-28 15:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-10 22:33 - 2016-10-29 00:53 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-04-16 07:56 - 2016-11-28 15:17 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-09 09:27 - 2016-11-28 15:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-02 22:54 - 2016-11-28 15:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2014-02-11 13:33 - 2013-08-08 21:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-11 10:47 - 2016-12-11 10:47 - 00098816 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32api.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00110080 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\pywintypes27.dll
2016-12-11 10:47 - 2016-12-11 10:47 - 00364544 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\pythoncom27.dll
2016-12-11 10:47 - 2016-12-11 10:47 - 00320512 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32com.shell.shell.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00914432 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_hashlib.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 01176576 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._core_.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00806400 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._gdi_.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00816128 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._windows_.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 01067008 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._controls_.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00733184 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._misc_.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00682496 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\pysqlite2._sqlite.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00088064 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_ctypes.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00686080 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\unicodedata.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00119808 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32file.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00108544 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32security.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00007168 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\hashobjs_ext.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00017920 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\thumbnails_ext.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00088064 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\usb_ext.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00012800 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\common.time34.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00018432 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32event.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00167936 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32gui.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00046080 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_socket.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 01303552 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_ssl.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00128512 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_elementtree.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00127488 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\pyexpat.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00038912 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32inet.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00036864 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_psutil_windows.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00524248 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\windows._lib_cacheinvalidation.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00011264 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32crypt.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00123392 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._wizard.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00077312 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._html2.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00027648 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_multiprocessing.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00020480 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\_yappi.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00035840 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32process.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00078848 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\wx._animate.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00024064 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32pipe.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00010240 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\select.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00025600 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32pdh.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00017408 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32profile.pyd
2016-12-11 10:47 - 2016-12-11 10:47 - 00022528 ____R () C:\Users\Chris\AppData\Local\Temp\_MEI78962\win32ts.pyd
2016-10-27 12:35 - 2016-10-27 12:35 - 22825144 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-03 15:41 - 2016-05-03 15:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-01 00:36 - 2016-10-01 00:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 [200]
AlternateDataStreams: C:\ProgramData\TEMP:B3ED3AFF [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-24 17:50 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: ActivControl => 2
MSCONFIG\Services: TwonkyProxy => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TwonkyServer.lnk => C:\Windows\pss\TwonkyServer.lnk.CommonStartup
MSCONFIG\startupreg: ActivManager => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Chris\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKLM\...\StartupApproved\Run: => "InstallerLauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{FDFC4A65-4368-476A-AF0B-A9F05AFE00F9}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{70F778F0-0ED7-4950-8C56-D45247261EF6}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{32D5312A-1915-4FA1-A1EF-9EC603C03B99}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{28BD0502-2560-499E-BD79-94D95F6D655A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{56CFA0FE-C76F-47CA-9404-2961A4DD05C6}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6496E3DC-A871-444B-A7BA-280DCF4E6270}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B298FBB5-0DF0-42D8-AD78-6189A3BC4F2A}] => LPort=1900
FirewallRules: [{E8744C05-06FA-4BD4-8D41-8DED909E6DEF}] => LPort=2869
FirewallRules: [{210BE3C7-A10C-41EA-98DC-0FAC1E013518}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2DAF1A96-EF88-41D1-90F4-39994D8C8C81}] => C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{36D1F673-2BAC-4A86-BC34-4C51D3EAB299}] => C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{BD64D782-E616-4E2E-887A-BF33F9581C41}] => C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{B1186A25-E080-491D-BE7E-E7F7B134F891}] => C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe
FirewallRules: [{199D41DA-A13A-45C0-8096-5180295F4FCB}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B02EEDED-DD26-4E5C-8561-52C34160ADC6}] => C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe
FirewallRules: [{4B3C3410-A33B-4D16-AE32-2766D8974EF6}] => C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe
FirewallRules: [{18CD0A41-B660-4A3F-BFFB-D3BA6B20F5B6}] => C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{4314ECF5-ADD9-40E3-B71E-6BAC1C41EBF9}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{316C7C74-FCED-483D-91B4-523C1AC33CF3}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{87CB2900-DCC7-4B1E-91B7-9EAA3FA21D33}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C28CBE78-434B-4189-8B8C-3446BB415BC8}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAE3138D-FEA0-4535-AB7D-EA6E46B82A05}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5BB0E675-6DA9-419D-8F3D-1D349BF29D7E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5F334ECD-8481-48B6-86DC-97EFB2CDD91E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E309845C-1B36-4FD1-B1A0-20FEF36F86C6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C03A4D85-B5B6-4163-AAED-D92B72DAD52E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F7F0D25F-DE63-425E-B6D0-0FAC77CF8183}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD37C495-C1DC-4D80-9E4C-AA56F000B587}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF82E3FB-2C9B-4A40-ABEF-F1AD88DD71DE}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1174B74E-E4A8-4423-9C28-D3D549F1E163}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2860BF5E-FC21-474B-89DA-7BE82102FB3E}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{F17B068A-E39B-4D40-955E-B66E03274DAF}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{F1E198F8-9D99-40C4-B5F2-8A693638A34C}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{D7323C18-B3A5-4582-8558-2831CEEF8196}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{A5300B72-AFC8-4C82-B5B3-82E2B938EBCE}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{015E2CDC-5BF3-49E8-B5A9-B80CD29EB81E}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{8BE80EDF-C82F-410F-9AAD-8E57ED859838}] => C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{CF2550B5-9690-47B3-B7A0-D5D129592503}] => C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{22FCAA54-1523-4716-ABA3-A5757DBD1970}] => C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{0CECECD2-71C4-4451-BC77-D2836A59BD42}] => LPort=3
FirewallRules: [{C52578EF-8E5A-49DD-A039-283EECBF1FFB}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7AEA68DA-2252-4F5E-8076-85ACB5294B55}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F88D6433-5C95-4D37-8DF5-77EA668E2A9C}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0D3BBA8-B508-4046-93FC-12BC0A6E4D53}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AA5D992F-3889-4A48-8DDF-CA0DE60CC912}] => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{F81DA445-0A20-45FC-8F3C-0BE02B3ABB18}] => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{75F810B0-9358-4A39-B16B-DD2BB209AF4A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{52F524B0-350C-4400-A9C7-0C8C82AE7AD2}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D0CD440A-56B0-4B5B-B458-811AE41F1914}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DDEB8839-B6D4-4CA0-B5D5-E2C4663A4C1A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{264AA3EF-B977-473A-89FE-567E38CF0E96}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B22AC9C6-8EC1-49E5-8166-C7388636E032}] => C:\Program Files\Siber Systems\GoodSync\gs-server.exe
FirewallRules: [{98E91D1F-93C5-4905-A078-F6EE13BAAEAC}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

29-11-2016 06:53:42 Geplanter Prüfpunkt
08-12-2016 18:08:48 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/11/2016 10:53:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (12/11/2016 10:45:29 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (12/11/2016 10:31:27 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/11/2016 10:16:03 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/10/2016 07:26:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (12/10/2016 07:25:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (12/10/2016 07:24:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/10/2016 07:24:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\chris\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (12/10/2016 07:24:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (12/10/2016 07:24:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (12/11/2016 01:22:29 PM) (Source: NTFS) (EventID: 137) (User: )
Description: Auf dem Volume "Z:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (12/11/2016 10:41:19 AM) (Source: DCOM) (EventID: 10016) (User: CHRIS-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Chris-PC\Chris" (SID: S-1-5-21-2784361696-2099732649-3132497725-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/11/2016 10:20:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Kumulatives Update für Windows 10 Version 1607 für x64-basierte Systeme (KB3201845)

Error: (12/10/2016 07:26:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/10/2016 07:26:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys

Error: (12/10/2016 07:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/10/2016 07:26:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys

Error: (12/10/2016 07:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/10/2016 07:26:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys

Error: (12/10/2016 07:25:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1240 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16324.79 MB
Verfügbarer physikalischer RAM: 11414.2 MB
Summe virtueller Speicher: 32708.79 MB
Verfügbarer virtueller Speicher: 27183.46 MB

==================== Laufwerke ================================

Drive c: (Win7Prox64) (Fixed) (Total:222.69 GB) (Free:60.7 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:157.91 GB) NTFS
Drive g: (Work) (Fixed) (Total:238.47 GB) (Free:27.06 GB) NTFS
Drive z: () (Removable) (Total:0.01 GB) (Free:0.01 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 96F600A9)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 54ED8154)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 341E10E5)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka · 12.12.2016, 17:55

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

erebor · 12.12.2016, 18:40

Hier auch noch einmal ein fettes DANKE!

deeprybka · 12.12.2016, 19:00

Gerne.

12.12.2016, 19:00	#15
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Mögliche Root-Kit Infektion Trojan.Multi.ProxyChanger.gen Gerne. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Mögliche Root-Kit Infektion Trojan.Multi.ProxyChanger.gen

Plagegeister aller Art und deren Bekämpfung: Mögliche Root-Kit Infektion Trojan.Multi.ProxyChanger.gen