| |
| |||||||
Log-Analyse und Auswertung: Windows 7: PC ist auffällig langsamerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.12.2016, 22:22
| #1 |
 |  Windows 7: PC ist auffällig langsamer Hallo Trojaner Board, beim PC-Spielen ist mir das spiel eingefroren, die Hintergrundprogramme liefen weiter. Allerdings stellte ich auch bei Videos und Bildern sowie beim erneuten Start des Spiels ein sehr langsamen aufbau fest. Da ich in den letzten 5 Tagen nicht zuhause war weiß ich auch nicht genau was passiert sein soll. Im Ereignis Manager waren zuwenige Fehler um auf Hardware zu schließen, er wurde in der Zeit auch nur 2 mal von meiner Familie genutzt. Da es das erste mal seit fast 500 Stunden ist das dieses Spiel sich 2 mal einfriert oder "lagt" und allgemein Anwendungen sehr langsam ausgeführt werden würde ich Sie bitten mir zu helfen und nach möglichen Viren zu suchen. Bisher habe ich mit S&D (Free Version) nur im Tiefenscan Rootkits gefunden. AVG (Free) ist noch nicht durch. Den Farbar Scann habe ich wie lt. Forum gebeten auch durchgeführt und den Log angehangen. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Lauritz (28-12-2016 20:42:00)
Gestartet von C:\Users\Lauritz\Downloads
Windows 7 Professional Service Pack 1 (X64) (2012-10-13 12:29:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2922099021-443059803-3302965599-500 - Administrator - Disabled)
Gast (S-1-5-21-2922099021-443059803-3302965599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2922099021-443059803-3302965599-1009 - Limited - Enabled)
Lauritz (S-1-5-21-2922099021-443059803-3302965599-1000 - Administrator - Enabled) => C:\Users\Lauritz
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version: - Triumph Studios)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle Realms (HKLM-x32\...\{9AA761E6-CA51-4FF2-A552-D51638BF0595}) (Version: 0.10.000 - Liquid Entertainment)
Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version: - )
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Capitalism 2 (HKLM-x32\...\Capitalism 2_is1) (Version: - GOG.com)
Capitalism II (nur deinstallation) (HKLM-x32\...\Capitalism II) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Conquest of Elysium 3 (HKLM\...\Steam App 211900) (Version: - Illwinter Game Design)
Conquest of Elysium 4 (HKLM\...\Steam App 403950) (Version: - Illwinter Game Design)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version: - GSC Game World)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Democracy 3 (HKLM\...\Steam App 245470) (Version: - Positech Games)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Endless Space (HKLM-x32\...\Steam App 208140) (Version: - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
EVE Online (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{4c47d6a1-0c58-4e9b-8cf8-216262d26f37}) (Version: 1.0.0 - CCP)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.1.0 - battleclinic.com) <==== ACHTUNG
Evil Genius (HKLM-x32\...\Steam App 3720) (Version: - Elixir Studios)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Forged Alliance Forever (HKLM-x32\...\{EF37C7C0-1281-4452-8A3F-D71215478D63}) (Version: 240.10.122 - FAF Community)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version: - Edge Case Games Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version: - Robotronic Games)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version: - Paradox Development Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2) (Version: version 2.0a - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.2.15 (HKLM-x32\...\{3320748F-375E-4A80-BD48-EC42124FB502}) (Version: 1.2.15 - Thorvald Natvig)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Pirates of the Caribbean (HKLM-x32\...\{C388D147-CCBA-411C-B9FC-2CC1B4EFB240}) (Version: - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Planetbase (HKLM-x32\...\Steam App 403190) (Version: - Madruga Works)
Port Royale 3 (HKLM\...\Steam App 205610) (Version: - Gaming Minds)
Project AURA (HKLM\...\Steam App 305940) (Version: - Pixel Quality Games)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PULSAR: Lost Colony (HKLM-x32\...\Steam App 252870) (Version: - Leafy Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Seven Kingdoms 2 HD (HKLM\...\Steam App 338800) (Version: - Enlight Software Limited)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SRWare Iron (64-Bit) Version 48.2550.2 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 48.2550.2 - SRWare)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version: - Star Gem Inc.)
Star Ruler (HKLM-x32\...\StarRuler) (Version: - )
Star Ruler 2 (HKLM-x32\...\Steam App 282590) (Version: - Blind Mind Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellaris (HKLM\...\Steam App 281990) (Version: - Paradox Development Studio)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0001 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Thea: The Awakening (HKLM\...\Steam App 378720) (Version: - MuHa Games)
Unity Web Player (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.409.46933 - Vodafone)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WordPerfect Office X3 (HKLM-x32\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version: - Corel Corporation)
WordPerfect Office X3 (x32 Version: 13.3 - Corel Corporation) Hidden
World of Tanks (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version: - Firaxis)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1CA8BBF8-D4C7-42A4-B9E4-42CB660E22A8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {2328C447-D3E6-452B-87F9-9EE1E62A4363} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2D1EC2C2-2DE7-44E3-A2C8-8CA22899DCD0} - System32\Tasks\{BA7EFF60-8789-4118-A88C-2358E2C1CEF7} => pcalua.exe -a D:\HDRII\EP1\EAUninstall.exe
Task: {337F6073-AF3B-4041-A1E2-360F21C9D657} - System32\Tasks\{37BDD613-C6FA-476D-9F6B-0D761860DBF2} => pcalua.exe -a D:\HDRII\EAUninstall.exe
Task: {4F5346FE-3B0F-4162-8D5D-5D4D49517DEA} - System32\Tasks\{02E7FDDD-7C7A-4696-8E9F-71C30DFEFF6B} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/105430
Task: {6440EA78-AF98-4591-B84E-B8859C5D18BA} - System32\Tasks\{62C6544D-7998-4493-9DE7-6498D76BC5B1} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {6A85DDF2-94BD-4F8E-BECA-17699438BEBC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {733182AF-2FF2-441C-982F-8A8769EFFDCB} - System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23} => Chrome.exe hxxps://ui.skype.com/ui/0/7.30.80.105/de/abandoninstall?page=tsMain
Task: {78356296-813B-4DAF-A3CE-124F5844CA93} - System32\Tasks\{FC6FACA1-9ECD-412C-9E32-0050FE7386B9} => pcalua.exe -a D:\PlanetSide2\Uninstaller.exe
Task: {7E6D8B7A-4C49-4A0C-824C-FE012F75C383} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {8BFCD73A-2B3F-4460-AE44-8BC7FE9F502A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AB73DEAA-DDED-439D-801C-214D922BF39D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {AF731C36-4DAC-43E7-963B-A431A84F7D32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-07] (Adobe Systems Incorporated)
Task: {B0B61FC4-E05F-4262-87F7-688AF5DBB856} - System32\Tasks\{31C26874-D94B-4972-8561-BC0923796AD2} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {BA2D7491-0897-4A20-AE28-2632701CFF54} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {BA65C212-7CA6-4723-864D-03D055E04489} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {C8690BF7-AED1-4CDB-84BC-75C49827CDE6} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
Task: {DACD9C03-531E-428C-8D3D-7A51F8FD7B31} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {E22041C3-3C39-4683-B76D-4826B0A998F7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {E6724815-6F5B-44EC-AEC8-7E9FFEF3DC5E} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {F86498AF-5BC8-424E-A3DF-BB28882EA2C8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Lauritz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\876c1f0956c85873\Chromium.lnk -> C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> --profile-directory="Profile 1"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-18 17:31 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-13 13:53 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-03-16 19:27 - 2016-03-11 15:31 - 02576984 _____ () C:\Program Files\SRWare Iron (64-Bit)\libglesv2.dll
2016-03-16 19:27 - 2016-03-11 15:31 - 00093784 _____ () C:\Program Files\SRWare Iron (64-Bit)\libegl.dll
2013-03-12 17:10 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 10:49 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 17:35 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-04-12 11:44 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-12 11:44 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-12 11:44 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2016-11-28 12:53 - 2016-11-28 12:53 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-12-13 11:21 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-01-20 07:18 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2012-10-13 13:53 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-12 11:44 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-12 11:44 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-04-12 11:44 - 2014-04-25 13:11 - 02972112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:A70A8BB0 [284]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7924 mehr Seiten.
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7924 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-28 20:30 - 00453906 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15574 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lauritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3525630A-4038-4DA1-8B14-B1BA07B4A112}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE1F95C1-FE21-4BD8-B1EF-3C3B97F569C2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A054DEDA-1F95-46C5-B435-0E8BB91AAB2C}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4BEB620E-9F8B-4A5F-AD92-663E50414585}D:\world_of_tanks\wotlauncher.exe] => D:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B4883DF9-41FF-4A6B-9D9F-3F04E79BC86A}D:\world_of_tanks\wotlauncher.exe] => D:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1A91BAD5-54D2-45CE-B7CF-22F04942A28D}D:\world_of_tanks\worldoftanks.exe] => D:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{2B41D176-6C18-44C8-953F-7CB1DAFE7322}D:\world_of_tanks\worldoftanks.exe] => D:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{73AEEE84-7816-427D-9BD8-C5322DA10A25}C:\program files (x86)\star ruler\starruler.exe] => C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [UDP Query User{D9F68E51-CDFE-4084-8D7A-F9902E5B1B16}C:\program files (x86)\star ruler\starruler.exe] => C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [TCP Query User{5132D057-4F65-41C8-80FD-2BCCE9254C80}D:\eve online\bin\exefile.exe] => D:\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{8E9CA187-C958-440F-92BB-86E1F5EBE698}D:\eve online\bin\exefile.exe] => D:\eve online\bin\exefile.exe
FirewallRules: [TCP Query User{64A58C25-74DC-4CC5-88A4-51D4C8CE0465}D:\anno171\anno1701.exe] => D:\anno171\anno1701.exe
FirewallRules: [UDP Query User{0053AE60-FB63-4AFD-BEB7-44D7F3C7F87A}D:\anno171\anno1701.exe] => D:\anno171\anno1701.exe
FirewallRules: [{79063EC3-D32F-4609-BA3C-5C6204A378D2}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{11DE37C0-7DEF-4B67-BD6F-1E0173797F95}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{2C78A0C5-39C2-4EB5-B470-6787181B3067}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{369A8CFD-43A6-428F-8F1D-589F4E461759}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{6D59CFA9-DFC8-4DAD-8A15-C05E013E9BE8}] => C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{D35B639C-E5D8-4238-92C8-D88A98B1C8CD}] => C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{2FE5F5E8-21E6-40DD-BB2D-6F39C9D307FF}] => C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [{882484F6-FA56-4C13-98D2-8BDE5B124365}] => C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [TCP Query User{165E54D3-C6F1-4741-B546-FFFC4E29EB99}C:\programdata\faforever\bin\forgedalliance.exe] => C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [UDP Query User{7D79CDF4-55A3-4FCF-87AA-1D49879BCEC3}C:\programdata\faforever\bin\forgedalliance.exe] => C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [TCP Query User{FF529BB4-7C9B-4596-B876-6840D87437FF}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{24A79DAB-AC2F-4C5D-8C44-53457662FA7B}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{1DE14345-D221-44C4-927E-8915EBDC7B0C}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8C3DC567-10EE-413A-A775-E11810F84692}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{FE6DC594-F56A-44B5-8857-BBD1921EA6BE}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{87578C7C-5CCB-4820-A53A-EA284A55B822}] => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{7F094403-C09D-4FF8-84AB-024000AB740B}] => LPort=80
FirewallRules: [{13455699-4A60-4268-A195-8156A81F90CF}] => LPort=443
FirewallRules: [{6F6C0479-487A-4AEB-80C2-F07A64CE7406}] => LPort=20010
FirewallRules: [{2E9328CF-89A4-466D-A07C-C8D50FD431F3}] => LPort=3478
FirewallRules: [{BEC6AC26-105D-4ED8-B759-09B432CD9F01}] => LPort=7850
FirewallRules: [{4F1FE10F-F708-40DE-8194-29E955599F65}] => LPort=27022
FirewallRules: [{A1FEE9DF-46B5-4427-803E-5473AA8B14F6}] => LPort=6881
FirewallRules: [{63BA6F08-A43D-4E05-B9AA-3FFDF63A65BF}] => LPort=33333
FirewallRules: [{90F34B83-0226-4C4D-B0EB-08F80DB47615}] => LPort=20443
FirewallRules: [{88299BA2-7499-492C-B6FA-39FC248B0927}] => LPort=8090
FirewallRules: [{5A366660-B3A9-4F3B-9FD8-E8C28DB2C0EB}] => C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{E9164DB0-ACB1-4C50-9D79-3356840DEAC8}] => C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{FB745F0E-6CB3-493B-A67F-DA62816A9847}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67DD86DB-9070-4AE6-BF7A-FC2F64E5C5B2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28FC892-C944-4799-A751-E9A912E53383}] => C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EC27BAA6-6D71-4D21-B93E-4B9CE0220E00}] => C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{7BBB4B05-1A23-45F0-B3E9-DDE3ACBFDC45}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{64F90C6B-8DF0-4B73-B60C-73502AC5762B}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [{F65F83C4-E4AF-4E46-A859-11C6B5A123C0}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A7DC8388-128D-411A-A393-964948DDDA54}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{17757A13-4720-4CCD-8708-54F879C3E4C9}] => D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{81D9EFF7-14A2-4C1D-A52A-3286026B729D}] => D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5B033B21-4FBF-4990-940E-8FA557BF284D}] => D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{3DFF6BFE-1E66-440A-8D21-80C9867C8289}] => D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{BEBB5B2A-A4FE-445A-BD53-7516AAF12958}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B3C16A45-B465-40CF-A310-14D6D8544EC4}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{33C63DA3-27BC-4ABB-BC1C-2BC556D8C2CC}] => D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{661A20FA-0891-4694-9CB4-7081E008B9A9}] => D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [TCP Query User{4885F550-D1A7-48E6-9F2D-C3F444A36484}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [UDP Query User{01826DC1-531C-47ED-8C99-061E337F951F}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [{81F653ED-30F5-459C-BDF7-B797BB43BD31}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{50B022D9-07C7-46AF-97E6-B3ABD881A638}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{C4E340E7-FE79-4C2D-9029-FC4E85871471}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{87AE0554-1480-43C1-957B-A3D0CDCCF464}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{6F224CAE-EEB6-467D-BA7B-CD509E52CA77}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{258F7346-3DBD-403A-A60D-0085524EF75B}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{8ACA1C8F-8910-41D2-AA1B-156A3686DD7B}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{31E17DBD-7450-42BB-A908-B366189C1069}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [TCP Query User{5CF52E34-10DF-4486-9A3C-C93E4349617E}D:\eve test\bin\exefile.exe] => D:\eve test\bin\exefile.exe
FirewallRules: [UDP Query User{C0632904-AB4B-4604-9794-C17929791001}D:\eve test\bin\exefile.exe] => D:\eve test\bin\exefile.exe
FirewallRules: [{AEDCABFF-6C8C-4EC8-A2C6-3F9D8AAC6E60}] => D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{A5D27DCA-B050-417A-B0CE-96B05374332B}] => D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{728C2563-F377-46BD-9720-CA49545D29A8}] => D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{049CBADA-9726-4115-B315-D1BBA4BB4471}] => D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{B82976CC-4D75-45E2-B585-87E2C5C6E895}] => D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [{67F59D19-6F28-4A34-BD83-96C9FE22A39E}] => D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{A66F55DD-678B-4745-94DB-FBE063BEA500}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{2E1EDA66-F54C-4215-96E0-48C54E37BA42}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{6EB2C5A9-0078-4002-8374-95AEF3950B25}] => D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{29CF51ED-505C-4803-BD72-5840A2BF3AE0}] => D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{B268E636-E6DD-4B5C-8292-A619AFF0D449}] => D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{9E4FE6CD-4748-442E-BE13-FDE5E51D4D81}] => D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{6545200B-D399-419C-AE47-BD310CAFF706}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{4F3D9125-81BD-4521-AF7B-82683A0E4F7E}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{AB1629DC-65FB-45AF-BF30-A640F4E604BB}] => D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{CD394664-A4B4-4221-9A4C-850708DFBF3C}] => D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [TCP Query User{16E5ECC8-E241-4C67-8130-0581BC3FF300}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{87735BB3-28FC-4A9E-8DFB-C53D11BC5DCB}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{96CC5490-34B7-42C0-A395-A1A4351E9674}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{611DE6F4-D6F4-41AD-912B-4B60D2EB37C2}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{27C6D0CC-AA3A-44E8-B3D8-94FB961E420D}] => D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [{455A754F-9ED1-4CFB-9172-7F08E27D45C1}] => D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [TCP Query User{25652C2E-F1EA-4AF4-8D02-119B20FBC5B1}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{337327AF-1C04-4E9F-BFF0-6C0C9A6F571C}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{4586FD53-0545-4E21-AF9F-AFBC84778177}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [UDP Query User{605DF62E-D495-4172-9867-775AD6DCFF3E}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [{3052BF56-A71B-44DF-9B5B-96E8BD796720}] => D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{07CCCFB8-3179-4EB7-B1D1-899C344073C2}] => D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{C283F350-165D-41CB-B179-E3C57A63D50F}] => D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{D029A56B-E110-436A-ACC6-68EFD3628378}] => D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{B60573CB-4959-49B3-BED4-A6134D99D621}] => D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{E61A2755-1C64-4465-B933-3F8C2D8D9781}] => D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{496BDC9A-B6E5-48E2-B473-6748198DFD11}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{1B23D3C4-556A-4BF5-A5A6-C58C1121E450}] => D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{C60CC3AF-3573-4793-A84B-5A7DC321D718}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [UDP Query User{AA8AF4EE-5F9F-4B77-9C9B-39A213EB0160}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [TCP Query User{30A3F1D6-676A-4FEE-AE6F-C3E36EF18964}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{4A49306D-24EF-4BE6-9646-005110C4D15E}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{FAC251DA-7DC8-47CF-83F7-70C4736B7BF8}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{25E12715-FDCF-4AA8-916D-6F6C14450166}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{643F5760-CC57-46B0-A9AE-383DF3C910C4}] => D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{D2CBEB52-1236-423D-A4B6-F421562DA611}] => D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{588B24E7-4285-4438-9D20-88FED1C77B95}] => D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{FA4380EF-610F-4958-BF9D-EC9947C5A0D2}] => D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{42D08151-42D4-4CA9-A38F-55D8FBCAFDAF}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{4792A8DF-85BC-40EB-8415-79F7C4E664C4}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{96B68FD9-AA35-48B1-92FA-AF006BF45BF7}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{22D48B7B-F53D-4AE2-99FD-874F8C77439A}] => D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{1E090DD7-0BD3-4851-8065-84A2D66DF08F}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{68C25AAE-A925-449D-8E85-4F23A8C9842B}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [TCP Query User{5A819A13-965B-4BC8-AA48-44F6C99C6337}D:\eve\sharedcache\tq\bin\exefile.exe] => D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{52111DC9-FC00-4D01-9535-649DEBD968AE}D:\eve\sharedcache\tq\bin\exefile.exe] => D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{ABE4C9A0-BBEB-4BA4-BCAF-50982DF45032}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F4E9BAE7-11E9-4457-9367-2D297456093F}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2FF99247-3D1A-4100-9C91-B62BF7A29EDE}] => D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{F97D8E2D-0D85-47D8-A1ED-4312164571A8}] => D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{EA0F917E-CD4C-4E0F-9876-0C9CE4D4D44A}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{71358049-DF66-4E8A-91C2-50CB285071DF}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{1F2CD0F0-9D78-4991-93E2-4CAC962F5993}] => D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{9665F274-E12D-479C-892D-DED6AACB8EC6}] => D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A48A080-E8CE-48E9-8870-19D099A7BB48}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{EE3F296C-20C8-4481-9259-E96AF41D9210}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{F3BDC4CE-09F0-4B6B-AADA-8433B44D8C48}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{DD967720-A505-4A03-AB01-5E28F690D581}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{2134553F-60B9-4A6F-BE40-6476FF122012}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{124204E2-2440-4C3E-AFBA-687ED0A10DD3}] => D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{6CD9EA87-4346-4DC2-9436-766EF704371F}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{D773CF05-81FD-4946-B5DF-8DC702470628}] => D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{47D8A7BC-BB55-46F4-847A-4C0A80C0FF3B}] => C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C2D8725A-E936-4D61-8A97-2EE36FBF607E}] => C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{76A16BF0-2535-43EE-AF51-470D66DBD8DB}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{23FF5B09-6085-4895-A10C-317E3A328A63}] => D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{72AFA9A7-7EA2-4BFE-B4F9-7D0FAF3A6D57}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FCC03A1B-03CF-4BEA-91A2-E03C6FE794BF}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B37515D0-0248-49C0-A81D-93666DC4AF7B}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E96B7DB4-85CA-4C18-93C2-1B81DABA92DC}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{885685D8-B0BE-40AE-AD73-486B0C381C07}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6F80B370-1CFE-461C-A1D6-396B0DE93DD3}] => D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
06-11-2016 19:39:54 Geplanter Prüfpunkt
10-11-2016 00:48:53 Windows Update
12-11-2016 12:48:22 Installed AVG 2016
12-11-2016 12:49:58 Installed AVG
19-11-2016 16:30:02 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
19-11-2016 17:03:22 Windows Update
01-12-2016 04:40:03 Geplanter Prüfpunkt
11-12-2016 00:49:11 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
11-12-2016 00:50:00 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
11-12-2016 00:50:23 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
11-12-2016 00:51:34 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
13-12-2016 16:26:51 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:28:22 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:30:54 DirectX wurde installiert
14-12-2016 13:45:34 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/28/2016 07:57:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1dd4
Startzeit: 01d2613b939ec2d6
Endzeit: 3
Anwendungspfad: C:\Windows\system32\mmc.exe
Berichts-ID: 7e760e4b-cd2f-11e6-b90a-bc5ff4450f04
Error: (12/28/2016 07:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b54
Startzeit: 01d2613a25a06fee
Endzeit: 186
Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (12/28/2016 07:41:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: eac
Startzeit: 01d26132791a92a6
Endzeit: 252
Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (12/28/2016 07:02:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c00
ID des fehlerhaften Prozesses: 0x19f8
Startzeit der fehlerhaften Anwendung: 0x01d2613078df23ac
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: c024926d-cd27-11e6-b90a-bc5ff4450f04
Error: (12/28/2016 06:30:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/26/2016 01:59:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/22/2016 07:59:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/21/2016 06:25:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/21/2016 02:15:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/20/2016 01:51:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (12/28/2016 07:39:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (12/28/2016 06:31:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/28/2016 06:31:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (12/28/2016 06:30:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/28/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/28/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (12/28/2016 06:29:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/26/2016 03:05:58 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/26/2016 03:05:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/26/2016 02:05:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
CodeIntegrity:
===================================
Date: 2012-10-13 16:48:13.632
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-13 16:48:13.621
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-13 16:48:13.337
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-13 16:48:13.328
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 8079.21 MB
Verfügbarer physikalischer RAM: 3209.24 MB
Summe virtueller Speicher: 16156.6 MB
Verfügbarer virtueller Speicher: 12328.28 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:150.98 GB) (Free:26.82 GB) NTFS
Drive d: () (Fixed) (Total:176.27 GB) (Free:26.98 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 429D211B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=176.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================
Geändert von cosinus (29.12.2016 um 12:07 Uhr) Grund: CODE-Tags |
|
29.12.2016, 12:09
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7: PC ist auffällig langsamer Hi
__________________1. Wenn Logs gepostet werden nimmt man nicht einfach irgendwelche Tags, sondern immer CODE-Tags 2. Wo ist das andere FRST-Log? 3. Das ist warum genau ein Viren/Malwareproblem? Wenn es keine Funde gab? Wenn es doch Funde gab musst du auch die Logs dazu posten!
__________________ |
|
29.12.2016, 19:36
| #3 |
| | Windows 7: PC ist auffällig langsamer Hi
__________________1. Hab ich es weder gelesen noch wusste ich welche form ihr nutzt daher so. 2. Habe es hinzugefügt 3. Ich bat Trojanerboard um Hilfe mir bei der Suche zu helfen, die ganzen Suchsoftwaren sind viel zu kompliziert für mich um raus zu finden ob ich noch einen Virus im System habe oder nicht. Mich beunruhigt es zur zeit sehr das mein PC von einem mal auf das andere normale Spiele nicht mehr ruhig laufen lassen kann. Das eine Internetseite 10 statt 1 Sekunde zum laden braucht und das ich Bilder auf der Festplatte von oben nach unten aufbauen sehe statt sofort. Mit dem Rootkitscan von S&D habe ich ein paar Funde gehabt. Code:
ATTFilter // info: Rootkit removal help file
// copyright: (c) 2008-2016 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"No admin in ACL","C:\Windows\SysWOW64\KGyGaAvL.sys"
File:"No admin in ACL","C:\Windows\System32\KGyGaAvL.sys"
File:"Unknown ADS","C:\Users\Lauritz\Documents\My Games\Star Ruler\Saves\3:53.srs.tmp:$DATA"
File:"No admin in ACL","C:\ProgramData\GFACE"
File:"No admin in ACL","C:\ProgramData\GFACE\cookie"
File:"No admin in ACL","C:\ProgramData\GFACE\LogBackups"
File:"No admin in ACL","C:\ProgramData\GFACE\plugin.log"
File:"No admin in ACL","C:\ProgramData\GFACE\LogBackups\20150212_121633_plugin.log"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\1ce9561ce9476e.dat:13626a2e-5ba6-4105-8fd6-fe4c9d887c46:$DATA"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\1ce9561ce9476e.dat:696cd62f-302a-487f-833a-7311c7fa9f45:$DATA"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\3ebaee35baede8fb.dat:60668b04-e7d5-4620-bc74-8677fd839925:$DATA"
File:"Unknown ADS","C:\ProgramData\AVG\AV\chjw\3ebaee35baede8fb.dat:c808c531-1db2-460f-be75-90371637b84f:$DATA"
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Lauritz (Administrator) auf LAURITZ-PC (28-12-2016 20:41:14)
Gestartet von C:\Users\Lauritz\Downloads
Geladene Profile: Lauritz (Verfügbare Profile: Lauritz)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\SRWare Iron (64-Bit)\chrome.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE [83568 2007-01-02] (Corel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [78336 2013-10-24] (Vodafone)
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1893888 2013-10-24] (Vodafone)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\MountPoints2: {d68dae76-f34e-11e5-9414-bc5ff4450f04} - F:\setup_vmb_lite.exe /checkApplicationPresence
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-08-19] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [S-1-5-21-2922099021-443059803-3302965599-1000] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-2922099021-443059803-3302965599-1000] => localhost:21320
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0B4D4C20-18BD-4408-9CB9-3057CC20671C}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{832F46A1-9D7F-4D45-BCE9-305835DBF76A}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F20DF787-928C-4819-8EE5-12762BEBDD1A}&mid=93a2dbd153dc47d0a8576d16b2a1e6f7-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&coid=avgtbavg&cmpid=0516av&pr=fr&d=2016-04-26 16:48:53&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> Kein Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2922099021-443059803-3302965599-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lauritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-28] (Unity Technologies ApS)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-10-24] (Vodafone) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-10-13] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-10-13] ()
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2016-06-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-28 20:41 - 2016-12-28 20:41 - 00013902 _____ C:\Users\Lauritz\Downloads\FRST.txt
2016-12-28 20:38 - 2016-12-28 20:38 - 02420736 _____ (Farbar) C:\Users\Lauritz\Downloads\FRST64.exe
2016-12-19 18:52 - 2016-12-19 18:52 - 00003074 _____ C:\Windows\System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23}
2016-12-14 13:20 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 13:20 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 13:20 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 13:20 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 13:20 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 13:20 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 13:20 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 13:20 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 13:20 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 13:20 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 13:20 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 13:20 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 13:20 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 13:20 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 13:20 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 13:20 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 13:20 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 13:20 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 13:20 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 13:20 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 13:20 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 13:19 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 13:19 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 13:19 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 13:19 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 13:19 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 13:19 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 13:19 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 13:19 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 13:19 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 13:19 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 13:19 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 13:19 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 13:19 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 13:19 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 13:19 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 13:19 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 13:19 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 13:19 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 13:19 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 13:19 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 13:19 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 13:19 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 13:19 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 13:19 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 13:19 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 13:19 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 13:19 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 13:19 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 13:19 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 13:19 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 13:19 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 13:19 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 13:19 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 13:19 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 13:19 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 13:19 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 13:19 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 13:19 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 13:19 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 13:19 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 13:19 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-07 16:18 - 2016-12-07 16:18 - 00000221 _____ C:\Users\Lauritz\Desktop\Borderlands 2.url
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 01:44 - 2016-11-28 01:44 - 00000222 _____ C:\Users\Lauritz\Desktop\Age of Wonders III.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-28 20:41 - 2015-01-07 00:44 - 00000000 ____D C:\FRST
2016-12-28 20:32 - 2012-10-13 16:03 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\Skype
2016-12-28 20:28 - 2015-04-12 11:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-28 20:06 - 2016-09-23 18:53 - 00000000 ____D C:\Users\Lauritz\Desktop\backups
2016-12-28 20:06 - 2012-10-31 18:41 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\TS3Client
2016-12-28 19:42 - 2012-10-29 16:29 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-28 18:43 - 2016-11-12 12:45 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-28 18:41 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-28 18:41 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-28 18:35 - 2013-01-13 22:07 - 00000000 ____D C:\ProgramData\MFAData
2016-12-28 18:29 - 2012-12-18 17:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-28 18:29 - 2012-10-13 13:53 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-12-28 18:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-22 20:54 - 2012-11-06 22:27 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\vlc
2016-12-20 17:47 - 2012-10-13 13:53 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-12-18 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-18 01:39 - 2016-03-22 21:40 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-15 19:07 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-15 19:07 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-15 19:07 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 19:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-15 19:01 - 2009-07-14 05:45 - 00483768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 13:55 - 2013-08-15 11:53 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 13:53 - 2012-10-13 15:30 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 13:51 - 2013-04-25 06:52 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 20:06 - 2015-02-19 19:36 - 00000000 ____D C:\Users\Lauritz\AppData\Local\Steam
2016-12-13 16:32 - 2012-11-05 08:18 - 00000000 ____D C:\Users\Lauritz\Documents\My Games
2016-12-11 00:52 - 2014-04-14 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-10 17:11 - 2016-04-06 02:05 - 00000000 ____D C:\Users\Lauritz\Documents\Project Aura
2016-11-30 14:33 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-28 12:57 - 2016-11-12 12:46 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-28 12:57 - 2016-11-12 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-28 10:09 - 2016-11-18 19:12 - 00000961 _____ C:\Users\Lauritz\Desktop\OpenTTD.lnk
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-14 13:08
==================== Ende von FRST.txt ============================
|
|
29.12.2016, 19:43
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: PC ist auffällig langsamer+++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Spybot ist unnötiger Schrott, daher => deinstallieren AVG auch deinstallieren. Das Teil können wir einfach nicht guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.12.2016, 20:17
| #5 |
| | Windows 7: PC ist auffällig langsamer S&D sowie AVG deinstalliert |
|
29.12.2016, 20:27
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: PC ist auffällig langsamer 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Windows 7: PC ist auffällig langsamer |
|
29.12.2016, 21:44
| #7 |
| | Windows 7: PC ist auffällig langsamer Hallo, danke für den Lesestoff (schuldig) mbar scann: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.12.29.06
rootkit: v2016.11.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Lauritz :: LAURITZ-PC [administrator]
29.12.2016 20:33:47
mbar-log-2016-12-29 (20-33-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 296804
Time elapsed: 29 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 21:42:16.0033 0x0ab0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
21:42:17.0443 0x0ab0 ============================================================
21:42:17.0443 0x0ab0 Current date / time: 2016/12/29 21:42:17.0443
21:42:17.0443 0x0ab0 SystemInfo:
21:42:17.0443 0x0ab0
21:42:17.0443 0x0ab0 OS Version: 6.1.7601 ServicePack: 1.0
21:42:17.0443 0x0ab0 Product type: Workstation
21:42:17.0443 0x0ab0 ComputerName: LAURITZ-PC
21:42:17.0443 0x0ab0 UserName: Lauritz
21:42:17.0443 0x0ab0 Windows directory: C:\Windows
21:42:17.0443 0x0ab0 System windows directory: C:\Windows
21:42:17.0443 0x0ab0 Running under WOW64
21:42:17.0443 0x0ab0 Processor architecture: Intel x64
21:42:17.0443 0x0ab0 Number of processors: 4
21:42:17.0443 0x0ab0 Page size: 0x1000
21:42:17.0443 0x0ab0 Boot type: Normal boot
21:42:17.0443 0x0ab0 CodeIntegrityOptions = 0x00000001
21:42:17.0443 0x0ab0 ============================================================
21:42:18.0553 0x0ab0 KLMD registered as C:\Windows\system32\drivers\48836481.sys
21:42:18.0553 0x0ab0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
21:42:18.0893 0x0ab0 System UUID: {BAD5DD2B-D527-3FF0-386E-C9170A215125}
21:42:19.0193 0x0ab0 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 ( 335.35 Gb ), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:42:19.0193 0x0ab0 ============================================================
21:42:19.0193 0x0ab0 \Device\Harddisk0\DR0:
21:42:19.0193 0x0ab0 MBR partitions:
21:42:19.0193 0x0ab0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:42:19.0193 0x0ab0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x12DF4000
21:42:19.0193 0x0ab0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12E26800, BlocksNum 0x1608C800
21:42:19.0193 0x0ab0 ============================================================
21:42:19.0223 0x0ab0 C: <-> \Device\Harddisk0\DR0\Partition2
21:42:19.0263 0x0ab0 D: <-> \Device\Harddisk0\DR0\Partition3
21:42:19.0263 0x0ab0 ============================================================
21:42:19.0263 0x0ab0 Initialize success
21:42:19.0263 0x0ab0 ============================================================
21:42:25.0600 0x0d94 ============================================================
21:42:25.0600 0x0d94 Scan started
21:42:25.0600 0x0d94 Mode: Manual; SigCheck; TDLFS;
21:42:25.0600 0x0d94 ============================================================
21:42:25.0600 0x0d94 KSN ping started
21:42:25.0750 0x0d94 KSN ping finished: true
21:42:26.0960 0x0d94 ================ Scan system memory ========================
21:42:26.0960 0x0d94 System memory - ok
21:42:26.0960 0x0d94 ================ Scan services =============================
21:42:27.0110 0x0d94 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:42:27.0150 0x0d94 1394ohci - ok
21:42:27.0260 0x0d94 [ 6CE02D42183CDF31315F208AE35F153F, 89ABA07D48FADF2CFA2A5C9390479B3436229DA4C0082B0EE4B27D66D3AB3B4F ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
21:42:27.0290 0x0d94 acedrv11 - ok
21:42:27.0320 0x0d94 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:42:27.0330 0x0d94 ACPI - ok
21:42:27.0360 0x0d94 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:42:27.0370 0x0d94 AcpiPmi - ok
21:42:27.0490 0x0d94 [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:42:27.0510 0x0d94 AdobeARMservice - ok
21:42:27.0560 0x0d94 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:42:27.0570 0x0d94 adp94xx - ok
21:42:27.0630 0x0d94 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:42:27.0640 0x0d94 adpahci - ok
21:42:27.0660 0x0d94 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:42:27.0680 0x0d94 adpu320 - ok
21:42:27.0720 0x0d94 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:42:27.0730 0x0d94 AeLookupSvc - ok
21:42:27.0770 0x0d94 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
21:42:27.0800 0x0d94 AFD - ok
21:42:27.0830 0x0d94 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:42:27.0840 0x0d94 agp440 - ok
21:42:27.0860 0x0d94 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:42:27.0860 0x0d94 ALG - ok
21:42:27.0910 0x0d94 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:42:27.0920 0x0d94 aliide - ok
21:42:27.0960 0x0d94 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:42:27.0970 0x0d94 amdide - ok
21:42:28.0000 0x0d94 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:42:28.0010 0x0d94 AmdK8 - ok
21:42:28.0030 0x0d94 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:42:28.0050 0x0d94 AmdPPM - ok
21:42:28.0080 0x0d94 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:42:28.0090 0x0d94 amdsata - ok
21:42:28.0110 0x0d94 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:42:28.0120 0x0d94 amdsbs - ok
21:42:28.0130 0x0d94 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:42:28.0140 0x0d94 amdxata - ok
21:42:28.0190 0x0d94 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
21:42:28.0200 0x0d94 AppID - ok
21:42:28.0240 0x0d94 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:42:28.0260 0x0d94 AppIDSvc - ok
21:42:28.0310 0x0d94 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
21:42:28.0330 0x0d94 Appinfo - ok
21:42:28.0360 0x0d94 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:42:28.0380 0x0d94 AppMgmt - ok
21:42:28.0410 0x0d94 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:42:28.0430 0x0d94 arc - ok
21:42:28.0440 0x0d94 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:42:28.0450 0x0d94 arcsas - ok
21:42:28.0490 0x0d94 [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
21:42:28.0500 0x0d94 asahci64 - ok
21:42:28.0610 0x0d94 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:42:28.0630 0x0d94 aspnet_state - ok
21:42:28.0660 0x0d94 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:42:28.0690 0x0d94 AsyncMac - ok
21:42:28.0730 0x0d94 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:42:28.0730 0x0d94 atapi - ok
21:42:28.0790 0x0d94 [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
21:42:28.0800 0x0d94 atksgt - ok
21:42:28.0870 0x0d94 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:42:28.0900 0x0d94 AudioEndpointBuilder - ok
21:42:28.0920 0x0d94 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:42:28.0940 0x0d94 AudioSrv - ok
21:42:28.0980 0x0d94 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:42:29.0010 0x0d94 AxInstSV - ok
21:42:29.0050 0x0d94 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:42:29.0070 0x0d94 b06bdrv - ok
21:42:29.0100 0x0d94 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:42:29.0110 0x0d94 b57nd60a - ok
21:42:29.0140 0x0d94 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:42:29.0140 0x0d94 BDESVC - ok
21:42:29.0160 0x0d94 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:42:29.0180 0x0d94 Beep - ok
21:42:29.0230 0x0d94 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:42:29.0250 0x0d94 BFE - ok
21:42:29.0290 0x0d94 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:42:29.0320 0x0d94 BITS - ok
21:42:29.0350 0x0d94 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:42:29.0350 0x0d94 blbdrive - ok
21:42:29.0410 0x0d94 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:42:29.0430 0x0d94 bowser - ok
21:42:29.0440 0x0d94 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:42:29.0450 0x0d94 BrFiltLo - ok
21:42:29.0460 0x0d94 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:42:29.0480 0x0d94 BrFiltUp - ok
21:42:29.0510 0x0d94 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:42:29.0530 0x0d94 Browser - ok
21:42:29.0560 0x0d94 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:42:29.0580 0x0d94 Brserid - ok
21:42:29.0590 0x0d94 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:42:29.0600 0x0d94 BrSerWdm - ok
21:42:29.0620 0x0d94 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:42:29.0630 0x0d94 BrUsbMdm - ok
21:42:29.0640 0x0d94 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:42:29.0650 0x0d94 BrUsbSer - ok
21:42:29.0660 0x0d94 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:42:29.0670 0x0d94 BTHMODEM - ok
21:42:29.0700 0x0d94 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:42:29.0730 0x0d94 bthserv - ok
21:42:29.0740 0x0d94 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:42:29.0760 0x0d94 cdfs - ok
21:42:29.0780 0x0d94 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:42:29.0790 0x0d94 cdrom - ok
21:42:29.0820 0x0d94 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:42:29.0840 0x0d94 CertPropSvc - ok
21:42:29.0860 0x0d94 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:42:29.0870 0x0d94 circlass - ok
21:42:29.0930 0x0d94 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
21:42:29.0950 0x0d94 CLFS - ok
21:42:30.0050 0x0d94 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:42:30.0070 0x0d94 clr_optimization_v2.0.50727_32 - ok
21:42:30.0120 0x0d94 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:42:30.0130 0x0d94 clr_optimization_v2.0.50727_64 - ok
21:42:30.0230 0x0d94 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:42:30.0240 0x0d94 clr_optimization_v4.0.30319_32 - ok
21:42:30.0330 0x0d94 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:42:30.0340 0x0d94 clr_optimization_v4.0.30319_64 - ok
21:42:30.0360 0x0d94 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:42:30.0370 0x0d94 CmBatt - ok
21:42:30.0400 0x0d94 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:42:30.0410 0x0d94 cmdide - ok
21:42:30.0480 0x0d94 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
21:42:30.0510 0x0d94 CNG - ok
21:42:30.0520 0x0d94 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:42:30.0530 0x0d94 Compbatt - ok
21:42:30.0560 0x0d94 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:42:30.0570 0x0d94 CompositeBus - ok
21:42:30.0580 0x0d94 COMSysApp - ok
21:42:30.0680 0x0d94 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:42:30.0700 0x0d94 cphs - ok
21:42:30.0720 0x0d94 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:42:30.0730 0x0d94 crcdisk - ok
21:42:30.0780 0x0d94 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:42:30.0800 0x0d94 CryptSvc - ok
21:42:30.0840 0x0d94 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:42:30.0870 0x0d94 CSC - ok
21:42:30.0890 0x0d94 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:42:30.0910 0x0d94 CscService - ok
21:42:30.0980 0x0d94 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
21:42:31.0000 0x0d94 DcomLaunch - ok
21:42:31.0030 0x0d94 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:42:31.0060 0x0d94 defragsvc - ok
21:42:31.0090 0x0d94 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:42:31.0100 0x0d94 DfsC - ok
21:42:31.0140 0x0d94 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:42:31.0160 0x0d94 Dhcp - ok
21:42:31.0280 0x0d94 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
21:42:31.0310 0x0d94 DiagTrack - ok
21:42:31.0340 0x0d94 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:42:31.0360 0x0d94 discache - ok
21:42:31.0420 0x0d94 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
21:42:31.0430 0x0d94 Disk - ok
21:42:31.0460 0x0d94 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:42:31.0470 0x0d94 dmvsc - ok
21:42:31.0510 0x0d94 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:42:31.0530 0x0d94 Dnscache - ok
21:42:31.0550 0x0d94 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:42:31.0590 0x0d94 dot3svc - ok
21:42:31.0600 0x0d94 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:42:31.0620 0x0d94 DPS - ok
21:42:31.0670 0x0d94 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:42:31.0680 0x0d94 drmkaud - ok
21:42:31.0760 0x0d94 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:42:31.0780 0x0d94 DXGKrnl - ok
21:42:31.0810 0x0d94 EagleX64 - ok
21:42:31.0830 0x0d94 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:42:31.0870 0x0d94 EapHost - ok
21:42:31.0989 0x0d94 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:42:32.0039 0x0d94 ebdrv - ok
21:42:32.0079 0x0d94 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\Windows\System32\lsass.exe
21:42:32.0089 0x0d94 EFS - ok
21:42:32.0149 0x0d94 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:42:32.0179 0x0d94 ehRecvr - ok
21:42:32.0189 0x0d94 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:42:32.0199 0x0d94 ehSched - ok
21:42:32.0239 0x0d94 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:42:32.0249 0x0d94 elxstor - ok
21:42:32.0269 0x0d94 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:42:32.0269 0x0d94 ErrDev - ok
21:42:32.0319 0x0d94 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:42:32.0349 0x0d94 EventSystem - ok
21:42:32.0399 0x0d94 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:42:32.0439 0x0d94 exfat - ok
21:42:32.0469 0x0d94 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:42:32.0489 0x0d94 fastfat - ok
21:42:32.0539 0x0d94 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:42:32.0549 0x0d94 Fax - ok
21:42:32.0569 0x0d94 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:42:32.0569 0x0d94 fdc - ok
21:42:32.0609 0x0d94 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:42:32.0639 0x0d94 fdPHost - ok
21:42:32.0649 0x0d94 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:42:32.0679 0x0d94 FDResPub - ok
21:42:32.0699 0x0d94 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:42:32.0709 0x0d94 FileInfo - ok
21:42:32.0709 0x0d94 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:42:32.0729 0x0d94 Filetrace - ok
21:42:32.0749 0x0d94 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:42:32.0759 0x0d94 flpydisk - ok
21:42:32.0769 0x0d94 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:42:32.0779 0x0d94 FltMgr - ok
21:42:32.0859 0x0d94 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
21:42:32.0889 0x0d94 FontCache - ok
21:42:32.0939 0x0d94 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:42:32.0949 0x0d94 FontCache3.0.0.0 - ok
21:42:32.0969 0x0d94 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:42:32.0979 0x0d94 FsDepends - ok
21:42:32.0999 0x0d94 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:42:33.0009 0x0d94 Fs_Rec - ok
21:42:33.0059 0x0d94 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:42:33.0079 0x0d94 fvevol - ok
21:42:33.0109 0x0d94 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:42:33.0109 0x0d94 gagp30kx - ok
21:42:33.0179 0x0d94 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
21:42:33.0209 0x0d94 gpsvc - ok
21:42:33.0249 0x0d94 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:42:33.0259 0x0d94 hamachi - ok
21:42:33.0259 0x0d94 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:42:33.0269 0x0d94 hcw85cir - ok
21:42:33.0309 0x0d94 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:42:33.0339 0x0d94 HdAudAddService - ok
21:42:33.0369 0x0d94 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:42:33.0389 0x0d94 HDAudBus - ok
21:42:33.0409 0x0d94 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:42:33.0419 0x0d94 HidBatt - ok
21:42:33.0439 0x0d94 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:42:33.0459 0x0d94 HidBth - ok
21:42:33.0469 0x0d94 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:42:33.0489 0x0d94 HidIr - ok
21:42:33.0509 0x0d94 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:42:33.0539 0x0d94 hidserv - ok
21:42:33.0569 0x0d94 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:42:33.0579 0x0d94 HidUsb - ok
21:42:33.0609 0x0d94 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:42:33.0629 0x0d94 hkmsvc - ok
21:42:33.0659 0x0d94 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:42:33.0669 0x0d94 HomeGroupListener - ok
21:42:33.0689 0x0d94 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:42:33.0699 0x0d94 HomeGroupProvider - ok
21:42:33.0729 0x0d94 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:42:33.0729 0x0d94 HpSAMD - ok
21:42:33.0819 0x0d94 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:42:33.0849 0x0d94 HTTP - ok
21:42:33.0859 0x0d94 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:42:33.0859 0x0d94 hwpolicy - ok
21:42:33.0889 0x0d94 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:42:33.0899 0x0d94 i8042prt - ok
21:42:33.0939 0x0d94 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:42:33.0949 0x0d94 iaStor - ok
21:42:33.0989 0x0d94 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:42:34.0009 0x0d94 iaStorV - ok
21:42:34.0089 0x0d94 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:42:34.0119 0x0d94 idsvc - ok
21:42:34.0149 0x0d94 IEEtwCollectorService - ok
21:42:34.0329 0x0d94 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:42:34.0409 0x0d94 igfx - ok
21:42:34.0449 0x0d94 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:42:34.0449 0x0d94 iirsp - ok
21:42:34.0529 0x0d94 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:42:34.0559 0x0d94 IKEEXT - ok
21:42:34.0689 0x0d94 [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:42:34.0739 0x0d94 IntcAzAudAddService - ok
21:42:34.0779 0x0d94 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:42:34.0799 0x0d94 IntcDAud - ok
21:42:34.0869 0x0d94 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:42:34.0889 0x0d94 Intel(R) Capability Licensing Service Interface - ok
21:42:34.0959 0x0d94 [ 709C8623721A1F1EF388EA75A07EC33B, 8F3046F1699E7B560827A965C66F3FCACDE24CD451829D4D2218038830344867 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:42:34.0969 0x0d94 Intel(R) ME Service - detected UnsignedFile.Multi.Generic ( 1 )
21:42:35.0216 0x0d94 Detect skipped due to KSN trusted
21:42:35.0216 0x0d94 Intel(R) ME Service - ok
21:42:35.0246 0x0d94 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:42:35.0266 0x0d94 intelide - ok
21:42:35.0296 0x0d94 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:42:35.0316 0x0d94 intelppm - ok
21:42:35.0336 0x0d94 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:42:35.0376 0x0d94 IPBusEnum - ok
21:42:35.0386 0x0d94 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:42:35.0416 0x0d94 IpFilterDriver - ok
21:42:35.0466 0x0d94 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:42:35.0486 0x0d94 iphlpsvc - ok
21:42:35.0506 0x0d94 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:42:35.0516 0x0d94 IPMIDRV - ok
21:42:35.0526 0x0d94 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:42:35.0546 0x0d94 IPNAT - ok
21:42:35.0566 0x0d94 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:42:35.0576 0x0d94 IRENUM - ok
21:42:35.0586 0x0d94 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:42:35.0596 0x0d94 isapnp - ok
21:42:35.0636 0x0d94 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:42:35.0656 0x0d94 iScsiPrt - ok
21:42:35.0696 0x0d94 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:42:35.0706 0x0d94 iusb3hcs - ok
21:42:35.0726 0x0d94 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:42:35.0746 0x0d94 iusb3hub - ok
21:42:35.0806 0x0d94 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:42:35.0826 0x0d94 iusb3xhc - ok
21:42:35.0856 0x0d94 [ C44B44E24B929631D9D7368F5B2B40CF, A7F11A5A970FA30CC358B9A0FE8163B686208E424C6682AEA45C06B1E7E11963 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:42:35.0866 0x0d94 jhi_service - ok
21:42:35.0906 0x0d94 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:42:35.0916 0x0d94 kbdclass - ok
21:42:35.0956 0x0d94 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:42:35.0966 0x0d94 kbdhid - ok
21:42:35.0996 0x0d94 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\Windows\system32\lsass.exe
21:42:36.0016 0x0d94 KeyIso - ok
21:42:36.0076 0x0d94 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:42:36.0086 0x0d94 KSecDD - ok
21:42:36.0106 0x0d94 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:42:36.0116 0x0d94 KSecPkg - ok
21:42:36.0136 0x0d94 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:42:36.0176 0x0d94 ksthunk - ok
21:42:36.0216 0x0d94 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:42:36.0246 0x0d94 KtmRm - ok
21:42:36.0296 0x0d94 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:42:36.0336 0x0d94 LanmanServer - ok
21:42:36.0376 0x0d94 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:42:36.0396 0x0d94 LanmanWorkstation - ok
21:42:36.0446 0x0d94 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:42:36.0456 0x0d94 LGBusEnum - ok
21:42:36.0496 0x0d94 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:42:36.0506 0x0d94 LGVirHid - ok
21:42:36.0546 0x0d94 [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
21:42:36.0556 0x0d94 lirsgt - ok
21:42:36.0586 0x0d94 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:42:36.0626 0x0d94 lltdio - ok
21:42:36.0656 0x0d94 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:42:36.0686 0x0d94 lltdsvc - ok
21:42:36.0716 0x0d94 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:42:36.0736 0x0d94 lmhosts - ok
21:42:36.0766 0x0d94 [ 75F29D77B0540FCF47EE3BE000BBABDA, 3FFDDC42D51FABAA7F3BFD088F008DE39F3479B25214260D98336F00B6336BFA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:42:36.0776 0x0d94 LMS - ok
21:42:36.0816 0x0d94 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:42:36.0826 0x0d94 LSI_FC - ok
21:42:36.0846 0x0d94 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:42:36.0866 0x0d94 LSI_SAS - ok
21:42:36.0866 0x0d94 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:42:36.0876 0x0d94 LSI_SAS2 - ok
21:42:36.0886 0x0d94 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:42:36.0896 0x0d94 LSI_SCSI - ok
21:42:36.0906 0x0d94 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:42:36.0926 0x0d94 luafv - ok
21:42:36.0956 0x0d94 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:42:36.0966 0x0d94 MBfilt - ok
21:42:36.0986 0x0d94 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:42:36.0996 0x0d94 Mcx2Svc - ok
21:42:37.0006 0x0d94 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:42:37.0016 0x0d94 megasas - ok
21:42:37.0036 0x0d94 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:42:37.0046 0x0d94 MegaSR - ok
21:42:37.0076 0x0d94 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:42:37.0076 0x0d94 MEIx64 - ok
21:42:37.0106 0x0d94 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:42:37.0126 0x0d94 MMCSS - ok
21:42:37.0136 0x0d94 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:42:37.0156 0x0d94 Modem - ok
21:42:37.0176 0x0d94 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:42:37.0186 0x0d94 monitor - ok
21:42:37.0216 0x0d94 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:42:37.0216 0x0d94 mouclass - ok
21:42:37.0236 0x0d94 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:42:37.0246 0x0d94 mouhid - ok
21:42:37.0286 0x0d94 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:42:37.0306 0x0d94 mountmgr - ok
21:42:37.0326 0x0d94 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:42:37.0336 0x0d94 mpio - ok
21:42:37.0346 0x0d94 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:42:37.0406 0x0d94 mpsdrv - ok
21:42:37.0456 0x0d94 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:42:37.0496 0x0d94 MpsSvc - ok
21:42:37.0516 0x0d94 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:42:37.0526 0x0d94 MRxDAV - ok
21:42:37.0566 0x0d94 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:42:37.0576 0x0d94 mrxsmb - ok
21:42:37.0626 0x0d94 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:42:37.0646 0x0d94 mrxsmb10 - ok
21:42:37.0666 0x0d94 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:42:37.0676 0x0d94 mrxsmb20 - ok
21:42:37.0716 0x0d94 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:42:37.0726 0x0d94 msahci - ok
21:42:37.0746 0x0d94 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:42:37.0766 0x0d94 msdsm - ok
21:42:37.0776 0x0d94 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:42:37.0786 0x0d94 MSDTC - ok
21:42:37.0816 0x0d94 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:42:37.0836 0x0d94 Msfs - ok
21:42:37.0846 0x0d94 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:42:37.0856 0x0d94 mshidkmdf - ok
21:42:37.0866 0x0d94 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:42:37.0876 0x0d94 msisadrv - ok
21:42:37.0906 0x0d94 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:42:37.0926 0x0d94 MSiSCSI - ok
21:42:37.0926 0x0d94 msiserver - ok
21:42:37.0966 0x0d94 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:42:38.0006 0x0d94 MSKSSRV - ok
21:42:38.0016 0x0d94 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:42:38.0036 0x0d94 MSPCLOCK - ok
21:42:38.0046 0x0d94 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:42:38.0066 0x0d94 MSPQM - ok
21:42:38.0086 0x0d94 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:42:38.0096 0x0d94 MsRPC - ok
21:42:38.0116 0x0d94 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:42:38.0116 0x0d94 mssmbios - ok
21:42:38.0136 0x0d94 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:42:38.0156 0x0d94 MSTEE - ok
21:42:38.0166 0x0d94 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:42:38.0176 0x0d94 MTConfig - ok
21:42:38.0186 0x0d94 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:42:38.0186 0x0d94 Mup - ok
21:42:38.0216 0x0d94 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:42:38.0246 0x0d94 napagent - ok
21:42:38.0276 0x0d94 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:42:38.0286 0x0d94 NativeWifiP - ok
21:42:38.0346 0x0d94 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:42:38.0376 0x0d94 NDIS - ok
21:42:38.0386 0x0d94 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:42:38.0406 0x0d94 NdisCap - ok
21:42:38.0426 0x0d94 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:42:38.0446 0x0d94 NdisTapi - ok
21:42:38.0466 0x0d94 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:42:38.0486 0x0d94 Ndisuio - ok
21:42:38.0506 0x0d94 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:42:38.0526 0x0d94 NdisWan - ok
21:42:38.0536 0x0d94 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:42:38.0556 0x0d94 NDProxy - ok
21:42:38.0576 0x0d94 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:42:38.0596 0x0d94 NetBIOS - ok
21:42:38.0636 0x0d94 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:42:38.0656 0x0d94 NetBT - ok
21:42:38.0676 0x0d94 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\Windows\system32\lsass.exe
21:42:38.0686 0x0d94 Netlogon - ok
21:42:38.0716 0x0d94 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:42:38.0746 0x0d94 Netman - ok
21:42:38.0826 0x0d94 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0836 0x0d94 NetMsmqActivator - ok
21:42:38.0876 0x0d94 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0886 0x0d94 NetPipeActivator - ok
21:42:38.0926 0x0d94 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:42:38.0956 0x0d94 netprofm - ok
21:42:38.0976 0x0d94 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0976 0x0d94 NetTcpActivator - ok
21:42:38.0986 0x0d94 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:38.0986 0x0d94 NetTcpPortSharing - ok
21:42:39.0016 0x0d94 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:42:39.0026 0x0d94 nfrd960 - ok
21:42:39.0076 0x0d94 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:42:39.0106 0x0d94 NlaSvc - ok
21:42:39.0116 0x0d94 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:42:39.0136 0x0d94 Npfs - ok
21:42:39.0156 0x0d94 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:42:39.0176 0x0d94 nsi - ok
21:42:39.0186 0x0d94 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:42:39.0206 0x0d94 nsiproxy - ok
21:42:39.0326 0x0d94 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:42:39.0365 0x0d94 Ntfs - ok
21:42:39.0385 0x0d94 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:42:39.0405 0x0d94 Null - ok
21:42:39.0455 0x0d94 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:42:39.0465 0x0d94 NVHDA - ok
21:42:39.0895 0x0d94 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:42:40.0085 0x0d94 nvlddmkm - ok
21:42:40.0125 0x0d94 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:42:40.0135 0x0d94 nvraid - ok
21:42:40.0155 0x0d94 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:42:40.0165 0x0d94 nvstor - ok
21:42:40.0235 0x0d94 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:42:40.0265 0x0d94 nvsvc - ok
21:42:40.0285 0x0d94 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:42:40.0295 0x0d94 nv_agp - ok
21:42:40.0315 0x0d94 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:42:40.0325 0x0d94 ohci1394 - ok
21:42:40.0355 0x0d94 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:42:40.0365 0x0d94 p2pimsvc - ok
21:42:40.0385 0x0d94 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:42:40.0405 0x0d94 p2psvc - ok
21:42:40.0405 0x0d94 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:42:40.0415 0x0d94 Parport - ok
21:42:40.0425 0x0d94 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:42:40.0435 0x0d94 partmgr - ok
21:42:40.0485 0x0d94 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
21:42:40.0495 0x0d94 PcaSvc - ok
21:42:40.0525 0x0d94 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:42:40.0545 0x0d94 pci - ok
21:42:40.0575 0x0d94 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:42:40.0585 0x0d94 pciide - ok
21:42:40.0605 0x0d94 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:42:40.0615 0x0d94 pcmcia - ok
21:42:40.0635 0x0d94 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:42:40.0635 0x0d94 pcw - ok
21:42:40.0695 0x0d94 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:42:40.0715 0x0d94 PEAUTH - ok
21:42:40.0795 0x0d94 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:42:40.0825 0x0d94 PeerDistSvc - ok
21:42:40.0885 0x0d94 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:42:40.0895 0x0d94 PerfHost - ok
21:42:40.0975 0x0d94 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:42:41.0015 0x0d94 pla - ok
21:42:41.0055 0x0d94 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:42:41.0075 0x0d94 PlugPlay - ok
21:42:41.0075 0x0d94 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:42:41.0085 0x0d94 PNRPAutoReg - ok
21:42:41.0105 0x0d94 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:42:41.0115 0x0d94 PNRPsvc - ok
21:42:41.0175 0x0d94 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:42:41.0195 0x0d94 PolicyAgent - ok
21:42:41.0215 0x0d94 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:42:41.0245 0x0d94 Power - ok
21:42:41.0265 0x0d94 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:42:41.0285 0x0d94 PptpMiniport - ok
21:42:41.0295 0x0d94 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:42:41.0305 0x0d94 Processor - ok
21:42:41.0335 0x0d94 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:42:41.0345 0x0d94 ProfSvc - ok
21:42:41.0365 0x0d94 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:42:41.0365 0x0d94 ProtectedStorage - ok
21:42:41.0395 0x0d94 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:42:41.0415 0x0d94 Psched - ok
21:42:41.0485 0x0d94 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:42:41.0515 0x0d94 ql2300 - ok
21:42:41.0535 0x0d94 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:42:41.0545 0x0d94 ql40xx - ok
21:42:41.0575 0x0d94 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:42:41.0585 0x0d94 QWAVE - ok
21:42:41.0595 0x0d94 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:42:41.0595 0x0d94 QWAVEdrv - ok
21:42:41.0605 0x0d94 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:42:41.0625 0x0d94 RasAcd - ok
21:42:41.0665 0x0d94 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:42:41.0705 0x0d94 RasAgileVpn - ok
21:42:41.0725 0x0d94 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:42:41.0755 0x0d94 RasAuto - ok
21:42:41.0775 0x0d94 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:42:41.0795 0x0d94 Rasl2tp - ok
21:42:41.0825 0x0d94 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:42:41.0845 0x0d94 RasMan - ok
21:42:41.0865 0x0d94 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:42:41.0885 0x0d94 RasPppoe - ok
21:42:41.0905 0x0d94 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:42:41.0925 0x0d94 RasSstp - ok
21:42:41.0945 0x0d94 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:42:41.0965 0x0d94 rdbss - ok
21:42:41.0985 0x0d94 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:42:41.0985 0x0d94 rdpbus - ok
21:42:42.0015 0x0d94 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:42:42.0035 0x0d94 RDPCDD - ok
21:42:42.0055 0x0d94 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:42:42.0065 0x0d94 RDPDR - ok
21:42:42.0075 0x0d94 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:42:42.0095 0x0d94 RDPENCDD - ok
21:42:42.0095 0x0d94 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:42:42.0115 0x0d94 RDPREFMP - ok
21:42:42.0195 0x0d94 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:42:42.0215 0x0d94 RdpVideoMiniport - ok
21:42:42.0255 0x0d94 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:42:42.0275 0x0d94 RDPWD - ok
21:42:42.0295 0x0d94 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:42:42.0315 0x0d94 rdyboost - ok
21:42:42.0335 0x0d94 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:42:42.0355 0x0d94 RemoteAccess - ok
21:42:42.0375 0x0d94 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:42:42.0395 0x0d94 RemoteRegistry - ok
21:42:42.0405 0x0d94 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:42:42.0425 0x0d94 RpcEptMapper - ok
21:42:42.0445 0x0d94 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:42:42.0455 0x0d94 RpcLocator - ok
21:42:42.0505 0x0d94 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
21:42:42.0515 0x0d94 RpcSs - ok
21:42:42.0535 0x0d94 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:42:42.0555 0x0d94 rspndr - ok
21:42:42.0615 0x0d94 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:42:42.0625 0x0d94 RTL8167 - ok
21:42:42.0675 0x0d94 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:42:42.0685 0x0d94 s3cap - ok
21:42:42.0705 0x0d94 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\Windows\system32\lsass.exe
21:42:42.0715 0x0d94 SamSs - ok
21:42:42.0735 0x0d94 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:42:42.0755 0x0d94 sbp2port - ok
21:42:42.0785 0x0d94 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:42:42.0815 0x0d94 SCardSvr - ok
21:42:42.0835 0x0d94 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:42:42.0855 0x0d94 scfilter - ok
21:42:42.0925 0x0d94 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:42:42.0965 0x0d94 Schedule - ok
21:42:42.0985 0x0d94 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:42:43.0005 0x0d94 SCPolicySvc - ok
21:42:43.0025 0x0d94 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:42:43.0035 0x0d94 SDRSVC - ok
21:42:43.0055 0x0d94 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:42:43.0065 0x0d94 secdrv - ok
21:42:43.0105 0x0d94 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
21:42:43.0115 0x0d94 seclogon - ok
21:42:43.0135 0x0d94 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:42:43.0155 0x0d94 SENS - ok
21:42:43.0165 0x0d94 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:42:43.0175 0x0d94 SensrSvc - ok
21:42:43.0185 0x0d94 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:42:43.0195 0x0d94 Serenum - ok
21:42:43.0235 0x0d94 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:42:43.0245 0x0d94 Serial - ok
21:42:43.0265 0x0d94 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:42:43.0285 0x0d94 sermouse - ok
21:42:43.0315 0x0d94 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:42:43.0345 0x0d94 SessionEnv - ok
21:42:43.0355 0x0d94 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:42:43.0365 0x0d94 sffdisk - ok
21:42:43.0385 0x0d94 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:42:43.0385 0x0d94 sffp_mmc - ok
21:42:43.0405 0x0d94 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:42:43.0405 0x0d94 sffp_sd - ok
21:42:43.0415 0x0d94 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:42:43.0425 0x0d94 sfloppy - ok
21:42:43.0455 0x0d94 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:42:43.0485 0x0d94 SharedAccess - ok
21:42:43.0505 0x0d94 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:42:43.0525 0x0d94 ShellHWDetection - ok
21:42:43.0555 0x0d94 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:42:43.0555 0x0d94 SiSRaid2 - ok
21:42:43.0565 0x0d94 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:42:43.0575 0x0d94 SiSRaid4 - ok
21:42:43.0665 0x0d94 [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:42:43.0685 0x0d94 SkypeUpdate - ok
21:42:43.0715 0x0d94 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:42:43.0735 0x0d94 Smb - ok
21:42:43.0755 0x0d94 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:42:43.0765 0x0d94 SNMPTRAP - ok
21:42:43.0805 0x0d94 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
21:42:43.0815 0x0d94 speedfan - ok
21:42:43.0825 0x0d94 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:42:43.0835 0x0d94 spldr - ok
21:42:43.0885 0x0d94 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:42:43.0915 0x0d94 Spooler - ok
21:42:44.0045 0x0d94 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:42:44.0115 0x0d94 sppsvc - ok
21:42:44.0135 0x0d94 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:42:44.0155 0x0d94 sppuinotify - ok
21:42:44.0205 0x0d94 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:42:44.0215 0x0d94 srv - ok
21:42:44.0235 0x0d94 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:42:44.0245 0x0d94 srv2 - ok
21:42:44.0265 0x0d94 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:42:44.0275 0x0d94 srvnet - ok
21:42:44.0305 0x0d94 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:42:44.0335 0x0d94 SSDPSRV - ok
21:42:44.0355 0x0d94 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:42:44.0375 0x0d94 SstpSvc - ok
21:42:44.0555 0x0d94 [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:42:44.0595 0x0d94 Steam Client Service - ok
21:42:44.0695 0x0d94 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:42:44.0715 0x0d94 Stereo Service - ok
21:42:44.0735 0x0d94 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:42:44.0745 0x0d94 stexstor - ok
21:42:44.0785 0x0d94 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:42:44.0795 0x0d94 stisvc - ok
21:42:44.0815 0x0d94 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:42:44.0825 0x0d94 storflt - ok
21:42:44.0845 0x0d94 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:42:44.0845 0x0d94 StorSvc - ok
21:42:44.0865 0x0d94 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:42:44.0875 0x0d94 storvsc - ok
21:42:44.0895 0x0d94 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:42:44.0905 0x0d94 swenum - ok
21:42:44.0925 0x0d94 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:42:44.0955 0x0d94 swprv - ok
21:42:45.0055 0x0d94 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:42:45.0085 0x0d94 SysMain - ok
21:42:45.0095 0x0d94 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:42:45.0105 0x0d94 TabletInputService - ok
21:42:45.0145 0x0d94 [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:42:45.0165 0x0d94 tap0901 - detected UnsignedFile.Multi.Generic ( 1 )
21:42:45.0245 0x0d94 Detect skipped due to KSN trusted
21:42:45.0245 0x0d94 tap0901 - ok
21:42:45.0285 0x0d94 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:42:45.0325 0x0d94 TapiSrv - ok
21:42:45.0425 0x0d94 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:42:45.0455 0x0d94 Tcpip - ok
21:42:45.0535 0x0d94 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:42:45.0575 0x0d94 TCPIP6 - ok
21:42:45.0615 0x0d94 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:42:45.0615 0x0d94 tcpipreg - ok
21:42:45.0645 0x0d94 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:42:45.0655 0x0d94 TDPIPE - ok
21:42:45.0675 0x0d94 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:42:45.0675 0x0d94 TDTCP - ok
21:42:45.0715 0x0d94 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:42:45.0735 0x0d94 tdx - ok
21:42:45.0755 0x0d94 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:42:45.0775 0x0d94 TermDD - ok
21:42:45.0835 0x0d94 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:42:45.0865 0x0d94 TermService - ok
21:42:45.0905 0x0d94 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:42:45.0915 0x0d94 Themes - ok
21:42:45.0955 0x0d94 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:42:45.0985 0x0d94 THREADORDER - ok
21:42:46.0025 0x0d94 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:42:46.0045 0x0d94 TrkWks - ok
21:42:46.0075 0x0d94 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:42:46.0115 0x0d94 TrustedInstaller - ok
21:42:46.0145 0x0d94 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:42:46.0155 0x0d94 tssecsrv - ok
21:42:46.0205 0x0d94 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:42:46.0215 0x0d94 TsUsbFlt - ok
21:42:46.0245 0x0d94 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:42:46.0265 0x0d94 TsUsbGD - ok
21:42:46.0295 0x0d94 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:42:46.0315 0x0d94 tunnel - ok
21:42:46.0325 0x0d94 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:42:46.0335 0x0d94 uagp35 - ok
21:42:46.0345 0x0d94 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:42:46.0365 0x0d94 udfs - ok
21:42:46.0385 0x0d94 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:42:46.0395 0x0d94 UI0Detect - ok
21:42:46.0415 0x0d94 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:42:46.0415 0x0d94 uliagpkx - ok
21:42:46.0425 0x0d94 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:42:46.0435 0x0d94 umbus - ok
21:42:46.0445 0x0d94 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:42:46.0455 0x0d94 UmPass - ok
21:42:46.0475 0x0d94 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:42:46.0485 0x0d94 UmRdpService - ok
21:42:46.0565 0x0d94 [ 193AD338F2A64D17300AD640ADFA5D0A, DABFFFE66CE7335F477C14C1D95AB9DB3C2EA3155ACBE41049FE217532E731C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:42:46.0585 0x0d94 UNS - ok
21:42:46.0605 0x0d94 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:42:46.0635 0x0d94 upnphost - ok
21:42:46.0695 0x0d94 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:42:46.0715 0x0d94 usbaudio - ok
21:42:46.0765 0x0d94 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
21:42:46.0775 0x0d94 usbccgp - ok
21:42:46.0805 0x0d94 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:42:46.0825 0x0d94 usbcir - ok
21:42:46.0865 0x0d94 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:42:46.0875 0x0d94 usbehci - ok
21:42:46.0915 0x0d94 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:42:46.0945 0x0d94 usbhub - ok
21:42:46.0975 0x0d94 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:42:46.0985 0x0d94 usbohci - ok
21:42:47.0015 0x0d94 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:42:47.0025 0x0d94 usbprint - ok
21:42:47.0065 0x0d94 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:42:47.0075 0x0d94 USBSTOR - ok
21:42:47.0135 0x0d94 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:42:47.0145 0x0d94 usbuhci - ok
21:42:47.0185 0x0d94 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:42:47.0205 0x0d94 usb_rndisx - ok
21:42:47.0235 0x0d94 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:42:47.0275 0x0d94 UxSms - ok
21:42:47.0285 0x0d94 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\Windows\system32\lsass.exe
21:42:47.0295 0x0d94 VaultSvc - ok
21:42:47.0305 0x0d94 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:42:47.0315 0x0d94 vdrvroot - ok
21:42:47.0335 0x0d94 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:42:47.0365 0x0d94 vds - ok
21:42:47.0385 0x0d94 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:42:47.0385 0x0d94 vga - ok
21:42:47.0405 0x0d94 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:42:47.0425 0x0d94 VgaSave - ok
21:42:47.0445 0x0d94 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:42:47.0455 0x0d94 vhdmp - ok
21:42:47.0485 0x0d94 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:42:47.0495 0x0d94 viaide - ok
21:42:47.0595 0x0d94 [ 1CB47E637072394600082C85D2125243, 723A7F58F125B3B43FFA3F45DEFECB468AE89E29988EFF932C8C5DDE13879D96 ] VmbService C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:42:47.0615 0x0d94 VmbService - detected UnsignedFile.Multi.Generic ( 1 )
21:42:47.0765 0x0d94 VmbService ( UnsignedFile.Multi.Generic ) - warning
21:42:47.0895 0x0d94 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:42:47.0915 0x0d94 vmbus - ok
21:42:47.0915 0x0d94 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:42:47.0925 0x0d94 VMBusHID - ok
21:42:47.0955 0x0d94 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:42:47.0955 0x0d94 volmgr - ok
21:42:47.0975 0x0d94 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:42:47.0985 0x0d94 volmgrx - ok
21:42:48.0005 0x0d94 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:42:48.0015 0x0d94 volsnap - ok
21:42:48.0035 0x0d94 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:42:48.0045 0x0d94 vsmraid - ok
21:42:48.0115 0x0d94 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:42:48.0165 0x0d94 VSS - ok
21:42:48.0175 0x0d94 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:42:48.0175 0x0d94 vwifibus - ok
21:42:48.0205 0x0d94 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:42:48.0235 0x0d94 W32Time - ok
21:42:48.0245 0x0d94 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:42:48.0255 0x0d94 WacomPen - ok
21:42:48.0275 0x0d94 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:42:48.0295 0x0d94 WANARP - ok
21:42:48.0305 0x0d94 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:42:48.0325 0x0d94 Wanarpv6 - ok
21:42:48.0415 0x0d94 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:42:48.0435 0x0d94 WatAdminSvc - ok
21:42:48.0515 0x0d94 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:42:48.0555 0x0d94 wbengine - ok
21:42:48.0565 0x0d94 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:42:48.0575 0x0d94 WbioSrvc - ok
21:42:48.0585 0x0d94 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:42:48.0605 0x0d94 wcncsvc - ok
21:42:48.0615 0x0d94 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:42:48.0625 0x0d94 WcsPlugInService - ok
21:42:48.0645 0x0d94 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:42:48.0645 0x0d94 Wd - ok
21:42:48.0705 0x0d94 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:42:48.0725 0x0d94 Wdf01000 - ok
21:42:48.0765 0x0d94 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:42:48.0765 0x0d94 WdiServiceHost - ok
21:42:48.0775 0x0d94 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:42:48.0775 0x0d94 WdiSystemHost - ok
21:42:48.0815 0x0d94 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
21:42:48.0835 0x0d94 WebClient - ok
21:42:48.0845 0x0d94 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:42:48.0865 0x0d94 Wecsvc - ok
21:42:48.0885 0x0d94 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:42:48.0905 0x0d94 wercplsupport - ok
21:42:48.0935 0x0d94 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:42:48.0955 0x0d94 WerSvc - ok
21:42:48.0975 0x0d94 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:42:48.0995 0x0d94 WfpLwf - ok
21:42:49.0005 0x0d94 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:42:49.0015 0x0d94 WIMMount - ok
21:42:49.0035 0x0d94 WinDefend - ok
21:42:49.0045 0x0d94 WinHttpAutoProxySvc - ok
21:42:49.0095 0x0d94 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:42:49.0125 0x0d94 Winmgmt - ok
21:42:49.0225 0x0d94 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
21:42:49.0265 0x0d94 WinRM - ok
21:42:49.0325 0x0d94 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:42:49.0345 0x0d94 WinUsb - ok
21:42:49.0405 0x0d94 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:42:49.0445 0x0d94 Wlansvc - ok
21:42:49.0625 0x0d94 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:42:49.0655 0x0d94 wlidsvc - ok
21:42:49.0675 0x0d94 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:42:49.0685 0x0d94 WmiAcpi - ok
21:42:49.0705 0x0d94 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:42:49.0715 0x0d94 wmiApSrv - ok
21:42:49.0745 0x0d94 WMPNetworkSvc - ok
21:42:49.0765 0x0d94 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:42:49.0775 0x0d94 WPCSvc - ok
21:42:49.0785 0x0d94 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:42:49.0805 0x0d94 WPDBusEnum - ok
21:42:49.0835 0x0d94 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:42:49.0875 0x0d94 ws2ifsl - ok
21:42:49.0885 0x0d94 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:42:49.0895 0x0d94 wscsvc - ok
21:42:49.0905 0x0d94 WSearch - ok
21:42:50.0035 0x0d94 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
21:42:50.0075 0x0d94 wuauserv - ok
21:42:50.0105 0x0d94 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:42:50.0115 0x0d94 WudfPf - ok
21:42:50.0155 0x0d94 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:42:50.0175 0x0d94 WUDFRd - ok
21:42:50.0205 0x0d94 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:42:50.0215 0x0d94 wudfsvc - ok
21:42:50.0255 0x0d94 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:42:50.0275 0x0d94 WwanSvc - ok
21:42:50.0345 0x0d94 X6va012 - ok
21:42:50.0365 0x0d94 ================ Scan global ===============================
21:42:50.0405 0x0d94 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:42:50.0445 0x0d94 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:42:50.0465 0x0d94 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:42:50.0495 0x0d94 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:42:50.0545 0x0d94 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:42:50.0555 0x0d94 [ Global ] - ok
21:42:50.0555 0x0d94 ================ Scan MBR ==================================
21:42:50.0565 0x0d94 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:42:50.0845 0x0d94 \Device\Harddisk0\DR0 - ok
21:42:50.0845 0x0d94 ================ Scan VBR ==================================
21:42:50.0845 0x0d94 [ 61A53B03E3E9579DDC75A997E1AFD70B ] \Device\Harddisk0\DR0\Partition1
21:42:50.0845 0x0d94 \Device\Harddisk0\DR0\Partition1 - ok
21:42:50.0875 0x0d94 [ CFC2B11A92CE94C6CCF9563348979436 ] \Device\Harddisk0\DR0\Partition2
21:42:50.0875 0x0d94 \Device\Harddisk0\DR0\Partition2 - ok
21:42:50.0895 0x0d94 [ 2640F5232931FBBF369087696CB225AA ] \Device\Harddisk0\DR0\Partition3
21:42:50.0895 0x0d94 \Device\Harddisk0\DR0\Partition3 - ok
21:42:50.0895 0x0d94 ================ Scan generic autorun ======================
21:42:51.0265 0x0d94 [ C43D50453404EF1C6801EFFC2492A202, 1D4142E49B2F8129C5643A3B6AD3BA93520FA008D9382EFA60CCDC6172F48D43 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:42:51.0455 0x0d94 RTHDVCPL - ok
21:42:51.0487 0x0d94 [ 483BAA4246B80BDE1EA562C618BBA4A1, 0340A483F2F00A329ADC625940E5B2E951E1AA362CB088477EFC92D245207CEA ] C:\Windows\system32\igfxtray.exe
21:42:51.0487 0x0d94 IgfxTray - ok
21:42:51.0507 0x0d94 [ 40CAEC9DBC892ED1915704CC54CB382E, 38976A5EF1461027FF8F07397793A9BEFD0B3B47EB1B86F0F3FB88818E5917C9 ] C:\Windows\system32\hkcmd.exe
21:42:51.0517 0x0d94 HotKeysCmds - ok
21:42:51.0537 0x0d94 [ C88B01661694F2013F8DF1BD66B8B39E, 5BB40F448A85EE00FC090D61BFAB2D15874946E355F92B4FA40482153F0EB83E ] C:\Windows\system32\igfxpers.exe
21:42:51.0547 0x0d94 Persistence - ok
21:42:51.0657 0x0d94 [ 66B1C09A03323BC0142B62769ACB195E, 54B59524DE975DF649AD0C781772753135F6F73BA1A5E2458658665565BAADEC ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:42:51.0687 0x0d94 NvBackend - ok
21:42:51.0747 0x0d94 [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:42:51.0767 0x0d94 USB3MON - ok
21:42:51.0837 0x0d94 [ DA6D879F890699D24E50C5CA8901C180, ECA491649CD2188512F3AA5CF5F788521FA838F45BD0658CE387A1E9443D2D7D ] C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE
21:42:51.0847 0x0d94 QuickFinder Scheduler - ok
21:42:51.0887 0x0d94 [ AC0BB0F95240D0E3E64CAA483FBA0476, E4C969D8C500DFE31A24FF09A896862F62188A639962866194B7CA4E5669C85F ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
21:42:51.0887 0x0d94 MobileBroadband - detected UnsignedFile.Multi.Generic ( 1 )
21:42:51.0977 0x0d94 MobileBroadband ( UnsignedFile.Multi.Generic ) - warning
21:42:52.0166 0x0d94 [ 508B8935D3F6F38AB99C3FB171C40FD4, 02147CE2C8E558842EE6C4A11F78BDE533269A83BEB2D78EB68E1050EFE8F042 ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
21:42:52.0196 0x0d94 VmbNotifier - detected UnsignedFile.Multi.Generic ( 1 )
21:42:52.0446 0x0d94 VmbNotifier ( UnsignedFile.Multi.Generic ) - warning
21:42:52.0616 0x0d94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:42:52.0646 0x0d94 Sidebar - ok
21:42:52.0676 0x0d94 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:42:52.0696 0x0d94 mctadmin - ok
21:42:52.0736 0x0d94 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:42:52.0756 0x0d94 Sidebar - ok
21:42:52.0786 0x0d94 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:42:52.0796 0x0d94 mctadmin - ok
21:42:52.0956 0x0d94 [ FF206944E3A8590FABE10FB2C321AA6D, 77C555667674C9E4473C64921C5F2A7D723FBE28A73EB5EBAA777CD04D11C06B ] C:\Program Files (x86)\Steam\steam.exe
21:42:52.0996 0x0d94 Steam - ok
21:42:53.0096 0x0d94 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:42:53.0116 0x0d94 Sidebar - ok
21:42:53.0156 0x0d94 Skype - ok
21:42:53.0156 0x0d94 Waiting for KSN requests completion. In queue: 90
21:42:54.0166 0x0d94 Win FW state via NFP2: enabled ( trusted )
21:42:54.0256 0x0d94 ============================================================
21:42:54.0256 0x0d94 Scan finished
21:42:54.0256 0x0d94 ============================================================
21:42:54.0256 0x1014 Detected object count: 3
21:42:54.0256 0x1014 Actual detected object count: 3
21:43:03.0770 0x1014 VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
21:43:03.0770 0x1014 VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:43:03.0780 0x1014 MobileBroadband ( UnsignedFile.Multi.Generic ) - skipped by user
21:43:03.0780 0x1014 MobileBroadband ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:43:03.0780 0x1014 VmbNotifier ( UnsignedFile.Multi.Generic ) - skipped by user
21:43:03.0780 0x1014 VmbNotifier ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:43:05.0985 0x17d4 Deinitialize success
|
|
29.12.2016, 22:00
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: PC ist auffällig langsamer Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.12.2016, 18:17
| #9 |
| | Windows 7: PC ist auffällig langsamer Hallo cosinus, ich habe die Schritte abgearbeitet. Hier die Logs  Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 30/12/2016 um 17:57:41
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-29.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Lauritz - LAURITZ-PC
# Gestartet von : C:\Users\Lauritz\Downloads\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Lauritz\AppData\Roaming\loadtbs
[-] Ordner gelöscht: C:\ProgramData\iwin games
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\iwin games
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\AVG Nation toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AVG Nation toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Nation toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Secure Search
[-] Schlüssel gelöscht: HKLM\SOFTWARE\AVG Security Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AVG Nation toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2491 Bytes] - [30/12/2016 17:57:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [2634 Bytes] - [30/12/2016 17:54:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [2706 Bytes] - [30/12/2016 17:57:09]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2710 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by Lauritz (Administrator) on 30.12.2016 at 18:11:26,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 42
Successfully deleted: C:\Users\Lauritz\AppData\Roaming\wyupdate au (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IDGDRRF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5YGCQTJ3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P2HLRO6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CXFKHA8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJQ9FY49 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB2N1QGQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECI0RADR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8KM16H7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWC13UU1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LITNR2CO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LWO9YTXF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1Z7BI0E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB8J7RWP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P56P2LIC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3MC89ZW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Lauritz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWVK969N (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IDGDRRF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5YGCQTJ3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P2HLRO6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CXFKHA8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJQ9FY49 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB2N1QGQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECI0RADR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8KM16H7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWC13UU1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LITNR2CO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LWO9YTXF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1Z7BI0E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB8J7RWP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P56P2LIC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S3MC89ZW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWVK969N (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.12.2016 at 18:14:37,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
31.12.2016, 13:55
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: PC ist auffällig langsamer Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.01.2017, 17:33
| #11 |
| | Windows 7: PC ist auffällig langsamer Frohes Neues! Der Scan hatte sich ca. 1 Min bei AppID aufgehangen (Keine Rückmeldung) danach ging es ohne Probleme weiter. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Lauritz (Administrator) auf LAURITZ-PC (02-01-2017 17:20:00)
Gestartet von C:\Users\Lauritz\Desktop
Geladene Profile: Lauritz (Verfügbare Profile: Lauritz)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [QuickFinder Scheduler] => C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE [83568 2007-01-02] (Corel Corporation)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [78336 2013-10-24] (Vodafone)
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1893888 2013-10-24] (Vodafone)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\MountPoints2: {d68dae76-f34e-11e5-9414-bc5ff4450f04} - F:\setup_vmb_lite.exe /checkApplicationPresence
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-08-19] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0B4D4C20-18BD-4408-9CB9-3057CC20671C}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{832F46A1-9D7F-4D45-BCE9-305835DBF76A}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2922099021-443059803-3302965599-1000 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2922099021-443059803-3302965599-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lauritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-28] (Unity Technologies ApS)
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-10-24] (Vodafone) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-10-13] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-10-13] ()
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2016-06-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-30 18:14 - 2016-12-30 18:14 - 00007289 _____ C:\Users\Lauritz\Desktop\JRT.txt
2016-12-30 18:07 - 2016-12-30 18:07 - 00002804 _____ C:\Users\Lauritz\Desktop\AdwCleaner[C0].txt
2016-12-30 18:02 - 2016-12-30 18:03 - 01663040 _____ (Malwarebytes) C:\Users\Lauritz\Downloads\JRT.exe
2016-12-30 17:52 - 2016-12-30 17:57 - 00000000 ____D C:\AdwCleaner
2016-12-30 17:52 - 2016-12-30 17:52 - 03977168 _____ C:\Users\Lauritz\Downloads\AdwCleaner_6.041.exe
2016-12-29 21:42 - 2016-12-29 21:43 - 00202264 _____ C:\TDSSKiller.3.1.0.12_29.12.2016_21.42.16_log.txt
2016-12-29 21:25 - 2016-12-29 21:26 - 00004828 _____ C:\TDSSKiller.3.1.0.12_29.12.2016_21.25.51_log.txt
2016-12-29 21:15 - 2016-12-29 21:15 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Lauritz\Desktop\tdsskiller.exe
2016-12-29 20:33 - 2016-12-29 21:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-29 20:33 - 2016-12-29 20:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-29 20:33 - 2016-12-29 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-29 20:32 - 2016-12-29 21:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-29 20:31 - 2016-12-29 21:13 - 00000000 ____D C:\Users\Lauritz\Desktop\mbar
2016-12-29 20:30 - 2016-12-29 20:30 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Lauritz\Desktop\mbar-1.09.3.1001.exe
2016-12-29 20:12 - 2017-01-02 17:14 - 00524288 ___SH C:\Windows\system32\config\components{c46fc21d-cdf9-11e6-a1e7-bc5ff4450f04}.TMContainer00000000000000000001.regtrans-ms
2016-12-29 20:12 - 2017-01-02 17:14 - 00065536 ___SH C:\Windows\system32\config\components{c46fc21d-cdf9-11e6-a1e7-bc5ff4450f04}.TM.blf
2016-12-29 20:12 - 2016-12-29 20:23 - 00524288 ___SH C:\Windows\system32\config\components{c46fc21d-cdf9-11e6-a1e7-bc5ff4450f04}.TMContainer00000000000000000002.regtrans-ms
2016-12-29 19:57 - 2016-12-29 20:11 - 00000000 ____D C:\Users\Lauritz\AppData\Local\AvgSetupLog
2016-12-29 19:52 - 2016-12-30 17:58 - 00006208 _____ C:\Windows\PFRO.log
2016-12-28 20:42 - 2016-12-28 20:43 - 00064261 _____ C:\Users\Lauritz\Downloads\Addition.txt
2016-12-28 20:41 - 2016-12-28 20:43 - 00048421 _____ C:\Users\Lauritz\Downloads\FRST.txt
2016-12-28 20:38 - 2016-12-28 20:38 - 02420736 _____ (Farbar) C:\Users\Lauritz\Downloads\FRST64.exe
2016-12-19 18:52 - 2016-12-19 18:52 - 00003074 _____ C:\Windows\System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23}
2016-12-14 13:20 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 13:20 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 13:20 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 13:20 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 13:20 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 13:20 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 13:20 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 13:20 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 13:20 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 13:20 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 13:20 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 13:20 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 13:20 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 13:20 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 13:20 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 13:20 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 13:20 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 13:20 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 13:20 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 13:20 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 13:20 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 13:20 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 13:20 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 13:20 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 13:19 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 13:19 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 13:19 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 13:19 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 13:19 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 13:19 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 13:19 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 13:19 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 13:19 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 13:19 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 13:19 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 13:19 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 13:19 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 13:19 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 13:19 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 13:19 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 13:19 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 13:19 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 13:19 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 13:19 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 13:19 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 13:19 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 13:19 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 13:19 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 13:19 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 13:19 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 13:19 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 13:19 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 13:19 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 13:19 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 13:19 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 13:19 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 13:19 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 13:19 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 13:19 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 13:19 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 13:19 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 13:19 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 13:19 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 13:19 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 13:19 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 13:19 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 13:19 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 13:19 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 13:19 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 13:19 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 13:19 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 13:19 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 13:19 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 13:19 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 13:19 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 13:19 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 13:19 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 13:19 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 13:19 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 13:19 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 13:19 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 13:19 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 13:19 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 13:19 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 13:19 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 13:19 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 13:19 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 13:19 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 13:19 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 13:19 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 13:19 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 13:19 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 13:19 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 13:19 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-07 16:18 - 2016-12-07 16:18 - 00000221 _____ C:\Users\Lauritz\Desktop\Borderlands 2.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-02 17:21 - 2015-01-07 00:44 - 00009775 _____ C:\Users\Lauritz\Desktop\FRST.txt
2017-01-02 17:20 - 2015-01-07 00:44 - 00000000 ____D C:\FRST
2017-01-02 17:20 - 2012-10-13 16:03 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\Skype
2017-01-02 17:10 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 17:10 - 2009-07-14 05:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 17:05 - 2012-10-29 16:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-02 16:59 - 2012-12-18 17:31 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-02 16:59 - 2012-10-13 13:53 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-01-02 16:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-30 23:28 - 2016-03-27 06:42 - 16037138 ____H C:\Users\Lauritz\AppData\Local\IconCache.db
2016-12-30 22:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\config\RegBack
2016-12-30 18:14 - 2012-10-13 13:29 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming
2016-12-30 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-12-30 18:12 - 2012-10-13 13:23 - 00000000 __SHD C:\System Volume Information
2016-12-30 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-30 18:03 - 2012-10-13 13:29 - 00000000 ___RD C:\Users\Lauritz\Downloads
2016-12-30 17:57 - 2009-07-14 04:20 - 00000000 ___HD C:\ProgramData
2016-12-30 17:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64
2016-12-30 17:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32
2016-12-30 17:47 - 2012-10-13 13:53 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-12-29 23:52 - 2012-10-31 18:41 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\TS3Client
2016-12-29 21:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\drivers
2016-12-29 20:11 - 2013-01-13 22:19 - 00000000 ____D C:\ProgramData\AVG
2016-12-29 20:11 - 2013-01-13 22:09 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-29 20:11 - 2012-10-13 13:39 - 00000000 __SHD C:\Windows\Installer
2016-12-29 20:11 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-29 20:11 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-29 20:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Tasks
2016-12-29 20:06 - 2015-05-22 10:39 - 00000000 ____D C:\Users\Lauritz\AppData\Local\Avg
2016-12-29 20:06 - 2013-01-13 22:07 - 00000000 ____D C:\ProgramData\MFAData
2016-12-29 20:06 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files
2016-12-29 19:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-29 19:57 - 2012-10-13 13:29 - 00000000 ____D C:\Users\Lauritz\AppData\Local
2016-12-29 19:52 - 2015-04-12 11:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-29 19:51 - 2015-04-12 11:44 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-29 19:51 - 2009-07-14 04:20 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-29 18:46 - 2016-09-23 16:29 - 00524288 ___SH C:\Windows\system32\config\components{a316c984-81a1-11e6-be2e-bc5ff4450f04}.TMContainer00000000000000000002.regtrans-ms
2016-12-29 18:46 - 2016-09-23 16:29 - 00065536 ___SH C:\Windows\system32\config\components{a316c984-81a1-11e6-be2e-bc5ff4450f04}.TM.blf
2016-12-28 20:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Drivers\etc
2016-12-28 20:30 - 2009-07-14 03:34 - 00453906 ____R C:\Windows\system32\Drivers\etc\hosts
2016-12-28 20:07 - 2016-09-23 18:56 - 00009979 _____ C:\Users\Lauritz\Desktop\hijackthis.log
2016-12-28 20:06 - 2016-09-23 18:53 - 00000000 ____D C:\Users\Lauritz\Desktop\backups
2016-12-22 20:54 - 2012-11-06 22:27 - 00000000 ____D C:\Users\Lauritz\AppData\Roaming\vlc
2016-12-18 12:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-18 01:39 - 2016-03-22 21:40 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-17 20:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-17 19:15 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
2016-12-15 19:07 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-15 19:07 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-15 19:07 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 19:07 - 2009-07-14 03:36 - 00653930 _____ C:\Windows\system32\perfh009.dat
2016-12-15 19:07 - 2009-07-14 03:36 - 00121802 _____ C:\Windows\system32\perfc009.dat
2016-12-15 19:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\winsxs
2016-12-15 19:02 - 2009-07-14 03:34 - 00189440 ____H C:\Users\Default\NTUSER.DAT.LOG1
2016-12-15 19:01 - 2009-07-14 05:45 - 00483768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\de-DE
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Boot
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppPatch
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 13:55 - 2013-08-15 11:53 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 13:53 - 2012-10-13 15:30 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 13:53 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\debug
2016-12-14 13:51 - 2013-04-25 06:52 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 20:06 - 2015-02-19 19:36 - 00000000 ____D C:\Users\Lauritz\AppData\Local\Steam
2016-12-13 16:32 - 2012-11-05 08:18 - 00000000 ____D C:\Users\Lauritz\Documents\My Games
2016-12-13 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Logs
2016-12-11 00:52 - 2014-04-14 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-10 17:11 - 2016-04-06 02:05 - 00000000 ____D C:\Users\Lauritz\Documents\Project Aura
2016-12-03 13:27 - 2016-09-23 16:29 - 00524288 ___SH C:\Windows\system32\config\components{a316c984-81a1-11e6-be2e-bc5ff4450f04}.TMContainer00000000000000000001.regtrans-ms
Einige Dateien in TEMP:
====================
C:\Users\Lauritz\AppData\Local\Temp\libeay32.dll
C:\Users\Lauritz\AppData\Local\Temp\msvcr120.dll
C:\Users\Lauritz\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-30 22:15
==================== Ende von FRST.txt ============================
Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Lauritz (2017-01-02 17:21:20)
Gestartet von C:\Users\Lauritz\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-10-13 12:29:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2922099021-443059803-3302965599-500 - Administrator - Disabled)
Gast (S-1-5-21-2922099021-443059803-3302965599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2922099021-443059803-3302965599-1009 - Limited - Enabled)
Lauritz (S-1-5-21-2922099021-443059803-3302965599-1000 - Administrator - Enabled) => C:\Users\Lauritz
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version: - Triumph Studios)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle Realms (HKLM-x32\...\{9AA761E6-CA51-4FF2-A552-D51638BF0595}) (Version: 0.10.000 - Liquid Entertainment)
Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version: - )
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Capitalism 2 (HKLM-x32\...\Capitalism 2_is1) (Version: - GOG.com)
Capitalism II (nur deinstallation) (HKLM-x32\...\Capitalism II) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Conquest of Elysium 3 (HKLM\...\Steam App 211900) (Version: - Illwinter Game Design)
Conquest of Elysium 4 (HKLM\...\Steam App 403950) (Version: - Illwinter Game Design)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version: - GSC Game World)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Democracy 3 (HKLM\...\Steam App 245470) (Version: - Positech Games)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Endless Space (HKLM-x32\...\Steam App 208140) (Version: - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
EVE Online (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{4c47d6a1-0c58-4e9b-8cf8-216262d26f37}) (Version: 1.0.0 - CCP)
EVEMon (HKLM-x32\...\EVEMon) (Version: 2.1.0 - battleclinic.com)
Evil Genius (HKLM-x32\...\Steam App 3720) (Version: - Elixir Studios)
Forged Alliance Forever (HKLM-x32\...\{EF37C7C0-1281-4452-8A3F-D71215478D63}) (Version: 240.10.122 - FAF Community)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version: - Edge Case Games Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version: - Robotronic Games)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version: - Paradox Development Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2) (Version: version 2.0a - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mumble 1.2.15 (HKLM-x32\...\{3320748F-375E-4A80-BD48-EC42124FB502}) (Version: 1.2.15 - Thorvald Natvig)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Pirates of the Caribbean (HKLM-x32\...\{C388D147-CCBA-411C-B9FC-2CC1B4EFB240}) (Version: - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Planetbase (HKLM-x32\...\Steam App 403190) (Version: - Madruga Works)
Port Royale 3 (HKLM\...\Steam App 205610) (Version: - Gaming Minds)
Project AURA (HKLM\...\Steam App 305940) (Version: - Pixel Quality Games)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PULSAR: Lost Colony (HKLM-x32\...\Steam App 252870) (Version: - Leafy Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Seven Kingdoms 2 HD (HKLM\...\Steam App 338800) (Version: - Enlight Software Limited)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SRWare Iron (64-Bit) Version 48.2550.2 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 48.2550.2 - SRWare)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version: - Star Gem Inc.)
Star Ruler (HKLM-x32\...\StarRuler) (Version: - )
Star Ruler 2 (HKLM-x32\...\Steam App 282590) (Version: - Blind Mind Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellaris (HKLM\...\Steam App 281990) (Version: - Paradox Development Studio)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0001 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Thea: The Awakening (HKLM\...\Steam App 378720) (Version: - MuHa Games)
Unity Web Player (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.409.46933 - Vodafone)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WordPerfect Office X3 (HKLM-x32\...\_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) (Version: - Corel Corporation)
WordPerfect Office X3 (x32 Version: 13.3 - Corel Corporation) Hidden
World of Tanks (HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version: - Firaxis)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2328C447-D3E6-452B-87F9-9EE1E62A4363} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {2D1EC2C2-2DE7-44E3-A2C8-8CA22899DCD0} - System32\Tasks\{BA7EFF60-8789-4118-A88C-2358E2C1CEF7} => pcalua.exe -a D:\HDRII\EP1\EAUninstall.exe
Task: {337F6073-AF3B-4041-A1E2-360F21C9D657} - System32\Tasks\{37BDD613-C6FA-476D-9F6B-0D761860DBF2} => pcalua.exe -a D:\HDRII\EAUninstall.exe
Task: {4F5346FE-3B0F-4162-8D5D-5D4D49517DEA} - System32\Tasks\{02E7FDDD-7C7A-4696-8E9F-71C30DFEFF6B} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/105430
Task: {6440EA78-AF98-4591-B84E-B8859C5D18BA} - System32\Tasks\{62C6544D-7998-4493-9DE7-6498D76BC5B1} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {733182AF-2FF2-441C-982F-8A8769EFFDCB} - System32\Tasks\{9BEA0DF0-7E39-48E3-94BA-D7D1CE9B4D23} => Chrome.exe hxxps://ui.skype.com/ui/0/7.30.80.105/de/abandoninstall?page=tsMain
Task: {78356296-813B-4DAF-A3CE-124F5844CA93} - System32\Tasks\{FC6FACA1-9ECD-412C-9E32-0050FE7386B9} => pcalua.exe -a D:\PlanetSide2\Uninstaller.exe
Task: {7E6D8B7A-4C49-4A0C-824C-FE012F75C383} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {AB73DEAA-DDED-439D-801C-214D922BF39D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {AF731C36-4DAC-43E7-963B-A431A84F7D32} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-07] (Adobe Systems Incorporated)
Task: {B0B61FC4-E05F-4262-87F7-688AF5DBB856} - System32\Tasks\{31C26874-D94B-4972-8561-BC0923796AD2} => C:\Program Files (x86)\Lionhead Studios Ltd\Black & White\runblack.exe [2001-03-09] (LionHead Studios Ltd.)
Task: {BA2D7491-0897-4A20-AE28-2632701CFF54} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {BA65C212-7CA6-4723-864D-03D055E04489} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {C8690BF7-AED1-4CDB-84BC-75C49827CDE6} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
Task: {DACD9C03-531E-428C-8D3D-7A51F8FD7B31} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {E22041C3-3C39-4683-B76D-4826B0A998F7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {F86498AF-5BC8-424E-A3DF-BB28882EA2C8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-18 17:31 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-13 13:53 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-03-16 19:27 - 2016-03-11 15:31 - 02576984 _____ () C:\Program Files\SRWare Iron (64-Bit)\libglesv2.dll
2016-03-16 19:27 - 2016-03-11 15:31 - 00093784 _____ () C:\Program Files\SRWare Iron (64-Bit)\libegl.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-03-12 17:10 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 07:18 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 10:49 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 12:27 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-13 11:21 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2012-10-29 16:31 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-01-20 07:18 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2012-10-13 13:53 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:A70A8BB0 [284]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7924 mehr Seiten.
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2922099021-443059803-3302965599-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7924 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-28 20:30 - 00453906 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15574 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2922099021-443059803-3302965599-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lauritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3525630A-4038-4DA1-8B14-B1BA07B4A112}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EE1F95C1-FE21-4BD8-B1EF-3C3B97F569C2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A054DEDA-1F95-46C5-B435-0E8BB91AAB2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4BEB620E-9F8B-4A5F-AD92-663E50414585}D:\world_of_tanks\wotlauncher.exe] => (Allow) D:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B4883DF9-41FF-4A6B-9D9F-3F04E79BC86A}D:\world_of_tanks\wotlauncher.exe] => (Allow) D:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1A91BAD5-54D2-45CE-B7CF-22F04942A28D}D:\world_of_tanks\worldoftanks.exe] => (Allow) D:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{2B41D176-6C18-44C8-953F-7CB1DAFE7322}D:\world_of_tanks\worldoftanks.exe] => (Allow) D:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{73AEEE84-7816-427D-9BD8-C5322DA10A25}C:\program files (x86)\star ruler\starruler.exe] => (Allow) C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [UDP Query User{D9F68E51-CDFE-4084-8D7A-F9902E5B1B16}C:\program files (x86)\star ruler\starruler.exe] => (Allow) C:\program files (x86)\star ruler\starruler.exe
FirewallRules: [TCP Query User{5132D057-4F65-41C8-80FD-2BCCE9254C80}D:\eve online\bin\exefile.exe] => (Allow) D:\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{8E9CA187-C958-440F-92BB-86E1F5EBE698}D:\eve online\bin\exefile.exe] => (Allow) D:\eve online\bin\exefile.exe
FirewallRules: [TCP Query User{64A58C25-74DC-4CC5-88A4-51D4C8CE0465}D:\anno171\anno1701.exe] => (Block) D:\anno171\anno1701.exe
FirewallRules: [UDP Query User{0053AE60-FB63-4AFD-BEB7-44D7F3C7F87A}D:\anno171\anno1701.exe] => (Block) D:\anno171\anno1701.exe
FirewallRules: [{79063EC3-D32F-4609-BA3C-5C6204A378D2}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{11DE37C0-7DEF-4B67-BD6F-1E0173797F95}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{2C78A0C5-39C2-4EB5-B470-6787181B3067}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{369A8CFD-43A6-428F-8F1D-589F4E461759}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{6D59CFA9-DFC8-4DAD-8A15-C05E013E9BE8}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{D35B639C-E5D8-4238-92C8-D88A98B1C8CD}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{2FE5F5E8-21E6-40DD-BB2D-6F39C9D307FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [{882484F6-FA56-4C13-98D2-8BDE5B124365}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [TCP Query User{165E54D3-C6F1-4741-B546-FFFC4E29EB99}C:\programdata\faforever\bin\forgedalliance.exe] => (Allow) C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [UDP Query User{7D79CDF4-55A3-4FCF-87AA-1D49879BCEC3}C:\programdata\faforever\bin\forgedalliance.exe] => (Allow) C:\programdata\faforever\bin\forgedalliance.exe
FirewallRules: [TCP Query User{FF529BB4-7C9B-4596-B876-6840D87437FF}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{24A79DAB-AC2F-4C5D-8C44-53457662FA7B}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{1DE14345-D221-44C4-927E-8915EBDC7B0C}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8C3DC567-10EE-413A-A775-E11810F84692}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{FE6DC594-F56A-44B5-8857-BBD1921EA6BE}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{87578C7C-5CCB-4820-A53A-EA284A55B822}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{7F094403-C09D-4FF8-84AB-024000AB740B}] => (Allow) LPort=80
FirewallRules: [{13455699-4A60-4268-A195-8156A81F90CF}] => (Allow) LPort=443
FirewallRules: [{6F6C0479-487A-4AEB-80C2-F07A64CE7406}] => (Allow) LPort=20010
FirewallRules: [{2E9328CF-89A4-466D-A07C-C8D50FD431F3}] => (Allow) LPort=3478
FirewallRules: [{BEC6AC26-105D-4ED8-B759-09B432CD9F01}] => (Allow) LPort=7850
FirewallRules: [{4F1FE10F-F708-40DE-8194-29E955599F65}] => (Allow) LPort=27022
FirewallRules: [{A1FEE9DF-46B5-4427-803E-5473AA8B14F6}] => (Allow) LPort=6881
FirewallRules: [{63BA6F08-A43D-4E05-B9AA-3FFDF63A65BF}] => (Allow) LPort=33333
FirewallRules: [{90F34B83-0226-4C4D-B0EB-08F80DB47615}] => (Allow) LPort=20443
FirewallRules: [{88299BA2-7499-492C-B6FA-39FC248B0927}] => (Allow) LPort=8090
FirewallRules: [{5A366660-B3A9-4F3B-9FD8-E8C28DB2C0EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{E9164DB0-ACB1-4C50-9D79-3356840DEAC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{FB745F0E-6CB3-493B-A67F-DA62816A9847}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67DD86DB-9070-4AE6-BF7A-FC2F64E5C5B2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28FC892-C944-4799-A751-E9A912E53383}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{EC27BAA6-6D71-4D21-B93E-4B9CE0220E00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{7BBB4B05-1A23-45F0-B3E9-DDE3ACBFDC45}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => (Block) C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{64F90C6B-8DF0-4B73-B60C-73502AC5762B}C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe] => (Block) C:\program files (x86)\littlefighter2\lf2_v2.0a\lf2.exe
FirewallRules: [{F65F83C4-E4AF-4E46-A859-11C6B5A123C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A7DC8388-128D-411A-A393-964948DDDA54}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{17757A13-4720-4CCD-8708-54F879C3E4C9}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{81D9EFF7-14A2-4C1D-A52A-3286026B729D}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5B033B21-4FBF-4990-940E-8FA557BF284D}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{3DFF6BFE-1E66-440A-8D21-80C9867C8289}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{BEBB5B2A-A4FE-445A-BD53-7516AAF12958}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B3C16A45-B465-40CF-A310-14D6D8544EC4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{33C63DA3-27BC-4ABB-BC1C-2BC556D8C2CC}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{661A20FA-0891-4694-9CB4-7081E008B9A9}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [TCP Query User{4885F550-D1A7-48E6-9F2D-C3F444A36484}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => (Allow) C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [UDP Query User{01826DC1-531C-47ED-8C99-061E337F951F}C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe] => (Allow) C:\users\lauritz\downloads\atlassian-jira-6.4.9-x64.exe
FirewallRules: [{81F653ED-30F5-459C-BDF7-B797BB43BD31}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{50B022D9-07C7-46AF-97E6-B3ABD881A638}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{C4E340E7-FE79-4C2D-9029-FC4E85871471}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{87AE0554-1480-43C1-957B-A3D0CDCCF464}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{6F224CAE-EEB6-467D-BA7B-CD509E52CA77}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{258F7346-3DBD-403A-A60D-0085524EF75B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{8ACA1C8F-8910-41D2-AA1B-156A3686DD7B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{31E17DBD-7450-42BB-A908-B366189C1069}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [TCP Query User{5CF52E34-10DF-4486-9A3C-C93E4349617E}D:\eve test\bin\exefile.exe] => (Allow) D:\eve test\bin\exefile.exe
FirewallRules: [UDP Query User{C0632904-AB4B-4604-9794-C17929791001}D:\eve test\bin\exefile.exe] => (Allow) D:\eve test\bin\exefile.exe
FirewallRules: [{AEDCABFF-6C8C-4EC8-A2C6-3F9D8AAC6E60}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{A5D27DCA-B050-417A-B0CE-96B05374332B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{728C2563-F377-46BD-9720-CA49545D29A8}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{049CBADA-9726-4115-B315-D1BBA4BB4471}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Star Ruler 2\Star Ruler 2.exe
FirewallRules: [{B82976CC-4D75-45E2-B585-87E2C5C6E895}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [{67F59D19-6F28-4A34-BD83-96C9FE22A39E}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{A66F55DD-678B-4745-94DB-FBE063BEA500}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Block) D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{2E1EDA66-F54C-4215-96E0-48C54E37BA42}D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Block) D:\ageofempires online\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [{6EB2C5A9-0078-4002-8374-95AEF3950B25}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{29CF51ED-505C-4803-BD72-5840A2BF3AE0}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Planetbase\Planetbase.exe
FirewallRules: [{B268E636-E6DD-4B5C-8292-A619AFF0D449}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{9E4FE6CD-4748-442E-BE13-FDE5E51D4D81}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{6545200B-D399-419C-AE47-BD310CAFF706}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{4F3D9125-81BD-4521-AF7B-82683A0E4F7E}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{AB1629DC-65FB-45AF-BF30-A640F4E604BB}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{CD394664-A4B4-4221-9A4C-850708DFBF3C}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Gnomoria\Gnomoria.exe
FirewallRules: [TCP Query User{16E5ECC8-E241-4C67-8130-0581BC3FF300}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Block) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{87735BB3-28FC-4A9E-8DFB-C53D11BC5DCB}D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Block) D:\ageofempires online\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{96CC5490-34B7-42C0-A395-A1A4351E9674}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{611DE6F4-D6F4-41AD-912B-4B60D2EB37C2}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{27C6D0CC-AA3A-44E8-B3D8-94FB961E420D}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [{455A754F-9ED1-4CFB-9172-7F08E27D45C1}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Project Aura\Project Aura.exe
FirewallRules: [TCP Query User{25652C2E-F1EA-4AF4-8D02-119B20FBC5B1}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{337327AF-1C04-4E9F-BFF0-6C0C9A6F571C}D:\eve online test server\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve online test server\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{4586FD53-0545-4E21-AF9F-AFBC84778177}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [UDP Query User{605DF62E-D495-4172-9867-775AD6DCFF3E}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe
FirewallRules: [{3052BF56-A71B-44DF-9B5B-96E8BD796720}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{07CCCFB8-3179-4EB7-B1D1-899C344073C2}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Seven Kingdoms 2 HD\7K2.exe
FirewallRules: [{C283F350-165D-41CB-B179-E3C57A63D50F}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{D029A56B-E110-436A-ACC6-68EFD3628378}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{B60573CB-4959-49B3-BED4-A6134D99D621}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{E61A2755-1C64-4465-B933-3F8C2D8D9781}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{496BDC9A-B6E5-48E2-B473-6748198DFD11}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{1B23D3C4-556A-4BF5-A5A6-C58C1121E450}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [TCP Query User{C60CC3AF-3573-4793-A84B-5A7DC321D718}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => (Block) C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [UDP Query User{AA8AF4EE-5F9F-4B77-9C9B-39A213EB0160}C:\users\lauritz\proxy\freeproxy\freeproxy.exe] => (Block) C:\users\lauritz\proxy\freeproxy\freeproxy.exe
FirewallRules: [TCP Query User{30A3F1D6-676A-4FEE-AE6F-C3E36EF18964}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{4A49306D-24EF-4BE6-9646-005110C4D15E}D:\star citizen\cloud imperium games\patcher\cigpatcher.exe] => (Allow) D:\star citizen\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{FAC251DA-7DC8-47CF-83F7-70C4736B7BF8}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{25E12715-FDCF-4AA8-916D-6F6C14450166}D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) D:\star citizen\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{643F5760-CC57-46B0-A9AE-383DF3C910C4}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{D2CBEB52-1236-423D-A4B6-F421562DA611}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{588B24E7-4285-4438-9D20-88FED1C77B95}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{FA4380EF-610F-4958-BF9D-EC9947C5A0D2}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{42D08151-42D4-4CA9-A38F-55D8FBCAFDAF}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{4792A8DF-85BC-40EB-8415-79F7C4E664C4}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium3\coe3.exe
FirewallRules: [{96B68FD9-AA35-48B1-92FA-AF006BF45BF7}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{22D48B7B-F53D-4AE2-99FD-874F8C77439A}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\ConquestOfElysium4\coe4.exe
FirewallRules: [{1E090DD7-0BD3-4851-8065-84A2D66DF08F}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [{68C25AAE-A925-449D-8E85-4F23A8C9842B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\Thea.exe
FirewallRules: [TCP Query User{5A819A13-965B-4BC8-AA48-44F6C99C6337}D:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{52111DC9-FC00-4D01-9535-649DEBD968AE}D:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) D:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{ABE4C9A0-BBEB-4BA4-BCAF-50982DF45032}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F4E9BAE7-11E9-4457-9367-2D297456093F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2FF99247-3D1A-4100-9C91-B62BF7A29EDE}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{F97D8E2D-0D85-47D8-A1ED-4312164571A8}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Graviteam Tactics Operation Star\starter.exe
FirewallRules: [{1F2CD0F0-9D78-4991-93E2-4CAC962F5993}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{9665F274-E12D-479C-892D-DED6AACB8EC6}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A48A080-E8CE-48E9-8870-19D099A7BB48}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{EE3F296C-20C8-4481-9259-E96AF41D9210}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{F3BDC4CE-09F0-4B6B-AADA-8433B44D8C48}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{DD967720-A505-4A03-AB01-5E28F690D581}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{2134553F-60B9-4A6F-BE40-6476FF122012}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{124204E2-2440-4C3E-AFBA-687ED0A10DD3}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{6CD9EA87-4346-4DC2-9436-766EF704371F}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{D773CF05-81FD-4946-B5DF-8DC702470628}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{47D8A7BC-BB55-46F4-847A-4C0A80C0FF3B}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C2D8725A-E936-4D61-8A97-2EE36FBF607E}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{76A16BF0-2535-43EE-AF51-470D66DBD8DB}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{23FF5B09-6085-4895-A10C-317E3A328A63}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{72AFA9A7-7EA2-4BFE-B4F9-7D0FAF3A6D57}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FCC03A1B-03CF-4BEA-91A2-E03C6FE794BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B37515D0-0248-49C0-A81D-93666DC4AF7B}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E96B7DB4-85CA-4C18-93C2-1B81DABA92DC}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{885685D8-B0BE-40AE-AD73-486B0C381C07}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6F80B370-1CFE-461C-A1D6-396B0DE93DD3}] => (Allow) D:\AgeofEmpires Online\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
==================== Wiederherstellungspunkte =========================
12-11-2016 12:48:22 Installed AVG 2016
12-11-2016 12:49:58 Installed AVG
19-11-2016 16:30:02 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
19-11-2016 17:03:22 Windows Update
01-12-2016 04:40:03 Geplanter Prüfpunkt
11-12-2016 00:49:11 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
11-12-2016 00:50:00 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
11-12-2016 00:50:23 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
11-12-2016 00:51:34 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
13-12-2016 16:26:51 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:28:22 Microsoft Visual C++ 2005 Redistributable wird installiert
13-12-2016 16:30:54 DirectX wurde installiert
14-12-2016 13:45:34 Windows Update
29-12-2016 19:58:16 Removed AVG
29-12-2016 20:04:08 Removed AVG 2016
30-12-2016 15:32:30 Windows Update
30-12-2016 18:11:46 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/02/2017 05:01:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2016 06:09:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2016 06:00:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2016 03:26:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/29/2016 08:07:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/29/2016 07:53:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/29/2016 06:18:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/28/2016 10:04:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1d78
Startzeit: 01d2614814a8d107
Endzeit: 138
Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (12/28/2016 07:57:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1dd4
Startzeit: 01d2613b939ec2d6
Endzeit: 3
Anwendungspfad: C:\Windows\system32\mmc.exe
Berichts-ID: 7e760e4b-cd2f-11e6-b90a-bc5ff4450f04
Error: (12/28/2016 07:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b54
Startzeit: 01d2613a25a06fee
Endzeit: 186
Anwendungspfad: D:\AgeofEmpires Online\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Systemfehler:
=============
Error: (12/30/2016 11:28:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (12/30/2016 11:28:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (12/30/2016 06:13:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/30/2016 06:07:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (12/30/2016 05:57:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/30/2016 05:57:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/30/2016 05:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/30/2016 05:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/30/2016 05:57:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Vodafone-Mobile-Broadband-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/30/2016 05:57:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2012-10-13 16:48:13.632
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-13 16:48:13.621
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-13 16:48:13.337
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-13 16:48:13.328
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8079.21 MB
Verfügbarer physikalischer RAM: 5904.31 MB
Summe virtueller Speicher: 16156.6 MB
Verfügbarer virtueller Speicher: 13849.92 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:150.98 GB) (Free:29.51 GB) NTFS
Drive d: () (Fixed) (Total:176.27 GB) (Free:28.8 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 429D211B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=176.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================
Wenn ich mir so den Log anschaue sieht es schon ein bisschen komisch aus. An der Hard oder Software habe ich jedenfalls nichts mehr getan. |
|
02.01.2017, 20:40
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: PC ist auffällig langsamer Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2017, 21:27
| #13 |
| | Windows 7: PC ist auffällig langsamer Schritt 1 keine Ergebnisse, ist etwas kurz ist das so richtig? Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.01.2017 Suchlaufzeit: 12:04 Protokolldatei: Malwarebytes Anti-Malware .txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.01.03.05 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Lauritz Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 297422 Abgelaufene Zeit: 29 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 Die 2 infizierten Dateien wurden entfernt und ersetzt. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0ff1021345763445a4789e712e1c73f9
# end=init
# utc_time=2017-01-03 11:55:38
# local_time=2017-01-03 12:55:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31940
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0ff1021345763445a4789e712e1c73f9
# end=updated
# utc_time=2017-01-03 11:59:09
# local_time=2017-01-03 12:59:09 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0ff1021345763445a4789e712e1c73f9
# engine=31940
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-03 03:20:39
# local_time=2017-01-03 04:20:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 352053 235086689 0 0
# scanned=848055
# found=2
# cleaned=0
# scan_time=12089
sh=92B359D33855BF27D6F0C1F58510D7B493A1162B ft=1 fh=4d6af7cbc920e55f vn="Variante von Win32/LoadTubes.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ewaxkbbcewhlyczptnxrljzwvzgbzreq\uninstall.exe"
sh=F210BF96111D55D0CA93981B1499C0B77CD4D326 ft=1 fh=8088520b93b220b0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lauritz\Downloads\Raccoon - CHIP-Installer.exe"
Update Init
Update Download
Update Finalize
Updated modules version: 31942
Code:
ATTFilter Results of screen317's Security Check version 1.009 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File DH Driver Cleaner Professional Edition Adobe Flash Player 21.0.0.182 Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
03.01.2017, 21:49
| #14 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: PC ist auffällig langsamerZitat:
Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen Zitat:
Adobe Reader: Verwende stattdessen lieber PDF-X-Change Viewer; der interne PDF-Betrachter vom Firefox reicht meist auch aus. Flash Player: Was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen; in dem Teil werden ständig neue dicke Sicherheitslücken gefunden - für YT reicht meistens HTML5 aus, das ist der Standardplayer wenn der Flash Player inaktiv oder nicht installiert ist; für spezielle Browsergames kann es aber sein, dass du den Flash Player brauchst. Nutze Flash so sparsam wie möglich und wenn dann immer aktuell halten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.01.2017, 13:05
| #15 |
| | Windows 7: PC ist auffällig langsamer Hallo cosinus, den Flash Player und Adobe bin ich los geworden, der Chip-Installer ist aber nicht zu finden. Wo kann ich den denn aus meinem Download Ordner löschen bzw. das Programm wenn ich es ausversehen installiert habe? |
|
| Themen zu Windows 7: PC ist auffällig langsamer |
| antivirus, cpu-z, defender, desktop, explorer, fehler, firewall, flash player, internet, internet explorer, launch, log, opera, pixel, problem gelöst, proxy, registry, scan, schließen, software, suche, temp, trojaner, trojaner board, udp, usb, viren, windows |
Linear-Darstellung
