Brwoser befall!

Erwin80 · 15.01.2017, 08:53

hilfe holt mich hier raus.
nein mal ganz ehrlich mein Moziller ist als einziger browser der, der noch spinnt und skriptfehler hat, daher frage ich wer mir helfen würde diesen Fehler zu Eliminieren.

M-K-D-B · 15.01.2017, 13:32

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Welche Skriptfehler sind das genau? Wie lauten sie?

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Erwin80 · 15.01.2017, 21:50

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Erwin (Administrator) auf Erwin-PC (15-01-2017 21:42:32)
Gestartet von E:\Download´s
Geladene Profile: Erwin (Verfügbare Profile: Erwin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "E:\Programme\FireFox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Programme\FireFox\firefox.exe
(Mozilla Corporation) E:\Programme\FireFox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\Bluestacks.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
(Bluestack System Inc. ) C:\Program Files (x86)\Bluestacks\BstkSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {579bb393-5884-11e6-b2a6-806e6f6e6963} - V:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {879de627-7672-11e6-9748-010101010000} - L:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {ae577840-6517-11e6-9168-806e6f6e6963} - L:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-08-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-12-23]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-12-23]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2017-01-14]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
Tcpip\..\Interfaces\{00ECA228-DA30-4653-8611-243CD66FBCB1}: [DhcpNameServer] 62.117.1.25 89.16.129.25

Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zt6rzefm.default
FF ProfilePath: C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default [2017-01-15]
FF Extension: (Ghostery) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\firefox@ghostery.com.xpi [2017-01-10]
FF Extension: (AdBlock for Firefox) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-01-10]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2017-01-10]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-01-10]
FF Extension: (Adblock Plus) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> E:\Programme\VLC Player\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-23] ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2015-07-15] ( )
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNRD -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3372468986-2828329476-3420813562-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Erwin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-10-26] (RocketLife, LLP)
StartMenuInternet: FIREFOX.EXE - E:\Programme\FireFox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://www.facebook.com/
CHR Profile: C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Präsentationen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-03]
CHR Extension: (Google Docs) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-03]
CHR Extension: (Google Drive) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-03]
CHR Extension: (YouTube) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-03]
CHR Extension: (Google Tabellen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-03]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2016-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-04]
CHR Extension: (Ghostery) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-01-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-03]
CHR Extension: (Google Mail) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-08] (BlueStack Systems, Inc.)
R3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-08] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3020992 2016-12-28] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2016-11-16] (ESET)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-08-02] (Nitro Software, Inc.)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2119176 2017-01-10] (Electronic Arts)
S4 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2181648 2017-01-10] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 TDslMgrService; E:\Telekom netzmanager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]
S4 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [X]
S2 IAStorDataMgrSvc; "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-08] (BlueStack Systems)
R3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-06] (Bluestack System Inc. )
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-16] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199304 2016-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-16] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153216 2016-11-16] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208520 2016-11-16] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61568 2016-11-16] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84616 2016-11-16] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mt7612US; C:\Windows\System32\DRIVERS\mt7612US.sys [376200 2015-12-08] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-08-18] (Duplex Secure Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2016-12-20] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [205440 2016-12-20] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135824 2016-08-16] (Oracle Corporation)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
U3 ajd03b3x; C:\Windows\System32\Drivers\ajd03b3x.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-15 21:42 - 2017-01-15 21:42 - 00000000 ____D C:\FRST
2017-01-14 11:56 - 2017-01-14 11:56 - 00000000 ____D C:\Users\Erwin\Desktop\German_TOP50_ODC_08_01_2017-NoGroup
2017-01-13 23:11 - 2017-01-13 23:12 - 00000000 ____D C:\AdwCleaner
2017-01-13 15:11 - 2017-01-13 15:18 - 00000000 ____D C:\Users\Erwin\Desktop\VBG Scann
2017-01-13 09:34 - 2017-01-13 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-13 09:34 - 2016-12-20 16:32 - 00959720 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-01-12 23:16 - 2017-01-12 23:16 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-01-12 23:15 - 2017-01-12 23:15 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign4d58a7635e3dbb77
2017-01-12 23:15 - 2017-01-12 23:15 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign221877eeaeaf8d12
2017-01-12 22:23 - 2017-01-12 22:23 - 123217752 _____ (Oracle Corporation) C:\Users\Erwin\Desktop\VirtualBox-5.1.12-112440-Win.exe
2017-01-11 23:15 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 23:15 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 23:15 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 23:15 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 23:15 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 23:15 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 23:15 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 23:15 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-11 23:15 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-01-11 23:15 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-01-11 23:15 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-11 23:15 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-01-11 23:15 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-11 23:15 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-01-11 23:15 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-11 23:15 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-11 23:15 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-11 23:15 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-11 23:15 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-11 23:15 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-11 23:15 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-11 23:15 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-11 23:15 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-11 23:15 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-11 23:15 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-11 23:15 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-11 23:15 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-11 23:15 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-11 23:15 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-11 23:15 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-11 23:15 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-11 23:15 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-11 23:15 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-11 23:15 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-01-11 23:15 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-11 23:15 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-11 23:15 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-11 23:15 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-11 23:15 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-11 23:15 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-01-11 23:15 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-01-11 23:15 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-01-11 23:15 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-01-11 23:15 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-11 23:15 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-01-11 23:15 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-01-11 23:15 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-01-11 23:15 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-01-11 23:15 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-01-11 23:15 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-01-11 23:15 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-11 23:15 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-11 23:15 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-11 23:15 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-11 23:15 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-01-11 23:15 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-01-11 23:15 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-01-11 23:15 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-01-11 23:15 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-01-11 23:15 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-01-11 23:15 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-01-11 23:15 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-11 23:15 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-01-11 23:15 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-01-11 23:15 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-11 23:15 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-01-11 23:15 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-01-11 23:15 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-11 23:15 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-01-11 23:15 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-11 23:15 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-11 23:15 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-01-11 23:15 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-01-11 23:15 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-01-11 23:15 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-01-11 23:15 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-01-11 23:15 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-01-11 23:15 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-01-11 23:15 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-01-11 23:15 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-01-11 23:15 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-11 23:15 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-01-11 23:15 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-11 23:15 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-01-11 23:15 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-01-11 23:15 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-01-11 23:15 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-01-11 23:15 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-01-11 23:15 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-01-11 23:15 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-01-11 23:15 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-01-11 23:15 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-11 23:15 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-01-11 23:15 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-01-11 23:15 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-01-11 23:15 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-01-11 23:15 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-01-11 23:15 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-01-11 23:15 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-01-11 23:15 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-01-11 23:15 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-01-11 23:15 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-01-11 23:15 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-11 23:15 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-01-11 23:15 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-01-11 23:15 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-11 23:15 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-01-11 23:15 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-01-11 23:15 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-01-11 23:15 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-01-11 23:15 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-01-11 23:15 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-01-11 23:15 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-11 23:15 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-11 23:15 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-01-11 23:15 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-01-11 23:15 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-01-11 23:15 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-01-11 23:15 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-01-11 23:15 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-01-11 23:15 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-01-11 23:15 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-01-11 23:15 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-01-11 23:14 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 23:14 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 23:14 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-01-11 23:14 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-01-11 23:14 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-01-11 23:14 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-01-11 23:14 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-01-11 23:14 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-01-11 23:14 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-11 13:17 - 2017-01-11 13:17 - 00000000 ____D C:\76ea8cfdd36d8314a963d25ddabd2c
2017-01-11 13:15 - 2017-01-11 13:15 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-01-11 13:14 - 2017-01-11 13:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-11 12:14 - 2017-01-11 12:14 - 00000000 ____D C:\cdfbc0959e2da9c6b73af7e1b5d0
2017-01-11 11:23 - 2017-01-11 11:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-11 11:10 - 2017-01-11 11:10 - 00000000 ____D C:\71eb7f0b421421d252a1
2017-01-11 11:05 - 2017-01-11 13:32 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-11 10:53 - 2017-01-11 10:53 - 01017572 _____ C:\Users\Erwin\Desktop\o15-ctrremove.diagcab
2017-01-10 13:21 - 2017-01-10 14:43 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\AbiSuite
2017-01-10 13:21 - 2017-01-10 13:21 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2017-01-10 13:21 - 2017-01-10 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2017-01-10 11:40 - 2017-01-10 11:40 - 00058696 _____ C:\Users\Erwin\Desktop\cc_20170110_114048.reg
2017-01-10 11:24 - 2017-01-11 13:33 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-10 00:33 - 2017-01-10 00:33 - 18309328 _____ (Microsoft Corporation) C:\Users\Erwin\Downloads\MediaCreationTool.exe
2017-01-10 00:20 - 2017-01-10 00:21 - 162179096 _____ (EPC Consulting und Software GmbH) C:\Users\Erwin\Downloads\Duden_Korrektor_Microsoft_Office_12.1.exe
2017-01-08 15:07 - 2017-01-08 15:07 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignf0dd2df0aa6e3a47
2017-01-08 14:59 - 2017-01-08 14:59 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc94718ec7d481d3d
2017-01-08 14:59 - 2017-01-08 14:59 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc4538462b2111533
2017-01-07 14:08 - 2017-01-07 14:08 - 00000000 ____D C:\Windows\ERUNT
2017-01-05 15:48 - 2017-01-05 16:37 - 00000000 ____D C:\Users\Erwin\Desktop\OMI-Me_4_U-2015-C4
2017-01-05 00:09 - 2017-01-05 00:09 - 00000000 ____D C:\Users\Erwin\Documents\MAGIX Downloads
2017-01-04 23:42 - 2017-01-05 00:14 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\MAGIX
2017-01-04 23:42 - 2017-01-04 23:42 - 00000000 ____D C:\Users\Erwin\Documents\MAGIX_MusicEditor
2017-01-04 23:42 - 2017-01-04 23:42 - 00000000 ____D C:\Users\Erwin\AppData\Local\Xara
2017-01-04 23:41 - 2017-01-05 00:09 - 00000000 ___RD C:\Users\Erwin\Documents\MAGIX
2017-01-04 23:40 - 2017-01-06 14:48 - 00000000 ____D C:\ProgramData\MAGIX
2017-01-04 23:40 - 2017-01-04 23:40 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd8c771ac2ceaf7b5
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc751790f82222218
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignaf059cf210f1b4e8
2017-01-04 13:32 - 2017-01-04 20:57 - 00000000 ____D C:\Users\Erwin\Desktop\German TOP50 01.01.2017
2017-01-03 16:55 - 2017-01-09 11:20 - 00000000 ____D C:\Users\Erwin\Desktop\Alte Firefox-Daten
2017-01-03 16:52 - 2017-01-15 21:34 - 00000000 ____D C:\Users\Erwin\AppData\LocalLow\Mozilla
2017-01-03 16:48 - 2017-01-03 16:48 - 00243552 _____ C:\Users\Erwin\Desktop\Firefox Setup Stub 50.1.0.exe
2016-12-29 18:32 - 2016-12-29 18:32 - 00000778 _____ C:\Users\Erwin\Desktop\Start Tor Browser.lnk
2016-12-29 18:32 - 2016-12-29 18:32 - 00000778 _____ C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-12-29 00:39 - 2016-12-29 00:40 - 00000000 ____D C:\Users\Erwin\Documents\Ableton
2016-12-28 23:27 - 2017-01-04 19:23 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-28 23:26 - 2016-12-29 00:44 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Ableton
2016-12-28 23:26 - 2016-12-28 23:26 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-12-28 21:37 - 2016-12-28 21:37 - 00000000 ____D C:\de63200890cbf850afd3c700889515
2016-12-27 10:18 - 2016-12-27 10:23 - 00000000 ____D C:\Users\Erwin\Desktop\Wohnung Friedrich-Wolf-Str. 4
2016-12-25 14:18 - 2016-12-25 14:18 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsigne5366bf2748e4ffd
2016-12-25 14:18 - 2016-12-25 14:18 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd715b855f746097e
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ____D C:\ProgramData\T-Online
2016-12-23 11:29 - 2007-09-12 17:24 - 00041024 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\DslTestSp5a64.sys
2016-12-23 11:28 - 2016-12-23 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager
2016-12-23 11:28 - 2007-08-01 14:49 - 00019008 _____ (T-Systems Enterprise Services GmbH) C:\Windows\system32\Drivers\dslmnlwf.sys
2016-12-23 10:48 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Erwin\AppData\Local\Chromium
2016-12-23 10:38 - 2016-12-23 10:39 - 00000000 ____D C:\Users\Erwin\Desktop\Schloss konflikt
2016-12-22 12:41 - 2016-12-22 12:41 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd1d326e19262b78c
2016-12-22 12:41 - 2016-12-22 12:41 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign32dc2236ae449d67
2016-12-22 11:59 - 2016-12-22 11:59 - 00000000 ____D C:\Users\Erwin\Desktop\Becca handy lieder
2016-12-20 22:19 - 2016-12-20 22:19 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-20 16:31 - 2016-12-20 16:31 - 00205440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-12-20 16:30 - 2016-12-20 16:30 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-12-19 21:38 - 2016-12-19 21:42 - 00352256 _____ C:\Users\Erwin\Documents\Database1.accdb
2016-12-19 15:43 - 2016-12-19 20:51 - 00249684 _____ C:\Users\Erwin\Desktop\Schichtplan Utti 36h Woche.xlsx
2016-12-17 22:07 - 2016-12-17 22:07 - 00153539 _____ C:\Users\Erwin\Desktop\paper-535960_960_720 Probe1 Wasserzeichen.jpg
2016-12-17 21:27 - 2016-12-17 21:27 - 00205681 _____ C:\Users\Erwin\Desktop\paper-535960_960_720 Probe.jpg
2016-12-17 21:26 - 2016-12-17 21:26 - 05894324 _____ C:\Users\Erwin\Desktop\paper-535960_960_720 Probe.psd
2016-12-17 21:26 - 2016-12-17 21:26 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignfc68dddba1b67432
2016-12-17 21:21 - 2016-12-17 21:21 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignfce5d7898ded0240
2016-12-17 21:21 - 2016-12-17 21:21 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignefc6498f3d192f4f
2016-12-17 21:21 - 2016-12-17 21:21 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignba106bc5e48e560a
2016-12-17 21:19 - 2016-12-17 21:19 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignfb4c5680568b1c8f
2016-12-17 21:19 - 2016-12-17 21:19 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignb6fcd28f5f457492
2016-12-17 21:14 - 2016-12-17 21:14 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignfba89f7db43a07d2
2016-12-17 21:14 - 2016-12-17 21:14 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignee672a68e77a45d9
2016-12-17 21:14 - 2016-12-17 21:14 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign253fb9ae04d1d142
2016-12-16 19:59 - 2016-12-16 20:00 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-16 19:59 - 2016-12-16 19:59 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-16 19:58 - 2016-12-16 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-12-16 19:52 - 2016-12-16 20:00 - 00000000 ____D C:\Users\Erwin\Documents\Rockstar Games
2016-12-16 19:52 - 2016-12-16 19:52 - 00000000 ____D C:\Users\Erwin\AppData\Local\Rockstar Games

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-15 21:39 - 2009-07-14 05:45 - 00033392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-15 21:39 - 2009-07-14 05:45 - 00033392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-15 21:37 - 2009-07-14 18:58 - 00702266 _____ C:\Windows\system32\perfh007.dat
2017-01-15 21:37 - 2009-07-14 18:58 - 00150664 _____ C:\Windows\system32\perfc007.dat
2017-01-15 21:37 - 2009-07-14 06:13 - 01623690 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-15 21:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-15 21:33 - 2016-10-30 22:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-15 21:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-15 08:47 - 2016-08-03 19:29 - 00000000 ____D C:\Users\Erwin\AppData\Local\Adobe
2017-01-15 08:41 - 2016-08-02 10:41 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-01-14 12:48 - 2016-08-02 15:43 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Origin
2017-01-14 12:41 - 2016-08-04 08:06 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\GanymedeNet
2017-01-14 08:53 - 2016-08-02 15:42 - 00000000 ____D C:\ProgramData\Origin
2017-01-13 23:11 - 2016-09-22 07:24 - 00000000 ____D C:\Users\Erwin\AppData\Local\CrashDumps
2017-01-13 23:10 - 2016-08-02 10:02 - 00000000 ____D C:\Users\Erwin\Desktop\Trojaner-Software
2017-01-13 09:38 - 2016-08-02 10:01 - 00000000 ___RD C:\Users\Erwin\Desktop\Spiele
2017-01-13 09:35 - 2016-08-17 22:32 - 00000000 ____D C:\Users\Erwin\.VirtualBox
2017-01-12 23:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 22:42 - 2016-08-02 08:54 - 00000000 ____D C:\Users\Erwin
2017-01-12 22:39 - 2016-08-06 10:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-12 22:37 - 2016-08-02 09:37 - 00000000 ____D C:\Program Files (x86)\Intel
2017-01-12 22:33 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-12 22:31 - 2016-09-14 19:57 - 00000000 ____D C:\Program Files\OBS
2017-01-12 22:25 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2017-01-12 07:00 - 2009-07-14 05:45 - 05121752 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 00:09 - 2016-08-02 09:00 - 01600778 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-01-12 00:07 - 2016-08-02 20:17 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 00:05 - 2010-06-24 10:52 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2017-01-11 23:43 - 2016-09-14 12:23 - 00613376 _____ C:\Users\Erwin\Desktop\Patrick _September.xls
2017-01-11 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-11 13:19 - 2016-08-03 20:27 - 00002180 _____ C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-01-11 13:19 - 2016-08-02 13:55 - 00000000 ___RD C:\Users\Erwin\OneDrive
2017-01-11 13:17 - 2016-11-17 09:30 - 00000000 ___HT C:\Windows\wusa.lock
2017-01-11 12:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-11 10:59 - 2016-09-22 07:24 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-11 10:58 - 2016-08-02 19:43 - 00000000 ____D C:\Users\Erwin\AppData\Local\ElevatedDiagnostics
2017-01-11 10:27 - 2016-08-09 20:04 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Skype
2017-01-10 12:13 - 2016-08-12 22:15 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Nitro
2017-01-10 12:06 - 2016-08-02 10:20 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Mozilla
2017-01-10 12:06 - 2016-08-02 10:20 - 00000000 ____D C:\Users\Erwin\AppData\Local\Mozilla
2017-01-10 00:32 - 2016-08-02 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-10 00:10 - 2016-08-17 22:33 - 00000000 ____D C:\Users\Erwin\VirtualBox VMs
2017-01-07 18:45 - 2016-08-04 08:05 - 00000000 ____D C:\Program Files (x86)\Ganymede
2017-01-06 19:23 - 2016-12-15 15:38 - 00000000 ____D C:\ProgramData\Gaijin
2017-01-06 19:22 - 2016-08-12 05:42 - 00000000 ____D C:\Users\Erwin\AppData\Local\Ubisoft Game Launcher
2017-01-06 14:45 - 2016-10-30 22:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-01-05 16:36 - 2016-08-03 20:43 - 00000000 ____D C:\Users\Erwin\AppData\LocalLow\Temp
2017-01-05 14:58 - 2016-11-17 23:05 - 00000000 ____D C:\Users\Erwin\Desktop\Hochzeit Becca & Erwin
2017-01-05 00:37 - 2016-08-02 08:55 - 00150696 _____ C:\Users\Erwin\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-04 23:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2017-01-02 17:16 - 2016-11-01 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-28 21:18 - 2016-08-02 20:58 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\TeamViewer
2016-12-23 12:49 - 2016-08-02 08:54 - 00000000 ____D C:\Users\Erwin\AppData\Local\VirtualStore
2016-12-23 11:29 - 2016-08-02 08:54 - 00000000 ___RD C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 11:28 - 2016-08-02 09:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-23 10:48 - 2016-08-12 06:39 - 00000000 ____D C:\Users\Erwin\AppData\Local\Steam
2016-12-23 10:42 - 2016-08-02 10:00 - 00000000 ____D C:\Users\Erwin\Desktop\Dokumente Erwin & Becca Handy
2016-12-23 10:39 - 2016-12-06 10:56 - 00000000 ____D C:\Users\Erwin\Desktop\Anwalt VBG Knie Links
2016-12-20 23:12 - 2003-03-30 16:28 - 00095232 _____ () C:\Users\Erwin\Desktop\IC_annocheat104.exe
2016-12-20 16:30 - 2016-09-11 10:42 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-12-19 22:05 - 2016-08-02 10:02 - 00000000 ____D C:\Users\Erwin\Desktop\Vip Verkehrsunternehmen
2016-12-19 21:38 - 2016-08-02 08:54 - 00000000 ___SD C:\Users\Erwin\AppData\Roaming\Microsoft
2016-12-17 10:54 - 2016-11-03 11:48 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:54 - 2016-11-03 11:48 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 10:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Tasks
2016-12-16 19:59 - 2016-08-02 08:54 - 00000000 ___HD C:\Users\Erwin\AppData

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-02 09:50 - 2016-08-02 09:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-13 18:57

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Erwin (15-01-2017 21:42:50)
Gestartet von E:\Download´s
Windows 7 Professional Service Pack 1 (X64) (2016-08-02 07:52:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3372468986-2828329476-3420813562-500 - Administrator - Disabled)
Gast (S-1-5-21-3372468986-2828329476-3420813562-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3372468986-2828329476-3420813562-1002 - Limited - Enabled)
Erwin (S-1-5-21-3372468986-2828329476-3420813562-1000 - Administrator - Enabled) => C:\Users\Erwin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: ESET Smart Security 9.0.408.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.50.6271 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.3 - Broadcom Corporation)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )
ESET Smart Security (HKLM\...\{A6F36CF6-73C0-454D-A95C-5613B146B3D4}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
FIFA 17 DEMO (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts)
GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.9.1.1 - Eastman Kodak Company)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nitro Reader 5 (HKLM\...\{2C5E29B1-314E-4FB0-A2F0-1A8AE7C64536}) (Version: 5.5.9.2 - Nitro)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenTTD 1.6.0 (HKLM-x32\...\OpenTTD) (Version: 1.6.0 - OpenTTD)
Oracle VM VirtualBox 5.1.12 (HKLM\...\{C212962C-71C4-4D9F-B8E0-D2CD00C8B8FE}) (Version: 5.1.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\PrintProjects) (Version: 1.0.0.22142 - RocketLife Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Erwin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_3\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\Windows\system32\igfxEM.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A180622-138A-4E02-B7BD-C533E09CA20D} - System32\Tasks\AdobeAAMUpdater-1.0-Erwin-PC-Erwin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {0FDE99B9-CB3D-40B7-BFB8-0B3635067196} - System32\Tasks\{52FBD96F-0634-4871-A92C-532DBCA30A17} => pcalua.exe -a C:\Users\Erwin\Desktop\OInstall.exe -d C:\Users\Erwin\Desktop
Task: {111B498F-DE5F-4862-8DE3-BC2C2B071589} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {1FE4C4B8-6234-41AC-A4D0-5A6CE7F9B7BB} - System32\Tasks\{D4FFACDD-9517-4AA8-902C-55D8FF274B79} => pcalua.exe -a E:\Download´s\FirmwareFlashLauncher.exe -d E:\Download´s
Task: {21A7F18D-AD88-49AE-8507-77770A3EF0A8} - System32\Tasks\{7F5601B7-248D-42BF-ACB5-C5AD91A35D3B} => pcalua.exe -a C:\Users\Erwin\Desktop\64\KB2779768_64\MSuSetup.exe -d C:\Users\Erwin\Desktop\64\KB2779768_64
Task: {2D0F8821-9F89-4330-BF24-758ACF013E59} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {63CA0A79-9850-48D7-AE8F-90F5274E830F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {6AD20159-38B4-4F9D-B178-43B3EBF1FCE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-03] (Google Inc.)
Task: {7EF6253C-F52A-4B9B-89CF-E507592D28AD} - System32\Tasks\{B4D3AA97-5062-49BE-928D-8EAE3BAE338F} => pcalua.exe -a E:\Download´s\FirmwareFlashLauncher(1).exe -d E:\Download´s
Task: {A07D970C-B40F-4BEA-858E-198D5CB01EE6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {B5C935A9-5C37-4457-86CB-0B4D6B24B044} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {B6FD41E6-0D4A-436C-B922-75823E6555F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {C19167BC-B8EE-4353-9213-1A6FECB45826} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-03] (Google Inc.)
Task: {DAF52731-8EC1-4B25-9628-C2C29E31F92C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DCE0FC36-2E0A-47F8-9810-AF01A160B27E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-23 22:29 - 2016-09-23 22:29 - 19588800 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
2016-09-17 08:35 - 2016-02-11 14:20 - 03378688 _____ () G:\Games\Bluestacks\Bluestacks\BluestacksGameManager\xulrunner-sdk\mozjs.dll
2016-09-17 08:33 - 2016-03-09 07:28 - 03306496 _____ () C:\Program Files (x86)\Bluestacks\libGLESv2.dll
2016-09-17 08:33 - 2016-03-09 07:28 - 00133120 _____ () C:\Program Files (x86)\Bluestacks\libEGL.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.117.1.25 - 89.16.129.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{D50E84CE-F0A3-4982-AB2E-53EDB5157FB4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22BFE914-FE40-4A43-9E35-62C3EF0E7D1B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F815EC64-1D71-4D31-AED9-4790890637A9}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B71657F-FC9B-4992-B317-8B89B58F8F34}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{667485FE-4A31-40F0-A114-BDBFA82E0939}] => G:\Steam Game\Steam.exe
FirewallRules: [{EC171D1D-4B4A-482B-9BE6-2C5182EDBE17}] => G:\Steam Game\Steam.exe
FirewallRules: [{02AA4018-36C2-405D-B90A-E1E08DE55242}] => G:\Steam Game\bin\steamwebhelper.exe
FirewallRules: [{7E3ED941-83BD-4F49-9972-0D23DA1954A9}] => G:\Steam Game\bin\steamwebhelper.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{37BC8809-6BED-4AA6-B121-5B9197434595}] => G:\Steam Game\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7B1B9810-CC38-46D2-9640-EFD419A2A27E}] => G:\Steam Game\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324F8606-34EB-4430-A007-451326AC7B74}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8596BB2D-70FD-4C2B-B215-151B37E3B607}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E23A9C43-7E31-4D96-82D8-E124DE0528FE}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09E5B1C8-8485-4E3E-88D6-069649335AA7}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2250172-51CA-4C9C-96CC-B135DFC618B5}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3818DE62-C42F-4667-A7C4-3B6F73403660}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8298C7FE-A5CF-4A71-8649-AD31823CF64D}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9DE4C7F5-EC7F-4C19-AE92-5DB265D69D46}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BE363FC-D3D2-4D40-BFB2-F6DB9D1936CD}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A64E27A6-139F-4169-9E6E-27CAFC2FC0E7}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{51D339E4-7AA3-455C-8B33-ADC0A39C2F18}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A05DD337-A473-45AB-847D-7229666BFFE2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8D7D9FC-815B-4751-8B74-F0E39B7DF5C8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2842E376-4236-484A-9F30-720B9FCE5BCC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1A618FF8-246C-4356-93C9-14B6780A4324}] => G:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{EE6A2E46-FD07-4937-B347-4B0BEFED3131}] => G:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{C566B15C-9957-42EC-97A6-AD17B355A414}] => LPort=9322
FirewallRules: [{7B2237A9-06A0-4820-ADEB-22C2EE723CBE}] => LPort=5353
FirewallRules: [{F0F507C5-784D-48DB-9C30-7DD033E9CB6C}] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{F6C9CB37-EC83-405C-9DC2-4F8AE89826CF}] => C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{15DCD263-9EAB-414F-AC12-FAA08CF00B4F}] => C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{794909E7-AF26-4D6D-B746-6E24725FABF4}] => C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{FD8D8B9D-1860-4C84-8308-40D41DCDFFFA}] => C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{6DBBBA87-3B1B-4D3E-B053-A2E86C08284B}] => G:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{6A26BEF7-F12E-4AB8-8D49-AD65497AC873}] => G:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{6210DDAB-7BFF-44AB-8184-5BCD0E45FC0D}] => LPort=80
FirewallRules: [{B086EF2B-C420-458A-A1FF-ABEED87DB972}] => LPort=443
FirewallRules: [{2E97F039-B399-4DBB-A671-04BD1F8E11F6}] => LPort=3216
FirewallRules: [{63026457-6171-4DED-8AE5-049D46C34467}] => LPort=18000
FirewallRules: [{9203F572-D973-4193-969D-F6CF18B561C1}] => LPort=18120
FirewallRules: [{E89BE0E4-9AD5-460E-9D25-FE241789647B}] => LPort=18060
FirewallRules: [{8259DA93-329F-4522-8FB7-5FC4B3EA5935}] => LPort=27900
FirewallRules: [{E3447003-B92B-4263-8333-696FDE05302E}] => LPort=29900
FirewallRules: [{F85B4469-3BA4-48DF-A154-ED1133916CAC}] => LPort=18000
FirewallRules: [{823569C6-BA5E-42BB-A56A-E77541871628}] => LPort=29900
FirewallRules: [{39CA125D-DCA0-4AB7-98F3-D3FB6DF121E2}] => G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{DD0725D5-A624-4000-850C-6B60AA83C4CB}] => G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{BFE90204-8330-4D17-811B-8486C7F37D6D}] => E:\Programme\ITunes\iTunes.exe
FirewallRules: [{0D6B3F25-AAD7-49F5-9D38-A8E89ED3B54C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F0C58E10-CA4A-4E8E-8749-A771B0005F3F}] => LPort=80
FirewallRules: [{77F616BF-3AB4-44FC-BE29-02DE8E33B4D3}] => LPort=443
FirewallRules: [{13B3B28B-6875-48F9-BB7A-AFEB502C3A0F}] => LPort=20010
FirewallRules: [{DA6BE6AE-5F07-4CC2-A485-DCC697580CF1}] => LPort=3478
FirewallRules: [{1C19AA7B-2679-4C0D-90E1-6A150B93391F}] => LPort=7850
FirewallRules: [{0C37499C-88DF-403C-A7BF-C5EE0B5EB5A3}] => LPort=7852
FirewallRules: [{98892FFC-F835-4703-BBA1-E54F76DD4EAD}] => LPort=7853
FirewallRules: [{919D2A0E-25B1-422E-B6DC-3371C1982864}] => LPort=27022
FirewallRules: [{EC3BF2F6-D646-43C6-B625-604DADD7B62C}] => LPort=6881
FirewallRules: [{43D406D2-C4CA-43C7-8E9F-698051001913}] => LPort=33333
FirewallRules: [{8892625B-CF9B-440A-A5BA-DC92C9902456}] => LPort=20443
FirewallRules: [{994AC187-7210-482D-85F5-BBA5FB9F76F3}] => LPort=8090
FirewallRules: [{B85A6748-17D3-4462-BA5B-7148E9F94616}] => G:\Steam Game\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C58645F2-CC20-400D-A927-D480F1B6A348}] => G:\Steam Game\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F8C50A2-D98E-4F6A-87B5-71306C8B7FBE}] => G:\Steam Game\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{D56DE574-7518-4601-AA2E-84C5201141F6}] => G:\Steam Game\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{65967735-9065-40C8-B8AF-6384A4AA740F}] => E:\Programme\FireFox\firefox.exe
FirewallRules: [{CEE04512-58D3-44B5-B6DE-F61A997A0207}] => E:\Programme\FireFox\firefox.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/13/2017 03:13:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f70

Startzeit: 01d26da64cd68ffb

Endzeit: 5

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 7bd651ac-d99a-11e6-8e6a-010101010000

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.

Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))


Systemfehler:
=============
Error: (01/15/2017 09:33:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/15/2017 11:13:14 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/15/2017 08:36:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/14/2017 11:53:28 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/14/2017 10:36:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/14/2017 06:48:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/14/2017 05:19:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/13/2017 07:10:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/13/2017 06:57:23 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a44\SystemRoot\System32\Config\RegBack\SOFTWARE

Error: (01/13/2017 03:13:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 16276.84 MB
Verfügbarer physikalischer RAM: 11159.06 MB
Summe virtueller Speicher: 32551.86 MB
Verfügbarer virtueller Speicher: 26778.57 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:3.2 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: () (Fixed) (Total:926.44 GB) (Free:196.23 GB) NTFS
Drive f: (Musik) (Fixed) (Total:936.58 GB) (Free:85.26 GB) NTFS
Drive g: (Games) (Fixed) (Total:2794.39 GB) (Free:2664.85 GB) NTFS
Drive k: (DEW95_FULL) (CDROM) (Total:0.56 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 75F281A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)
Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Erwin80 · 15.01.2017, 21:58

Code:

ATTFilter

21:43:28.0936 0x1680  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:43:52.0830 0x1680  ============================================================
21:43:52.0830 0x1680  Current date / time: 2017/01/15 21:43:52.0830
21:43:52.0830 0x1680  SystemInfo:
21:43:52.0830 0x1680  
21:43:52.0830 0x1680  OS Version: 6.1.7601 ServicePack: 1.0
21:43:52.0830 0x1680  Product type: Workstation
21:43:52.0830 0x1680  ComputerName: Erwin-PC
21:43:52.0830 0x1680  UserName: Erwin
21:43:52.0830 0x1680  Windows directory: C:\Windows
21:43:52.0830 0x1680  System windows directory: C:\Windows
21:43:52.0830 0x1680  Running under WOW64
21:43:52.0830 0x1680  Processor architecture: Intel x64
21:43:52.0830 0x1680  Number of processors: 8
21:43:52.0830 0x1680  Page size: 0x1000
21:43:52.0830 0x1680  Boot type: Normal boot
21:43:52.0830 0x1680  CodeIntegrityOptions = 0x00000001
21:43:52.0830 0x1680  ============================================================
21:43:56.0346 0x1680  KLMD registered as C:\Windows\system32\drivers\74398055.sys
21:43:56.0347 0x1680  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
21:43:56.0507 0x1680  System UUID: {91BD891E-1715-C74A-39C4-04E1DA4CFF87}
21:43:56.0975 0x1680  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:43:56.0976 0x1680  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:43:57.0036 0x1680  Drive \Device\Harddisk6\DR6 - Size: 0x1D1C1115800 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:43:57.0039 0x1680  ============================================================
21:43:57.0039 0x1680  \Device\Harddisk0\DR0:
21:43:57.0040 0x1680  MBR partitions:
21:43:57.0040 0x1680  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:43:57.0040 0x1680  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
21:43:57.0040 0x1680  \Device\Harddisk1\DR1:
21:43:57.0040 0x1680  GPT partitions:
21:43:57.0040 0x1680  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BE90CE78-FC1F-450F-B391-F134042E3D78}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
21:43:57.0040 0x1680  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2633F0BA-E60D-403D-AA2A-4D4D43E4F317}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
21:43:57.0040 0x1680  MBR partitions:
21:43:57.0040 0x1680  \Device\Harddisk6\DR6:
21:43:57.0040 0x1680  MBR partitions:
21:43:57.0040 0x1680  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x75127800
21:43:57.0040 0x1680  \Device\Harddisk6\DR6\Partition2: MBR, Type 0x7, StartLBA 0x75128000, BlocksNum 0x73CDF800
21:43:57.0040 0x1680  ============================================================
21:43:57.0042 0x1680  C: <-> \Device\Harddisk0\DR0\Partition2
21:43:57.0115 0x1680  F: <-> \Device\Harddisk6\DR6\Partition1
21:43:57.0117 0x1680  D: <-> \Device\Harddisk0\DR0\Partition1
21:43:57.0140 0x1680  G: <-> \Device\Harddisk1\DR1\Partition2
21:43:57.0214 0x1680  E: <-> \Device\Harddisk6\DR6\Partition2
21:43:57.0215 0x1680  ============================================================
21:43:57.0215 0x1680  Initialize success
21:43:57.0215 0x1680  ============================================================
21:44:20.0508 0x1444  ============================================================
21:44:20.0508 0x1444  Scan started
21:44:20.0508 0x1444  Mode: Manual; SigCheck; TDLFS; 
21:44:20.0508 0x1444  ============================================================
21:44:20.0508 0x1444  KSN ping started
21:44:32.0743 0x1444  KSN ping finished: true
21:44:33.0598 0x1444  ================ Scan system memory ========================
21:44:33.0598 0x1444  System memory - ok
21:44:33.0598 0x1444  ================ Scan services =============================
21:44:33.0637 0x1444  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:44:33.0671 0x1444  1394ohci - ok
21:44:33.0680 0x1444  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:44:33.0691 0x1444  ACPI - ok
21:44:33.0695 0x1444  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:44:33.0706 0x1444  AcpiPmi - ok
21:44:33.0723 0x1444  [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
21:44:33.0740 0x1444  AdobeUpdateService - ok
21:44:33.0751 0x1444  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:44:33.0763 0x1444  adp94xx - ok
21:44:33.0771 0x1444  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:44:33.0780 0x1444  adpahci - ok
21:44:33.0786 0x1444  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:44:33.0793 0x1444  adpu320 - ok
21:44:33.0798 0x1444  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:44:33.0816 0x1444  AeLookupSvc - ok
21:44:33.0826 0x1444  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
21:44:33.0840 0x1444  AFD - ok
21:44:33.0843 0x1444  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:44:33.0849 0x1444  agp440 - ok
21:44:33.0883 0x1444  [ 840E0468368EB5FD87371EF508D72ACF, 7E05854D29C24E9BBB27B038620C345E063FF3B8F1AE0FDA054BEDF842FB29A9 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:44:33.0922 0x1444  AGSService - ok
21:44:33.0927 0x1444  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:44:33.0934 0x1444  ALG - ok
21:44:33.0936 0x1444  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:44:33.0941 0x1444  aliide - ok
21:44:33.0943 0x1444  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:44:33.0948 0x1444  amdide - ok
21:44:33.0951 0x1444  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:44:33.0957 0x1444  AmdK8 - ok
21:44:33.0960 0x1444  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:44:33.0967 0x1444  AmdPPM - ok
21:44:33.0971 0x1444  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:44:33.0977 0x1444  amdsata - ok
21:44:33.0983 0x1444  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:44:33.0991 0x1444  amdsbs - ok
21:44:33.0993 0x1444  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:44:33.0998 0x1444  amdxata - ok
21:44:34.0004 0x1444  [ D46391F209DE0A98A97D1D1765F53438, 4D8C7D90BE3DB348ED4069CE3F4F403FCC6149D60B238E0B5DF9DCE4CF69C995 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
21:44:34.0012 0x1444  AMPPAL - ok
21:44:34.0017 0x1444  [ D46391F209DE0A98A97D1D1765F53438, 4D8C7D90BE3DB348ED4069CE3F4F403FCC6149D60B238E0B5DF9DCE4CF69C995 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
21:44:34.0024 0x1444  AMPPALP - ok
21:44:34.0027 0x1444  AMPPALR3 - ok
21:44:34.0031 0x1444  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
21:44:34.0038 0x1444  AppID - ok
21:44:34.0040 0x1444  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:44:34.0046 0x1444  AppIDSvc - ok
21:44:34.0049 0x1444  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
21:44:34.0055 0x1444  Appinfo - ok
21:44:34.0060 0x1444  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:44:34.0066 0x1444  Apple Mobile Device Service - ok
21:44:34.0073 0x1444  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:44:34.0082 0x1444  AppMgmt - ok
21:44:34.0086 0x1444  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:44:34.0091 0x1444  arc - ok
21:44:34.0095 0x1444  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:44:34.0101 0x1444  arcsas - ok
21:44:34.0126 0x1444  [ D2B5EB862E4CCD9713D6B9DE7BBCBB7B, 897DEE611A3CF7216E8F78033D2DB4055DE5FEC37FA665AE9E1163AF133C2526 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
21:44:34.0128 0x1444  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
21:44:35.0237 0x1444  Detect skipped due to KSN trusted
21:44:35.0237 0x1444  ASGT - ok
21:44:35.0265 0x1444  [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:44:35.0293 0x1444  aspnet_state - ok
21:44:35.0301 0x1444  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:44:35.0351 0x1444  AsyncMac - ok
21:44:35.0354 0x1444  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:44:35.0360 0x1444  atapi - ok
21:44:35.0372 0x1444  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:44:35.0389 0x1444  AudioEndpointBuilder - ok
21:44:35.0401 0x1444  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:44:35.0416 0x1444  AudioSrv - ok
21:44:35.0423 0x1444  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:44:35.0433 0x1444  AxInstSV - ok
21:44:35.0442 0x1444  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:44:35.0455 0x1444  b06bdrv - ok
21:44:35.0462 0x1444  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:44:35.0472 0x1444  b57nd60a - ok
21:44:35.0476 0x1444  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:44:35.0484 0x1444  BDESVC - ok
21:44:35.0486 0x1444  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:44:35.0503 0x1444  Beep - ok
21:44:35.0516 0x1444  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:44:35.0533 0x1444  BFE - ok
21:44:35.0547 0x1444  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:44:35.0583 0x1444  BITS - ok
21:44:35.0586 0x1444  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:44:35.0592 0x1444  blbdrive - ok
21:44:35.0603 0x1444  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:44:35.0614 0x1444  Bonjour Service - ok
21:44:35.0617 0x1444  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:44:35.0625 0x1444  bowser - ok
21:44:35.0628 0x1444  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:44:35.0637 0x1444  BrFiltLo - ok
21:44:35.0639 0x1444  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:44:35.0646 0x1444  BrFiltUp - ok
21:44:35.0651 0x1444  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:44:35.0659 0x1444  Browser - ok
21:44:35.0666 0x1444  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:44:35.0676 0x1444  Brserid - ok
21:44:35.0679 0x1444  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:44:35.0686 0x1444  BrSerWdm - ok
21:44:35.0688 0x1444  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:44:35.0695 0x1444  BrUsbMdm - ok
21:44:35.0697 0x1444  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:44:35.0704 0x1444  BrUsbSer - ok
21:44:35.0718 0x1444  [ 3C2B44729EB279FCC5582699E8922281, B21EE8CD526D0B360658F0ABD2027213957B5154946D55EAD09ED14451CFC81C ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
21:44:35.0734 0x1444  BstHdAndroidSvc - ok
21:44:35.0739 0x1444  [ 8181CDC414549F453E879A3D3D575DBC, 174BD61A581B8095CA6F3CB97ED2238A360270117CEF0EDDF06C3C190B8B0FB0 ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
21:44:35.0747 0x1444  BstHdDrv - ok
21:44:35.0755 0x1444  [ C062341653746EB2D429F5C288E24FA2, 395C5434F1CD02B9F91536FAA5DFD542704BAEE4CA78FD94D8D303BC54BDAB8C ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
21:44:35.0766 0x1444  BstHdLogRotatorSvc - ok
21:44:35.0775 0x1444  [ A0CC8145972577347800359AF7711536, B578C5C9C0F5F26E46E9F9008D8B148C258A2C6BFC58D1A37461CC44D54FFA74 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
21:44:35.0787 0x1444  BstHdPlusAndroidSvc - ok
21:44:35.0794 0x1444  [ 95820BAC50416203BAB1AA3B1D5C6ED5, 472A7ECE8F11597620D27EF37204AF42B92290C228B267B4AA3B5066F40B60CD ] BstkDrv         C:\Program Files (x86)\Bluestacks\BstkDrv.sys
21:44:35.0803 0x1444  BstkDrv - ok
21:44:35.0807 0x1444  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:44:35.0815 0x1444  BTHMODEM - ok
21:44:35.0820 0x1444  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:44:35.0839 0x1444  bthserv - ok
21:44:35.0840 0x1444  BTHSSecurityMgr - ok
21:44:35.0844 0x1444  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:44:35.0863 0x1444  cdfs - ok
21:44:35.0868 0x1444  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:44:35.0876 0x1444  cdrom - ok
21:44:35.0881 0x1444  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:44:35.0899 0x1444  CertPropSvc - ok
21:44:35.0902 0x1444  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:44:35.0910 0x1444  circlass - ok
21:44:35.0918 0x1444  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
21:44:35.0928 0x1444  CLFS - ok
21:44:35.0976 0x1444  [ 77469C0C4540C39D3C5BF29D8CEDFB32, CBA289465516E9E4972542048068C7E25840B55645605C8C3577D0364BC05441 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:44:36.0029 0x1444  ClickToRunSvc - ok
21:44:36.0038 0x1444  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:44:36.0044 0x1444  clr_optimization_v2.0.50727_32 - ok
21:44:36.0050 0x1444  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:44:36.0056 0x1444  clr_optimization_v2.0.50727_64 - ok
21:44:36.0071 0x1444  [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:44:36.0079 0x1444  clr_optimization_v4.0.30319_32 - ok
21:44:36.0083 0x1444  [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:44:36.0090 0x1444  clr_optimization_v4.0.30319_64 - ok
21:44:36.0093 0x1444  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:44:36.0099 0x1444  CmBatt - ok
21:44:36.0101 0x1444  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:44:36.0106 0x1444  cmdide - ok
21:44:36.0116 0x1444  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:44:36.0130 0x1444  CNG - ok
21:44:36.0133 0x1444  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:44:36.0138 0x1444  Compbatt - ok
21:44:36.0142 0x1444  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:44:36.0149 0x1444  CompositeBus - ok
21:44:36.0150 0x1444  COMSysApp - ok
21:44:36.0180 0x1444  [ 8492FA3B8E6C23805A61032A2C66FD54, 13248B60A1D119694DBAC464CCF0D534CD8ADC24329394F0E31D856746791DF5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:44:36.0189 0x1444  cphs - ok
21:44:36.0191 0x1444  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:44:36.0197 0x1444  crcdisk - ok
21:44:36.0202 0x1444  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:44:36.0211 0x1444  CryptSvc - ok
21:44:36.0221 0x1444  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:44:36.0234 0x1444  CSC - ok
21:44:36.0247 0x1444  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:44:36.0263 0x1444  CscService - ok
21:44:36.0274 0x1444  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:44:36.0300 0x1444  DcomLaunch - ok
21:44:36.0323 0x1444  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:44:36.0345 0x1444  defragsvc - ok
21:44:36.0349 0x1444  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:44:36.0357 0x1444  DfsC - ok
21:44:36.0364 0x1444  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:44:36.0386 0x1444  Dhcp - ok
21:44:36.0411 0x1444  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:44:36.0438 0x1444  DiagTrack - ok
21:44:36.0442 0x1444  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:44:36.0461 0x1444  discache - ok
21:44:36.0464 0x1444  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:44:36.0469 0x1444  Disk - ok
21:44:36.0475 0x1444  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:44:36.0484 0x1444  Dnscache - ok
21:44:36.0490 0x1444  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:44:36.0511 0x1444  dot3svc - ok
21:44:36.0517 0x1444  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:44:36.0537 0x1444  DPS - ok
21:44:36.0540 0x1444  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:44:36.0545 0x1444  drmkaud - ok
21:44:36.0549 0x1444  [ D52EEB224DF107AAD9059597F0EB95CC, 40BE0E795CE981AB287FE93C509ED7FB11519B9A5173C7AC67D1EFB3E766859D ] DslMNLwf        C:\Windows\system32\DRIVERS\dslmnlwf.sys
21:44:36.0553 0x1444  DslMNLwf - ok
21:44:36.0569 0x1444  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:44:36.0590 0x1444  DXGKrnl - ok
21:44:36.0601 0x1444  [ CC2DE631888782989B27B775B09F6FCD, 911009FF41EE5B05EDD76950A696FA1631F93107BEE6CEB153EEB6EEFC8A922A ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
21:44:36.0612 0x1444  e1dexpress - ok
21:44:36.0620 0x1444  [ E75A80FA10A247F1E104ECB813255A45, 565B0706F5CEBB205AB2ED9849D55271EAFE101DCE91E512F1C38D84E5EDD6E7 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
21:44:36.0629 0x1444  eamonm - ok
21:44:36.0634 0x1444  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:44:36.0653 0x1444  EapHost - ok
21:44:36.0700 0x1444  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:44:36.0758 0x1444  ebdrv - ok
21:44:36.0768 0x1444  [ ACD3E4A07215DBE12F2274A685B17AB8, 9676F69D1FCCA2905B7B171B52A8503F569CE2528CF0861606010B10672EC976 ] edevmon         C:\Windows\system32\DRIVERS\edevmon.sys
21:44:36.0777 0x1444  edevmon - ok
21:44:36.0780 0x1444  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
21:44:36.0787 0x1444  EFS - ok
21:44:36.0793 0x1444  [ 1A4A59712D426D752FB668342A04A0D8, CAAEC83497139B5F2BB6852C6A1E279D0186A0E5A4AE7F3B823003D2F6E9547F ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
21:44:36.0802 0x1444  ehdrv - ok
21:44:36.0815 0x1444  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:44:36.0832 0x1444  ehRecvr - ok
21:44:36.0837 0x1444  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:44:36.0846 0x1444  ehSched - ok
21:44:36.0851 0x1444  [ 68FF4448C05A11D169D47A849E7EF379, 02020DA595C7DE8D7BD014A4C622B568DA61988A0BA0E110803A58F87CB3FD11 ] ekbdflt         C:\Windows\system32\DRIVERS\ekbdflt.sys
21:44:36.0859 0x1444  ekbdflt - ok
21:44:36.0905 0x1444  [ 83A9EF0F3F1AA1E474A6D33AD191F2BA, 0E2E3F9A6104B8D3689AEC19256CC644B0BCDADD95BB98F90DBBFD679BE26E96 ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
21:44:36.0956 0x1444  ekrn - ok
21:44:36.0970 0x1444  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:44:36.0984 0x1444  elxstor - ok
21:44:36.0991 0x1444  [ 59E0BD14BC40B77E9AA0143B1ACD2BB8, 516214B60F344A4A782444FBC272DE9FA6A9785E1057CDB43282C99376F31C86 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
21:44:36.0999 0x1444  epfw - ok
21:44:37.0003 0x1444  [ 424E123AA389801748E53530B3D23910, 65E3F9B5732FC1E14343E697F63434D2BA8EC06CB014DF08503C08969BDA2E78 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
21:44:37.0010 0x1444  EpfwLWF - ok
21:44:37.0014 0x1444  [ 553EE9B0426F8AE1321E2CC07374FA19, A6A96BECA8744D482FE1B039DF1B902B4CA5CEC9120701162EF31B8CD7305813 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
21:44:37.0021 0x1444  epfwwfp - ok
21:44:37.0023 0x1444  epp - ok
21:44:37.0026 0x1444  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:44:37.0031 0x1444  ErrDev - ok
21:44:37.0041 0x1444  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:44:37.0065 0x1444  EventSystem - ok
21:44:37.0071 0x1444  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:44:37.0091 0x1444  exfat - ok
21:44:37.0097 0x1444  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:44:37.0118 0x1444  fastfat - ok
21:44:37.0130 0x1444  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:44:37.0148 0x1444  Fax - ok
21:44:37.0151 0x1444  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:44:37.0158 0x1444  fdc - ok
21:44:37.0160 0x1444  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:44:37.0179 0x1444  fdPHost - ok
21:44:37.0183 0x1444  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:44:37.0202 0x1444  FDResPub - ok
21:44:37.0206 0x1444  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:44:37.0213 0x1444  FileInfo - ok
21:44:37.0216 0x1444  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:44:37.0235 0x1444  Filetrace - ok
21:44:37.0237 0x1444  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:44:37.0244 0x1444  flpydisk - ok
21:44:37.0252 0x1444  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:44:37.0262 0x1444  FltMgr - ok
21:44:37.0281 0x1444  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
21:44:37.0307 0x1444  FontCache - ok
21:44:37.0311 0x1444  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:44:37.0317 0x1444  FontCache3.0.0.0 - ok
21:44:37.0320 0x1444  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:44:37.0325 0x1444  FsDepends - ok
21:44:37.0328 0x1444  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:44:37.0333 0x1444  Fs_Rec - ok
21:44:37.0339 0x1444  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:44:37.0349 0x1444  fvevol - ok
21:44:37.0352 0x1444  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:44:37.0357 0x1444  gagp30kx - ok
21:44:37.0376 0x1444  [ C6E1E9A45C8BCFD073148B6A6B038C69, EB421C687BC3A3CF97685AA598EF0C671AA74DC801185D4E3C197C1B5B24EE02 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:44:37.0400 0x1444  GfExperienceService - ok
21:44:37.0414 0x1444  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:44:37.0433 0x1444  gpsvc - ok
21:44:37.0440 0x1444  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:44:37.0447 0x1444  gupdate - ok
21:44:37.0452 0x1444  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:44:37.0458 0x1444  gupdatem - ok
21:44:37.0460 0x1444  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:44:37.0466 0x1444  hcw85cir - ok
21:44:37.0475 0x1444  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:44:37.0487 0x1444  HdAudAddService - ok
21:44:37.0491 0x1444  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:44:37.0500 0x1444  HDAudBus - ok
21:44:37.0502 0x1444  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:44:37.0508 0x1444  HidBatt - ok
21:44:37.0512 0x1444  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:44:37.0521 0x1444  HidBth - ok
21:44:37.0524 0x1444  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:44:37.0532 0x1444  HidIr - ok
21:44:37.0535 0x1444  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:44:37.0554 0x1444  hidserv - ok
21:44:37.0556 0x1444  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:44:37.0562 0x1444  HidUsb - ok
21:44:37.0565 0x1444  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:44:37.0584 0x1444  hkmsvc - ok
21:44:37.0590 0x1444  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:44:37.0600 0x1444  HomeGroupListener - ok
21:44:37.0605 0x1444  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:44:37.0614 0x1444  HomeGroupProvider - ok
21:44:37.0618 0x1444  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:44:37.0624 0x1444  HpSAMD - ok
21:44:37.0637 0x1444  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:44:37.0654 0x1444  HTTP - ok
21:44:37.0657 0x1444  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:44:37.0662 0x1444  hwpolicy - ok
21:44:37.0666 0x1444  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:44:37.0673 0x1444  i8042prt - ok
21:44:37.0686 0x1444  [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
21:44:37.0701 0x1444  iaStorA - ok
21:44:37.0703 0x1444  IAStorDataMgrSvc - ok
21:44:37.0706 0x1444  [ ABE52EF9AF37C8D4FC67FDB9BE368142, 75B2787A0E45ED4801530D13381E596D1DB635D0A9C3FDFAB3951063048A5ECF ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
21:44:37.0711 0x1444  iaStorF - ok
21:44:37.0719 0x1444  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:44:37.0730 0x1444  iaStorV - ok
21:44:37.0736 0x1444  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:44:37.0743 0x1444  ICCS - ok
21:44:37.0758 0x1444  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:44:37.0777 0x1444  idsvc - ok
21:44:37.0779 0x1444  IEEtwCollectorService - ok
21:44:37.0833 0x1444  [ B12F7F8180BCD99B29AE2A6534857EA1, D095DF08A4F3510B96DE55A69ACCDEA0AACC7244447A858041D4C511835BA066 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:44:37.0907 0x1444  igfx - ok
21:44:37.0912 0x1444  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:44:37.0918 0x1444  iirsp - ok
21:44:37.0933 0x1444  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:44:37.0952 0x1444  IKEEXT - ok
21:44:38.0020 0x1444  [ 0D378E0EC4009E954FB1A358514CE99E, 05B36FCFFBCB01DBD01096B3E72F2AEBCEF91C99EF2AA4DB17EBECC33A1CA0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:44:38.0099 0x1444  IntcAzAudAddService - ok
21:44:38.0110 0x1444  [ FA6094444A7DC90449800F964E0A8668, A6DCF395649FA185596D55713888922BA2A61D96AD0D5E7860FD47EE30B7E4CF ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:44:38.0118 0x1444  Intel(R) PROSet Monitoring Service - ok
21:44:38.0121 0x1444  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:44:38.0126 0x1444  intelide - ok
21:44:38.0129 0x1444  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:44:38.0136 0x1444  intelppm - ok
21:44:38.0140 0x1444  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:44:38.0160 0x1444  IPBusEnum - ok
21:44:38.0164 0x1444  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:44:38.0183 0x1444  IpFilterDriver - ok
21:44:38.0194 0x1444  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:44:38.0221 0x1444  iphlpsvc - ok
21:44:38.0225 0x1444  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:44:38.0232 0x1444  IPMIDRV - ok
21:44:38.0236 0x1444  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:44:38.0256 0x1444  IPNAT - ok
21:44:38.0269 0x1444  [ A9E19D4C0E9487544B0A87D511514DA9, 83767BA2A7EE1DE39DBF824B57D898355F8C5E3CE146CA280B0E336428837E70 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:44:38.0283 0x1444  iPod Service - ok
21:44:38.0286 0x1444  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:44:38.0294 0x1444  IRENUM - ok
21:44:38.0297 0x1444  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:44:38.0302 0x1444  isapnp - ok
21:44:38.0309 0x1444  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:44:38.0317 0x1444  iScsiPrt - ok
21:44:38.0321 0x1444  [ 45392E76EE30DC9C8F0181C785F0BA48, 7FB522E1AA9B877B9FB1A29C2ADC42EA794E8864AD2411AD275F00F00547F8F3 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:44:38.0326 0x1444  iusb3hcs - ok
21:44:38.0334 0x1444  [ C6E8FB7FF41877378CCB30DE6E9941DF, CA808A00C0CC21C1C7BE54F0D1E5D3F24C0032BE821C064E0A63901F20F3C6BC ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:44:38.0344 0x1444  iusb3hub - ok
21:44:38.0358 0x1444  [ 6FBA980433B2B21604CE990FBF542D3F, ACB35A5558DD9EF9A339C9D061207AF5527D3AEFC9AC99AB6CFBA1CE92F8B62D ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:44:38.0375 0x1444  iusb3xhc - ok
21:44:38.0378 0x1444  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:44:38.0384 0x1444  kbdclass - ok
21:44:38.0387 0x1444  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:44:38.0393 0x1444  kbdhid - ok
21:44:38.0396 0x1444  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
21:44:38.0401 0x1444  KeyIso - ok
21:44:38.0416 0x1444  [ 4677AF088A95F02A41F81733E33507C6, 0579EF63D0BB604CA4955A0A0CB1DE65AC99C28DBA6A1EB138793F338D36052A ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
21:44:38.0426 0x1444  Kodak AiO Network Discovery Service - ok
21:44:38.0441 0x1444  [ 60301F8FDF519FFEC307A686209C33BE, B9A31478707B518967A6200813DCBD4DE03824FBFAB6E35D4FA4DA783FD6305A ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
21:44:38.0457 0x1444  Kodak AiO Status Monitor Service - ok
21:44:38.0462 0x1444  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:44:38.0468 0x1444  KSecDD - ok
21:44:38.0473 0x1444  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:44:38.0479 0x1444  KSecPkg - ok
21:44:38.0482 0x1444  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:44:38.0500 0x1444  ksthunk - ok
21:44:38.0509 0x1444  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:44:38.0533 0x1444  KtmRm - ok
21:44:38.0540 0x1444  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:44:38.0561 0x1444  LanmanServer - ok
21:44:38.0566 0x1444  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:44:38.0586 0x1444  LanmanWorkstation - ok
21:44:38.0590 0x1444  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:44:38.0609 0x1444  lltdio - ok
21:44:38.0617 0x1444  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:44:38.0640 0x1444  lltdsvc - ok
21:44:38.0643 0x1444  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:44:38.0661 0x1444  lmhosts - ok
21:44:38.0666 0x1444  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:44:38.0672 0x1444  LSI_FC - ok
21:44:38.0676 0x1444  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:44:38.0682 0x1444  LSI_SAS - ok
21:44:38.0685 0x1444  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:44:38.0691 0x1444  LSI_SAS2 - ok
21:44:38.0696 0x1444  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:44:38.0702 0x1444  LSI_SCSI - ok
21:44:38.0706 0x1444  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:44:38.0725 0x1444  luafv - ok
21:44:38.0729 0x1444  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:44:38.0734 0x1444  MBAMProtector - ok
21:44:38.0758 0x1444  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:44:38.0786 0x1444  MBAMScheduler - ok
21:44:38.0806 0x1444  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:44:38.0828 0x1444  MBAMService - ok
21:44:38.0836 0x1444  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:44:38.0842 0x1444  MBAMSwissArmy - ok
21:44:38.0846 0x1444  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:44:38.0851 0x1444  MBAMWebAccessControl - ok
21:44:38.0854 0x1444  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:44:38.0862 0x1444  Mcx2Svc - ok
21:44:38.0865 0x1444  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:44:38.0870 0x1444  megasas - ok
21:44:38.0877 0x1444  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:44:38.0886 0x1444  MegaSR - ok
21:44:38.0889 0x1444  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:44:38.0895 0x1444  MEIx64 - ok
21:44:38.0899 0x1444  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:44:38.0918 0x1444  MMCSS - ok
21:44:38.0921 0x1444  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:44:38.0939 0x1444  Modem - ok
21:44:38.0942 0x1444  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:44:38.0950 0x1444  monitor - ok
21:44:38.0952 0x1444  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:44:38.0958 0x1444  mouclass - ok
21:44:38.0960 0x1444  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:44:38.0966 0x1444  mouhid - ok
21:44:38.0970 0x1444  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:44:38.0977 0x1444  mountmgr - ok
21:44:38.0981 0x1444  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:44:38.0988 0x1444  mpio - ok
21:44:38.0992 0x1444  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:44:39.0011 0x1444  mpsdrv - ok
21:44:39.0026 0x1444  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:44:39.0057 0x1444  MpsSvc - ok
21:44:39.0062 0x1444  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:44:39.0070 0x1444  MRxDAV - ok
21:44:39.0075 0x1444  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:44:39.0083 0x1444  mrxsmb - ok
21:44:39.0091 0x1444  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:44:39.0101 0x1444  mrxsmb10 - ok
21:44:39.0106 0x1444  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:44:39.0114 0x1444  mrxsmb20 - ok
21:44:39.0116 0x1444  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:44:39.0121 0x1444  msahci - ok
21:44:39.0126 0x1444  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:44:39.0133 0x1444  msdsm - ok
21:44:39.0138 0x1444  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:44:39.0146 0x1444  MSDTC - ok
21:44:39.0150 0x1444  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:44:39.0169 0x1444  Msfs - ok
21:44:39.0171 0x1444  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:44:39.0189 0x1444  mshidkmdf - ok
21:44:39.0192 0x1444  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:44:39.0196 0x1444  msisadrv - ok
21:44:39.0201 0x1444  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:44:39.0223 0x1444  MSiSCSI - ok
21:44:39.0226 0x1444  msiserver - ok
21:44:39.0229 0x1444  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:44:39.0248 0x1444  MSKSSRV - ok
21:44:39.0250 0x1444  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:44:39.0269 0x1444  MSPCLOCK - ok
21:44:39.0273 0x1444  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:44:39.0291 0x1444  MSPQM - ok
21:44:39.0303 0x1444  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:44:39.0314 0x1444  MsRPC - ok
21:44:39.0317 0x1444  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:44:39.0322 0x1444  mssmbios - ok
21:44:39.0330 0x1444  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:44:39.0349 0x1444  MSTEE - ok
21:44:39.0360 0x1444  [ 32528D01ACBBC8DF6211268FA06D7C10, ACAEB89550FDAE7DD7701EB07ED1700933DDFABC753BB639E3C49457A40AFE30 ] mt7612US        C:\Windows\system32\DRIVERS\mt7612US.sys
21:44:39.0378 0x1444  mt7612US - ok
21:44:39.0381 0x1444  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:44:39.0387 0x1444  MTConfig - ok
21:44:39.0395 0x1444  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:44:39.0400 0x1444  Mup - ok
21:44:39.0415 0x1444  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:44:39.0439 0x1444  napagent - ok
21:44:39.0449 0x1444  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:44:39.0462 0x1444  NativeWifiP - ok
21:44:39.0479 0x1444  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:44:39.0498 0x1444  NDIS - ok
21:44:39.0505 0x1444  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:44:39.0524 0x1444  NdisCap - ok
21:44:39.0530 0x1444  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:44:39.0549 0x1444  NdisTapi - ok
21:44:39.0556 0x1444  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:44:39.0575 0x1444  Ndisuio - ok
21:44:39.0581 0x1444  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:44:39.0601 0x1444  NdisWan - ok
21:44:39.0609 0x1444  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:44:39.0627 0x1444  NDProxy - ok
21:44:39.0631 0x1444  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:44:39.0649 0x1444  NetBIOS - ok
21:44:39.0656 0x1444  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:44:39.0666 0x1444  NetBT - ok
21:44:39.0668 0x1444  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
21:44:39.0674 0x1444  Netlogon - ok
21:44:39.0685 0x1444  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:44:39.0709 0x1444  Netman - ok
21:44:39.0724 0x1444  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:39.0732 0x1444  NetMsmqActivator - ok
21:44:39.0736 0x1444  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:39.0744 0x1444  NetPipeActivator - ok
21:44:39.0755 0x1444  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:44:39.0780 0x1444  netprofm - ok
21:44:39.0784 0x1444  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:39.0793 0x1444  NetTcpActivator - ok
21:44:39.0796 0x1444  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:44:39.0804 0x1444  NetTcpPortSharing - ok
21:44:39.0811 0x1444  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:44:39.0816 0x1444  nfrd960 - ok
21:44:39.0825 0x1444  [ 956BB5F7CCC82D31BF32AE43A41D1ADE, 4AF9F85B2E6C4966B9125A0F3728459C221EF4CD3FFCDD65435D7AD01E141176 ] NitroReaderDriverReadSpool5 C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
21:44:39.0835 0x1444  NitroReaderDriverReadSpool5 - ok
21:44:39.0842 0x1444  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:44:39.0854 0x1444  NlaSvc - ok
21:44:39.0856 0x1444  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:44:39.0875 0x1444  Npfs - ok
21:44:39.0880 0x1444  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:44:39.0898 0x1444  nsi - ok
21:44:39.0904 0x1444  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:44:39.0922 0x1444  nsiproxy - ok
21:44:39.0952 0x1444  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:44:39.0983 0x1444  Ntfs - ok
21:44:39.0987 0x1444  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:44:40.0005 0x1444  Null - ok
21:44:40.0019 0x1444  [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:44:40.0029 0x1444  NVHDA - ok
21:44:40.0236 0x1444  [ 71CF83223F3ADC2EC9DC0FDA8702E312, A76E94F73CD1EAB5D49EF8A206B1E4BC141620B482236E0FD17F5FA0CAD05863 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:44:40.0458 0x1444  nvlddmkm - ok
21:44:40.0497 0x1444  [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:44:40.0531 0x1444  NvNetworkService - ok
21:44:40.0538 0x1444  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:44:40.0545 0x1444  nvraid - ok
21:44:40.0551 0x1444  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:44:40.0559 0x1444  nvstor - ok
21:44:40.0564 0x1444  [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:44:40.0570 0x1444  NvStreamKms - ok
21:44:40.0621 0x1444  [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
21:44:40.0682 0x1444  NvStreamNetworkSvc - ok
21:44:40.0723 0x1444  [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:44:40.0767 0x1444  NvStreamSvc - ok
21:44:40.0799 0x1444  [ F07CC5C6A71B002C50D74FD611F44538, 85A341530740A71768947E721B0A979DEE328348F3083806A367DAA0CD628CB4 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:44:40.0825 0x1444  nvsvc - ok
21:44:40.0830 0x1444  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:44:40.0836 0x1444  nvvad_WaveExtensible - ok
21:44:40.0844 0x1444  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:44:40.0850 0x1444  nv_agp - ok
21:44:40.0853 0x1444  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:44:40.0860 0x1444  ohci1394 - ok
21:44:40.0920 0x1444  [ 3E498CE04DD40C60769854DF2CE8D21D, 28B9331787FE598A79E40DA839B022D353280BE0E8F0D20CE4AAB6284866DE48 ] Origin Client Service G:\Origin\OriginClientService.exe
21:44:40.0957 0x1444  Origin Client Service - ok
21:44:41.0001 0x1444  [ B66980E730FEF1E31BE39B09F55514A1, 756F7695AB112FB2FEBA905F5F9E7C9435823195DE164AF60071457BC047535E ] Origin Web Helper Service G:\Origin\OriginWebHelperService.exe
21:44:41.0039 0x1444  Origin Web Helper Service - ok
21:44:41.0049 0x1444  [ C9DFA1FBAC82F4FCC7FADD7749546D40, D5F591E089ECB75677F36FA71F0D71885751D72AFFAEC53C0542206F9C6B26A4 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:44:41.0059 0x1444  ose64 - ok
21:44:41.0131 0x1444  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:44:41.0215 0x1444  osppsvc - ok
21:44:41.0227 0x1444  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:44:41.0239 0x1444  p2pimsvc - ok
21:44:41.0249 0x1444  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:44:41.0262 0x1444  p2psvc - ok
21:44:41.0266 0x1444  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:44:41.0273 0x1444  Parport - ok
21:44:41.0284 0x1444  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:44:41.0290 0x1444  partmgr - ok
21:44:41.0295 0x1444  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:44:41.0304 0x1444  PcaSvc - ok
21:44:41.0314 0x1444  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:44:41.0322 0x1444  pci - ok
21:44:41.0327 0x1444  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:44:41.0332 0x1444  pciide - ok
21:44:41.0346 0x1444  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:44:41.0354 0x1444  pcmcia - ok
21:44:41.0358 0x1444  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:44:41.0363 0x1444  pcw - ok
21:44:41.0381 0x1444  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:44:41.0396 0x1444  PEAUTH - ok
21:44:41.0418 0x1444  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:44:41.0445 0x1444  PeerDistSvc - ok
21:44:43.0255 0x1444  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:44:43.0283 0x1444  PerfHost - ok
21:44:43.0337 0x1444  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:44:43.0380 0x1444  pla - ok
21:44:43.0390 0x1444  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:44:43.0402 0x1444  PlugPlay - ok
21:44:43.0405 0x1444  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:44:43.0412 0x1444  PNRPAutoReg - ok
21:44:43.0420 0x1444  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:44:43.0432 0x1444  PNRPsvc - ok
21:44:43.0442 0x1444  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:44:43.0455 0x1444  PolicyAgent - ok
21:44:43.0461 0x1444  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:44:43.0482 0x1444  Power - ok
21:44:43.0486 0x1444  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:44:43.0505 0x1444  PptpMiniport - ok
21:44:43.0508 0x1444  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:44:43.0515 0x1444  Processor - ok
21:44:43.0521 0x1444  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:44:43.0530 0x1444  ProfSvc - ok
21:44:43.0533 0x1444  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:44:43.0539 0x1444  ProtectedStorage - ok
21:44:43.0544 0x1444  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:44:43.0563 0x1444  Psched - ok
21:44:43.0587 0x1444  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:44:43.0615 0x1444  ql2300 - ok
21:44:43.0621 0x1444  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:44:43.0627 0x1444  ql40xx - ok
21:44:43.0633 0x1444  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:44:43.0645 0x1444  QWAVE - ok
21:44:43.0647 0x1444  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:44:43.0656 0x1444  QWAVEdrv - ok
21:44:43.0658 0x1444  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:44:43.0676 0x1444  RasAcd - ok
21:44:43.0679 0x1444  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:44:43.0697 0x1444  RasAgileVpn - ok
21:44:43.0702 0x1444  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:44:43.0721 0x1444  RasAuto - ok
21:44:43.0725 0x1444  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:44:43.0744 0x1444  Rasl2tp - ok
21:44:43.0752 0x1444  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:44:43.0776 0x1444  RasMan - ok
21:44:43.0780 0x1444  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:44:43.0799 0x1444  RasPppoe - ok
21:44:43.0802 0x1444  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:44:43.0821 0x1444  RasSstp - ok
21:44:43.0829 0x1444  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:44:43.0850 0x1444  rdbss - ok
21:44:43.0853 0x1444  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:44:43.0861 0x1444  rdpbus - ok
21:44:43.0863 0x1444  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:44:43.0881 0x1444  RDPCDD - ok
21:44:43.0886 0x1444  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:44:43.0894 0x1444  RDPDR - ok
21:44:43.0897 0x1444  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:44:43.0915 0x1444  RDPENCDD - ok
21:44:43.0918 0x1444  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:44:43.0936 0x1444  RDPREFMP - ok
21:44:43.0942 0x1444  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:44:43.0951 0x1444  RDPWD - ok
21:44:43.0957 0x1444  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:44:43.0965 0x1444  rdyboost - ok
21:44:43.0969 0x1444  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:44:43.0988 0x1444  RemoteAccess - ok
21:44:43.0994 0x1444  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:44:44.0014 0x1444  RemoteRegistry - ok
21:44:44.0018 0x1444  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
21:44:44.0022 0x1444  Revoflt - ok
21:44:44.0026 0x1444  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:44:44.0046 0x1444  RpcEptMapper - ok
21:44:44.0049 0x1444  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:44:44.0055 0x1444  RpcLocator - ok
21:44:44.0065 0x1444  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:44:44.0091 0x1444  RpcSs - ok
21:44:44.0095 0x1444  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:44:44.0114 0x1444  rspndr - ok
21:44:44.0116 0x1444  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:44:44.0122 0x1444  s3cap - ok
21:44:44.0124 0x1444  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
21:44:44.0129 0x1444  SamSs - ok
21:44:44.0133 0x1444  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:44:44.0139 0x1444  sbp2port - ok
21:44:44.0145 0x1444  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:44:44.0165 0x1444  SCardSvr - ok
21:44:44.0171 0x1444  [ 81912490882BE0F971B582AD1C33CA57, F0D94B8DAB7012C6407A866A148A93641684D26400CCF65856A08E423AD18DF0 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
21:44:44.0178 0x1444  SCDEmu - ok
21:44:44.0180 0x1444  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:44:44.0198 0x1444  scfilter - ok
21:44:44.0216 0x1444  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:44:44.0239 0x1444  Schedule - ok
21:44:44.0243 0x1444  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:44:44.0262 0x1444  SCPolicySvc - ok
21:44:44.0268 0x1444  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:44:44.0278 0x1444  SDRSVC - ok
21:44:44.0283 0x1444  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:44:44.0289 0x1444  secdrv - ok
21:44:44.0292 0x1444  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:44:44.0299 0x1444  seclogon - ok
21:44:44.0303 0x1444  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:44:44.0322 0x1444  SENS - ok
21:44:44.0325 0x1444  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:44:44.0331 0x1444  SensrSvc - ok
21:44:44.0333 0x1444  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:44:44.0340 0x1444  Serenum - ok
21:44:44.0344 0x1444  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:44:44.0350 0x1444  Serial - ok
21:44:44.0354 0x1444  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:44:44.0360 0x1444  sermouse - ok
21:44:44.0366 0x1444  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:44:44.0386 0x1444  SessionEnv - ok
21:44:44.0389 0x1444  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:44:44.0396 0x1444  sffdisk - ok
21:44:44.0398 0x1444  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:44:44.0405 0x1444  sffp_mmc - ok
21:44:44.0407 0x1444  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:44:44.0415 0x1444  sffp_sd - ok
21:44:44.0417 0x1444  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:44:44.0423 0x1444  sfloppy - ok
21:44:44.0431 0x1444  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:44:44.0454 0x1444  SharedAccess - ok
21:44:44.0463 0x1444  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:44:44.0487 0x1444  ShellHWDetection - ok
21:44:44.0490 0x1444  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:44:44.0496 0x1444  SiSRaid2 - ok
21:44:44.0499 0x1444  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:44:44.0505 0x1444  SiSRaid4 - ok
21:44:44.0513 0x1444  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:44:44.0524 0x1444  SkypeUpdate - ok
21:44:44.0528 0x1444  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:44:44.0547 0x1444  Smb - ok
21:44:44.0552 0x1444  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:44:44.0559 0x1444  SNMPTRAP - ok
21:44:44.0562 0x1444  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:44:44.0566 0x1444  spldr - ok
21:44:44.0577 0x1444  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
21:44:44.0604 0x1444  Spooler - ok
21:44:44.0654 0x1444  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:44:44.0727 0x1444  sppsvc - ok
21:44:44.0734 0x1444  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:44:44.0753 0x1444  sppuinotify - ok
21:44:44.0762 0x1444  [ FEB80A9EC320569CC82D4DB9F4AC78BC, E6340CDA9B5F59DBE68128356E357FEDA3655A296BFE4B7F44944F2DE5DA9765 ] sptd            C:\Windows\System32\Drivers\sptd.sys
21:44:44.0773 0x1444  sptd - ok
21:44:44.0782 0x1444  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:44:44.0795 0x1444  srv - ok
21:44:44.0803 0x1444  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:44:44.0814 0x1444  srv2 - ok
21:44:44.0819 0x1444  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:44:44.0827 0x1444  srvnet - ok
21:44:44.0832 0x1444  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:44:44.0854 0x1444  SSDPSRV - ok
21:44:44.0858 0x1444  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:44:44.0877 0x1444  SstpSvc - ok
21:44:44.0901 0x1444  [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:44:44.0928 0x1444  Steam Client Service - ok
21:44:44.0938 0x1444  [ 4AD54C2E540F2364607A26F3585A509F, AB453222A1F9C906478AFA9460C4687F4D40B504C2F29E68F047D2D38A2BFBB8 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
21:44:44.0950 0x1444  Stereo Service - ok
21:44:44.0953 0x1444  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:44:44.0958 0x1444  stexstor - ok
21:44:44.0969 0x1444  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:44:44.0987 0x1444  stisvc - ok
21:44:44.0990 0x1444  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:44:44.0996 0x1444  storflt - ok
21:44:44.0998 0x1444  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:44:45.0004 0x1444  StorSvc - ok
21:44:45.0007 0x1444  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:44:45.0012 0x1444  storvsc - ok
21:44:45.0014 0x1444  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:44:45.0019 0x1444  swenum - ok
21:44:45.0031 0x1444  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:44:45.0044 0x1444  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:44:46.0337 0x1444  Detect skipped due to KSN trusted
21:44:46.0338 0x1444  SwitchBoard - ok
21:44:46.0368 0x1444  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:44:46.0409 0x1444  swprv - ok
21:44:46.0436 0x1444  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:44:46.0470 0x1444  SysMain - ok
21:44:46.0475 0x1444  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:44:46.0485 0x1444  TabletInputService - ok
21:44:46.0492 0x1444  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:44:46.0515 0x1444  TapiSrv - ok
21:44:46.0519 0x1444  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:44:46.0538 0x1444  TBS - ok
21:44:46.0566 0x1444  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:44:46.0600 0x1444  Tcpip - ok
21:44:46.0630 0x1444  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:44:46.0663 0x1444  TCPIP6 - ok
21:44:46.0669 0x1444  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:44:46.0686 0x1444  tcpipreg - ok
21:44:46.0689 0x1444  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:44:46.0696 0x1444  TDPIPE - ok
21:44:46.0770 0x1444  [ 1226A953D4FDBDFD570DA5CEE66EAA55, 640922152493057519198A55373A82CD1C7DCF0C219F4ECE7D2C30363FFA1E86 ] TDslMgrService  E:\Telekom netzmanager\DslMgrSvc.exe
21:44:46.0791 0x1444  TDslMgrService - detected UnsignedFile.Multi.Generic ( 1 )
21:44:48.0085 0x1444  Detect skipped due to KSN trusted
21:44:48.0085 0x1444  TDslMgrService - ok
21:44:48.0094 0x1444  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:44:48.0117 0x1444  TDTCP - ok
21:44:48.0130 0x1444  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:44:48.0146 0x1444  tdx - ok
21:44:48.0151 0x1444  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:44:48.0163 0x1444  TermDD - ok
21:44:48.0175 0x1444  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:44:48.0192 0x1444  TermService - ok
21:44:48.0196 0x1444  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:44:48.0206 0x1444  Themes - ok
21:44:48.0209 0x1444  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:44:48.0229 0x1444  THREADORDER - ok
21:44:48.0234 0x1444  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:44:48.0266 0x1444  TrkWks - ok
21:44:48.0272 0x1444  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:44:48.0293 0x1444  TrustedInstaller - ok
21:44:48.0297 0x1444  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:44:48.0303 0x1444  tssecsrv - ok
21:44:48.0308 0x1444  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:44:48.0314 0x1444  TsUsbFlt - ok
21:44:48.0319 0x1444  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:44:48.0337 0x1444  tunnel - ok
21:44:48.0340 0x1444  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:44:48.0346 0x1444  uagp35 - ok
21:44:48.0353 0x1444  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:44:48.0375 0x1444  udfs - ok
21:44:48.0381 0x1444  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:44:48.0388 0x1444  UI0Detect - ok
21:44:48.0391 0x1444  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:44:48.0397 0x1444  uliagpkx - ok
21:44:48.0400 0x1444  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
21:44:48.0406 0x1444  umbus - ok
21:44:48.0409 0x1444  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:44:48.0414 0x1444  UmPass - ok
21:44:48.0420 0x1444  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:44:48.0430 0x1444  UmRdpService - ok
21:44:48.0438 0x1444  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:44:48.0462 0x1444  upnphost - ok
21:44:48.0467 0x1444  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:44:48.0473 0x1444  USBAAPL64 - ok
21:44:48.0478 0x1444  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:44:48.0484 0x1444  usbaudio - ok
21:44:48.0488 0x1444  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:44:48.0495 0x1444  usbccgp - ok
21:44:48.0499 0x1444  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:44:48.0506 0x1444  usbcir - ok
21:44:48.0509 0x1444  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:44:48.0515 0x1444  usbehci - ok
21:44:48.0523 0x1444  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:44:48.0534 0x1444  usbhub - ok
21:44:48.0537 0x1444  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:44:48.0542 0x1444  usbohci - ok
21:44:48.0545 0x1444  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:44:48.0553 0x1444  usbprint - ok
21:44:48.0556 0x1444  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:44:48.0562 0x1444  usbscan - ok
21:44:48.0565 0x1444  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:44:48.0572 0x1444  USBSTOR - ok
21:44:48.0576 0x1444  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:44:48.0581 0x1444  usbuhci - ok
21:44:48.0584 0x1444  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:44:48.0603 0x1444  UxSms - ok
21:44:48.0606 0x1444  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
21:44:48.0611 0x1444  VaultSvc - ok
21:44:48.0629 0x1444  [ 778326796B64809765151DB97A7494A1, E6104C3AB34CB88F0DF19C697DDD53E3785CD2FD42042B1BC655064A617B3F4E ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:44:48.0650 0x1444  VBoxDrv - ok
21:44:48.0656 0x1444  [ EA1E84950229EF42D4C1B0E9CB54CDA2, 63B4A5A4EF3A04ED415B11CDB66661A1E4FFF2E459EF4469EECD3008AA9A1CE9 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
21:44:48.0663 0x1444  VBoxNetAdp - ok
21:44:48.0670 0x1444  [ 37A0640F1B21E870DF6F4D634DFF6EF0, 9B200FC803E1C56172FF228DF9B508572349FEEBE9125995807F5937CF7B7145 ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
21:44:48.0678 0x1444  VBoxNetLwf - ok
21:44:48.0683 0x1444  [ 96A5BE08C3D815B19E40E00314DCF9F6, 3B6A7F2D02BFFD40B03DED95BA07DA77AB910EAFCDAFAC1CA8069BF8B0CEA931 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
21:44:48.0691 0x1444  VBoxUSB - ok
21:44:48.0697 0x1444  [ 28C4EB89F3ABD3147A31FA25AFA48791, 89ECF76A30DE8718AED39C8FA2D442128C8C4D1F43816D167836421B7064B11E ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:44:48.0704 0x1444  VBoxUSBMon - ok
21:44:48.0707 0x1444  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:44:48.0712 0x1444  vdrvroot - ok
21:44:48.0722 0x1444  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:44:48.0748 0x1444  vds - ok
21:44:48.0751 0x1444  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:44:48.0759 0x1444  vga - ok
21:44:48.0762 0x1444  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:44:48.0780 0x1444  VgaSave - ok
21:44:48.0786 0x1444  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:44:48.0794 0x1444  vhdmp - ok
21:44:48.0797 0x1444  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:44:48.0802 0x1444  viaide - ok
21:44:48.0808 0x1444  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:44:48.0816 0x1444  vmbus - ok
21:44:48.0818 0x1444  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:44:48.0824 0x1444  VMBusHID - ok
21:44:48.0826 0x1444  vmci - ok
21:44:48.0828 0x1444  VMnetAdapter - ok
21:44:48.0831 0x1444  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:44:48.0837 0x1444  volmgr - ok
21:44:48.0845 0x1444  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:44:48.0855 0x1444  volmgrx - ok
21:44:48.0862 0x1444  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:44:48.0872 0x1444  volsnap - ok
21:44:48.0878 0x1444  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
21:44:48.0886 0x1444  vpcbus - ok
21:44:48.0890 0x1444  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
21:44:48.0896 0x1444  vpcnfltr - ok
21:44:48.0900 0x1444  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
21:44:48.0907 0x1444  vpcusb - ok
21:44:48.0915 0x1444  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
21:44:48.0925 0x1444  vpcvmm - ok
21:44:48.0931 0x1444  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:44:48.0939 0x1444  vsmraid - ok
21:44:48.0963 0x1444  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:44:49.0008 0x1444  VSS - ok
21:44:49.0012 0x1444  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:44:49.0019 0x1444  vwifibus - ok
21:44:49.0027 0x1444  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:44:49.0052 0x1444  W32Time - ok
21:44:49.0056 0x1444  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:44:49.0062 0x1444  WacomPen - ok
21:44:49.0067 0x1444  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:44:49.0085 0x1444  WANARP - ok
21:44:49.0088 0x1444  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:44:49.0106 0x1444  Wanarpv6 - ok
21:44:49.0127 0x1444  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:44:49.0152 0x1444  WatAdminSvc - ok
21:44:49.0175 0x1444  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:44:49.0206 0x1444  wbengine - ok
21:44:49.0234 0x1444  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:44:49.0246 0x1444  WbioSrvc - ok
21:44:49.0254 0x1444  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:44:49.0269 0x1444  wcncsvc - ok
21:44:49.0273 0x1444  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:44:49.0280 0x1444  WcsPlugInService - ok
21:44:49.0282 0x1444  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:44:49.0288 0x1444  Wd - ok
21:44:49.0302 0x1444  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:44:49.0320 0x1444  Wdf01000 - ok
21:44:49.0324 0x1444  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:44:49.0338 0x1444  WdiServiceHost - ok
21:44:49.0341 0x1444  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:44:49.0351 0x1444  WdiSystemHost - ok
21:44:49.0358 0x1444  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
21:44:49.0368 0x1444  WebClient - ok
21:44:49.0374 0x1444  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:44:49.0396 0x1444  Wecsvc - ok
21:44:49.0400 0x1444  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:44:49.0420 0x1444  wercplsupport - ok
21:44:49.0424 0x1444  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:44:49.0443 0x1444  WerSvc - ok
21:44:49.0446 0x1444  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:44:49.0464 0x1444  WfpLwf - ok
21:44:49.0467 0x1444  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:44:49.0472 0x1444  WIMMount - ok
21:44:49.0474 0x1444  WinDefend - ok
21:44:49.0478 0x1444  WinHttpAutoProxySvc - ok
21:44:49.0488 0x1444  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:44:49.0510 0x1444  Winmgmt - ok
21:44:49.0541 0x1444  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:44:49.0580 0x1444  WinRM - ok
21:44:49.0586 0x1444  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:44:49.0594 0x1444  WinUsb - ok
21:44:49.0609 0x1444  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:44:49.0632 0x1444  Wlansvc - ok
21:44:49.0668 0x1444  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:44:49.0709 0x1444  wlidsvc - ok
21:44:49.0713 0x1444  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:44:49.0719 0x1444  WmiAcpi - ok
21:44:49.0726 0x1444  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:44:49.0735 0x1444  wmiApSrv - ok
21:44:49.0737 0x1444  WMPNetworkSvc - ok
21:44:49.0739 0x1444  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:44:49.0746 0x1444  WPCSvc - ok
21:44:49.0750 0x1444  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:44:49.0759 0x1444  WPDBusEnum - ok
21:44:49.0761 0x1444  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:44:49.0779 0x1444  ws2ifsl - ok
21:44:49.0784 0x1444  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:44:49.0794 0x1444  wscsvc - ok
21:44:49.0795 0x1444  WSearch - ok
21:44:49.0834 0x1444  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:44:49.0884 0x1444  wuauserv - ok
21:44:49.0890 0x1444  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:44:49.0909 0x1444  WudfPf - ok
21:44:49.0915 0x1444  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:44:49.0935 0x1444  WUDFRd - ok
21:44:49.0939 0x1444  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:44:49.0958 0x1444  wudfsvc - ok
21:44:49.0965 0x1444  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:44:49.0977 0x1444  WwanSvc - ok
21:44:49.0980 0x1444  [ F0AE983ABA93D6A0327FC21B9ABED1C3, FB804CF5E8FF083E4223E4845311A1D2BEB2CEE1A0B5F0F1B1CEB0EF4D36B040 ] xb1usb          C:\Windows\system32\DRIVERS\xb1usb.sys
21:44:49.0990 0x1444  xb1usb - ok
21:44:49.0996 0x1444  [ F0701B21AE5546930A7B6DEC4C6F2779, 3ED7E5CA688FDA54604C491EB5A1A062E0D163E534AEAB7D9A2678D7F9175DF5 ] xboxgip         C:\Windows\system32\DRIVERS\xboxgip.sys
21:44:50.0009 0x1444  xboxgip - ok
21:44:50.0012 0x1444  [ 9A59E1059AE62321B7B85B6EB72F1509, 88D93E180C904E2C8B773DA1AC38B160953AFB3D483119DE7DCBEA17E6861555 ] xinputhid       C:\Windows\system32\DRIVERS\xinputhid.sys
21:44:50.0021 0x1444  xinputhid - ok
21:44:50.0025 0x1444  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
21:44:50.0031 0x1444  xusb21 - ok
21:44:50.0033 0x1444  ================ Scan global ===============================
21:44:50.0035 0x1444  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:44:50.0042 0x1444  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:44:50.0050 0x1444  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:44:50.0055 0x1444  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:44:50.0063 0x1444  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:44:50.0067 0x1444  [ Global ] - ok
21:44:50.0067 0x1444  ================ Scan MBR ==================================
21:44:50.0069 0x1444  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:44:50.0394 0x1444  \Device\Harddisk0\DR0 - ok
21:44:50.0398 0x1444  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:44:50.0548 0x1444  \Device\Harddisk1\DR1 - ok
21:44:50.0553 0x1444  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk6\DR6
21:44:50.0766 0x1444  \Device\Harddisk6\DR6 - ok
21:44:50.0766 0x1444  ================ Scan VBR ==================================
21:44:50.0771 0x1444  [ 909137473DDEB604BF3970C2ED5BF06E ] \Device\Harddisk0\DR0\Partition1
21:44:50.0773 0x1444  \Device\Harddisk0\DR0\Partition1 - ok
21:44:50.0776 0x1444  [ A045445BEB9B37164406F84F4112A610 ] \Device\Harddisk0\DR0\Partition2
21:44:50.0778 0x1444  \Device\Harddisk0\DR0\Partition2 - ok
21:44:50.0781 0x1444  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
21:44:50.0781 0x1444  \Device\Harddisk1\DR1\Partition1 - ok
21:44:50.0785 0x1444  [ 0E8C24123BFBB0AFF9101965B0E96270 ] \Device\Harddisk1\DR1\Partition2
21:44:50.0787 0x1444  \Device\Harddisk1\DR1\Partition2 - ok
21:44:50.0790 0x1444  [ BA8FE403DB60F7732141B978798CD4C6 ] \Device\Harddisk6\DR6\Partition1
21:44:50.0793 0x1444  \Device\Harddisk6\DR6\Partition1 - ok
21:44:50.0817 0x1444  [ 959A297B78429791E21E3B5395659A1C ] \Device\Harddisk6\DR6\Partition2

1. Hälfte

Erwin80 · 16.01.2017, 08:44

Code:

ATTFilter

21:44:50.0819 0x1444  \Device\Harddisk6\DR6\Partition2 - ok

21:44:50.0819 0x1444  ================ Scan generic autorun ======================
21:44:51.0082 0x1444  [ CE56F859CEF04D23458FC9C175D5F18B, 85358687BD0E35142FE9C414E98A26740BA3F5028CF82C06B5CA2A4DB9CB22F4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:44:51.0337 0x1444  RTHDVCPL - ok
21:44:51.0349 0x1444  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:44:51.0357 0x1444  ShadowPlay - ok
21:44:51.0364 0x1444  [ E4E7B29D050F5480071984FE6543C311, 9A4D8D1702AE74AB4FE4367EAF4AD6500F59D4F25B3CCACE3EF07613B7B5853C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:44:51.0373 0x1444  USB3MON - ok
21:44:51.0392 0x1444  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:44:51.0424 0x1444  Sidebar - ok
21:44:51.0428 0x1444  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:44:51.0437 0x1444  mctadmin - ok
21:44:51.0456 0x1444  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:44:51.0479 0x1444  Sidebar - ok
21:44:51.0483 0x1444  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:44:51.0493 0x1444  mctadmin - ok
21:44:51.0638 0x1444  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
21:44:51.0783 0x1444  CCleaner Monitoring - ok
21:44:51.0789 0x1444  Waiting for KSN requests completion. In queue: 157
21:44:52.0789 0x1444  Waiting for KSN requests completion. In queue: 157
21:44:53.0813 0x1444  AV detected via SS2: ESET Smart Security 9.0.408.1, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.407.0 ), 0x41000 ( enabled : updated )
21:44:53.0814 0x1444  FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.407.0 ), 0x41010 ( enabled )
21:44:54.0930 0x1444  ============================================================
21:44:54.0930 0x1444  Scan finished
21:44:54.0930 0x1444  ============================================================
21:44:54.0935 0x1500  Detected object count: 0
21:44:54.0935 0x1500  Actual detected object count: 0
21:45:00.0358 0x1684  ============================================================
21:45:00.0359 0x1684  Scan started
21:45:00.0359 0x1684  Mode: Manual; SigCheck; TDLFS; 
21:45:00.0359 0x1684  ============================================================
21:45:00.0359 0x1684  KSN ping started
21:45:01.0434 0x1684  KSN ping finished: true
21:45:02.0171 0x1684  ================ Scan system memory ========================
21:45:02.0171 0x1684  System memory - ok
21:45:02.0171 0x1684  ================ Scan services =============================
21:45:02.0217 0x1684  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:45:02.0233 0x1684  1394ohci - ok
21:45:02.0241 0x1684  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:45:02.0252 0x1684  ACPI - ok
21:45:02.0255 0x1684  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:45:02.0264 0x1684  AcpiPmi - ok
21:45:02.0280 0x1684  [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
21:45:02.0297 0x1684  AdobeUpdateService - ok
21:45:02.0309 0x1684  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:45:02.0321 0x1684  adp94xx - ok
21:45:02.0330 0x1684  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:45:02.0340 0x1684  adpahci - ok
21:45:02.0346 0x1684  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:45:02.0353 0x1684  adpu320 - ok
21:45:02.0358 0x1684  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:45:02.0377 0x1684  AeLookupSvc - ok
21:45:02.0388 0x1684  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
21:45:02.0401 0x1684  AFD - ok
21:45:02.0406 0x1684  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:45:02.0412 0x1684  agp440 - ok
21:45:02.0445 0x1684  [ 840E0468368EB5FD87371EF508D72ACF, 7E05854D29C24E9BBB27B038620C345E063FF3B8F1AE0FDA054BEDF842FB29A9 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:45:02.0484 0x1684  AGSService - ok
21:45:02.0490 0x1684  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:45:02.0498 0x1684  ALG - ok
21:45:02.0501 0x1684  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:45:02.0506 0x1684  aliide - ok
21:45:02.0508 0x1684  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:45:02.0513 0x1684  amdide - ok
21:45:02.0517 0x1684  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:45:02.0523 0x1684  AmdK8 - ok
21:45:02.0527 0x1684  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:45:02.0534 0x1684  AmdPPM - ok
21:45:02.0539 0x1684  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:45:02.0545 0x1684  amdsata - ok
21:45:02.0551 0x1684  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:45:02.0559 0x1684  amdsbs - ok
21:45:02.0563 0x1684  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:45:02.0569 0x1684  amdxata - ok
21:45:02.0576 0x1684  [ D46391F209DE0A98A97D1D1765F53438, 4D8C7D90BE3DB348ED4069CE3F4F403FCC6149D60B238E0B5DF9DCE4CF69C995 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
21:45:02.0585 0x1684  AMPPAL - ok
21:45:02.0591 0x1684  [ D46391F209DE0A98A97D1D1765F53438, 4D8C7D90BE3DB348ED4069CE3F4F403FCC6149D60B238E0B5DF9DCE4CF69C995 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
21:45:02.0599 0x1684  AMPPALP - ok
21:45:02.0602 0x1684  AMPPALR3 - ok
21:45:02.0606 0x1684  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
21:45:02.0613 0x1684  AppID - ok
21:45:02.0617 0x1684  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:45:02.0623 0x1684  AppIDSvc - ok
21:45:02.0627 0x1684  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
21:45:02.0633 0x1684  Appinfo - ok
21:45:02.0640 0x1684  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:45:02.0647 0x1684  Apple Mobile Device Service - ok
21:45:02.0653 0x1684  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:45:02.0662 0x1684  AppMgmt - ok
21:45:02.0666 0x1684  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:45:02.0673 0x1684  arc - ok
21:45:02.0677 0x1684  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:45:02.0684 0x1684  arcsas - ok
21:45:02.0710 0x1684  [ D2B5EB862E4CCD9713D6B9DE7BBCBB7B, 897DEE611A3CF7216E8F78033D2DB4055DE5FEC37FA665AE9E1163AF133C2526 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
21:45:02.0713 0x1684  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
21:45:02.0713 0x1684  Detect skipped due to KSN trusted
21:45:02.0713 0x1684  ASGT - ok
21:45:02.0730 0x1684  [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:45:02.0738 0x1684  aspnet_state - ok
21:45:02.0740 0x1684  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:45:02.0760 0x1684  AsyncMac - ok
21:45:02.0763 0x1684  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:45:02.0768 0x1684  atapi - ok
21:45:02.0781 0x1684  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:45:02.0798 0x1684  AudioEndpointBuilder - ok
21:45:02.0810 0x1684  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:45:02.0826 0x1684  AudioSrv - ok
21:45:02.0831 0x1684  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:45:02.0842 0x1684  AxInstSV - ok
21:45:02.0852 0x1684  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:45:02.0866 0x1684  b06bdrv - ok
21:45:02.0875 0x1684  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:45:02.0884 0x1684  b57nd60a - ok
21:45:02.0890 0x1684  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:45:02.0897 0x1684  BDESVC - ok
21:45:02.0899 0x1684  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:45:02.0918 0x1684  Beep - ok
21:45:02.0931 0x1684  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:45:02.0949 0x1684  BFE - ok
21:45:02.0965 0x1684  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:45:02.0998 0x1684  BITS - ok
21:45:03.0002 0x1684  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:45:03.0010 0x1684  blbdrive - ok
21:45:03.0020 0x1684  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:45:03.0031 0x1684  Bonjour Service - ok
21:45:03.0036 0x1684  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:45:03.0044 0x1684  bowser - ok
21:45:03.0047 0x1684  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:45:03.0055 0x1684  BrFiltLo - ok
21:45:03.0057 0x1684  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:45:03.0065 0x1684  BrFiltUp - ok
21:45:03.0070 0x1684  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:45:03.0079 0x1684  Browser - ok
21:45:03.0087 0x1684  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:45:03.0099 0x1684  Brserid - ok
21:45:03.0102 0x1684  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:45:03.0111 0x1684  BrSerWdm - ok
21:45:03.0113 0x1684  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:45:03.0121 0x1684  BrUsbMdm - ok
21:45:03.0124 0x1684  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:45:03.0130 0x1684  BrUsbSer - ok
21:45:03.0144 0x1684  [ 3C2B44729EB279FCC5582699E8922281, B21EE8CD526D0B360658F0ABD2027213957B5154946D55EAD09ED14451CFC81C ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
21:45:03.0156 0x1684  BstHdAndroidSvc - ok
21:45:03.0162 0x1684  [ 8181CDC414549F453E879A3D3D575DBC, 174BD61A581B8095CA6F3CB97ED2238A360270117CEF0EDDF06C3C190B8B0FB0 ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
21:45:03.0169 0x1684  BstHdDrv - ok
21:45:03.0178 0x1684  [ C062341653746EB2D429F5C288E24FA2, 395C5434F1CD02B9F91536FAA5DFD542704BAEE4CA78FD94D8D303BC54BDAB8C ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
21:45:03.0190 0x1684  BstHdLogRotatorSvc - ok
21:45:03.0199 0x1684  [ A0CC8145972577347800359AF7711536, B578C5C9C0F5F26E46E9F9008D8B148C258A2C6BFC58D1A37461CC44D54FFA74 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
21:45:03.0212 0x1684  BstHdPlusAndroidSvc - ok
21:45:03.0222 0x1684  [ 95820BAC50416203BAB1AA3B1D5C6ED5, 472A7ECE8F11597620D27EF37204AF42B92290C228B267B4AA3B5066F40B60CD ] BstkDrv         C:\Program Files (x86)\Bluestacks\BstkDrv.sys
21:45:03.0231 0x1684  BstkDrv - ok
21:45:03.0235 0x1684  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:45:03.0244 0x1684  BTHMODEM - ok
21:45:03.0248 0x1684  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:45:03.0268 0x1684  bthserv - ok
21:45:03.0270 0x1684  BTHSSecurityMgr - ok
21:45:03.0274 0x1684  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:45:03.0294 0x1684  cdfs - ok
21:45:03.0299 0x1684  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:45:03.0307 0x1684  cdrom - ok
21:45:03.0310 0x1684  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:45:03.0329 0x1684  CertPropSvc - ok
21:45:03.0333 0x1684  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:45:03.0341 0x1684  circlass - ok
21:45:03.0349 0x1684  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
21:45:03.0360 0x1684  CLFS - ok
21:45:03.0407 0x1684  [ 77469C0C4540C39D3C5BF29D8CEDFB32, CBA289465516E9E4972542048068C7E25840B55645605C8C3577D0364BC05441 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:45:03.0459 0x1684  ClickToRunSvc - ok
21:45:03.0469 0x1684  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:45:03.0475 0x1684  clr_optimization_v2.0.50727_32 - ok
21:45:03.0482 0x1684  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:45:03.0488 0x1684  clr_optimization_v2.0.50727_64 - ok
21:45:03.0501 0x1684  [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:45:03.0509 0x1684  clr_optimization_v4.0.30319_32 - ok
21:45:03.0513 0x1684  [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:45:03.0520 0x1684  clr_optimization_v4.0.30319_64 - ok
21:45:03.0523 0x1684  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:45:03.0529 0x1684  CmBatt - ok
21:45:03.0532 0x1684  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:45:03.0537 0x1684  cmdide - ok
21:45:03.0547 0x1684  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:45:03.0563 0x1684  CNG - ok
21:45:03.0567 0x1684  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:45:03.0573 0x1684  Compbatt - ok
21:45:03.0576 0x1684  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:45:03.0585 0x1684  CompositeBus - ok
21:45:03.0587 0x1684  COMSysApp - ok
21:45:03.0616 0x1684  [ 8492FA3B8E6C23805A61032A2C66FD54, 13248B60A1D119694DBAC464CCF0D534CD8ADC24329394F0E31D856746791DF5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:45:03.0625 0x1684  cphs - ok
21:45:03.0628 0x1684  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:45:03.0633 0x1684  crcdisk - ok
21:45:03.0640 0x1684  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:45:03.0649 0x1684  CryptSvc - ok
21:45:03.0660 0x1684  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:45:03.0674 0x1684  CSC - ok
21:45:03.0687 0x1684  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:45:03.0703 0x1684  CscService - ok
21:45:03.0714 0x1684  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:45:03.0741 0x1684  DcomLaunch - ok
21:45:03.0755 0x1684  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:45:03.0779 0x1684  defragsvc - ok
21:45:03.0784 0x1684  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:45:03.0794 0x1684  DfsC - ok
21:45:03.0803 0x1684  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:45:03.0826 0x1684  Dhcp - ok
21:45:03.0849 0x1684  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:45:03.0877 0x1684  DiagTrack - ok
21:45:03.0882 0x1684  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:45:03.0902 0x1684  discache - ok
21:45:03.0911 0x1684  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:45:03.0917 0x1684  Disk - ok
21:45:03.0925 0x1684  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:45:03.0935 0x1684  Dnscache - ok
21:45:03.0942 0x1684  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:45:03.0964 0x1684  dot3svc - ok
21:45:03.0976 0x1684  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:45:03.0997 0x1684  DPS - ok
21:45:04.0010 0x1684  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:45:04.0016 0x1684  drmkaud - ok
21:45:04.0027 0x1684  [ D52EEB224DF107AAD9059597F0EB95CC, 40BE0E795CE981AB287FE93C509ED7FB11519B9A5173C7AC67D1EFB3E766859D ] DslMNLwf        C:\Windows\system32\DRIVERS\dslmnlwf.sys
21:45:04.0084 0x1684  DslMNLwf - ok
21:45:04.0111 0x1684  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:45:04.0136 0x1684  DXGKrnl - ok
21:45:04.0161 0x1684  [ CC2DE631888782989B27B775B09F6FCD, 911009FF41EE5B05EDD76950A696FA1631F93107BEE6CEB153EEB6EEFC8A922A ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
21:45:04.0181 0x1684  e1dexpress - ok
21:45:04.0192 0x1684  [ E75A80FA10A247F1E104ECB813255A45, 565B0706F5CEBB205AB2ED9849D55271EAFE101DCE91E512F1C38D84E5EDD6E7 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
21:45:04.0209 0x1684  eamonm - ok
21:45:04.0214 0x1684  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:45:04.0241 0x1684  EapHost - ok
21:45:04.0289 0x1684  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:45:04.0346 0x1684  ebdrv - ok
21:45:04.0355 0x1684  [ ACD3E4A07215DBE12F2274A685B17AB8, 9676F69D1FCCA2905B7B171B52A8503F569CE2528CF0861606010B10672EC976 ] edevmon         C:\Windows\system32\DRIVERS\edevmon.sys
21:45:04.0364 0x1684  edevmon - ok
21:45:04.0367 0x1684  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
21:45:04.0374 0x1684  EFS - ok
21:45:04.0380 0x1684  [ 1A4A59712D426D752FB668342A04A0D8, CAAEC83497139B5F2BB6852C6A1E279D0186A0E5A4AE7F3B823003D2F6E9547F ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
21:45:04.0389 0x1684  ehdrv - ok
21:45:04.0404 0x1684  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:45:04.0421 0x1684  ehRecvr - ok
21:45:04.0425 0x1684  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:45:04.0433 0x1684  ehSched - ok
21:45:04.0439 0x1684  [ 68FF4448C05A11D169D47A849E7EF379, 02020DA595C7DE8D7BD014A4C622B568DA61988A0BA0E110803A58F87CB3FD11 ] ekbdflt         C:\Windows\system32\DRIVERS\ekbdflt.sys
21:45:04.0447 0x1684  ekbdflt - ok
21:45:04.0492 0x1684  [ 83A9EF0F3F1AA1E474A6D33AD191F2BA, 0E2E3F9A6104B8D3689AEC19256CC644B0BCDADD95BB98F90DBBFD679BE26E96 ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
21:45:04.0544 0x1684  ekrn - ok
21:45:04.0558 0x1684  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:45:04.0571 0x1684  elxstor - ok
21:45:04.0578 0x1684  [ 59E0BD14BC40B77E9AA0143B1ACD2BB8, 516214B60F344A4A782444FBC272DE9FA6A9785E1057CDB43282C99376F31C86 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
21:45:04.0587 0x1684  epfw - ok
21:45:04.0590 0x1684  [ 424E123AA389801748E53530B3D23910, 65E3F9B5732FC1E14343E697F63434D2BA8EC06CB014DF08503C08969BDA2E78 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
21:45:04.0597 0x1684  EpfwLWF - ok
21:45:04.0601 0x1684  [ 553EE9B0426F8AE1321E2CC07374FA19, A6A96BECA8744D482FE1B039DF1B902B4CA5CEC9120701162EF31B8CD7305813 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
21:45:04.0608 0x1684  epfwwfp - ok
21:45:04.0609 0x1684  epp - ok
21:45:04.0612 0x1684  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:45:04.0618 0x1684  ErrDev - ok
21:45:04.0628 0x1684  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:45:04.0653 0x1684  EventSystem - ok
21:45:04.0660 0x1684  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:45:04.0681 0x1684  exfat - ok
21:45:04.0688 0x1684  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:45:04.0710 0x1684  fastfat - ok
21:45:04.0722 0x1684  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:45:04.0740 0x1684  Fax - ok
21:45:04.0744 0x1684  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:45:04.0751 0x1684  fdc - ok
21:45:04.0754 0x1684  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:45:04.0773 0x1684  fdPHost - ok
21:45:04.0776 0x1684  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:45:04.0795 0x1684  FDResPub - ok
21:45:04.0799 0x1684  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:45:04.0805 0x1684  FileInfo - ok
21:45:04.0807 0x1684  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:45:04.0825 0x1684  Filetrace - ok
21:45:04.0829 0x1684  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:45:04.0835 0x1684  flpydisk - ok
21:45:04.0842 0x1684  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:45:04.0852 0x1684  FltMgr - ok
21:45:04.0872 0x1684  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
21:45:04.0896 0x1684  FontCache - ok
21:45:04.0901 0x1684  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:45:04.0906 0x1684  FontCache3.0.0.0 - ok
21:45:04.0909 0x1684  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:45:04.0915 0x1684  FsDepends - ok
21:45:04.0917 0x1684  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:45:04.0922 0x1684  Fs_Rec - ok
21:45:04.0928 0x1684  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:45:04.0938 0x1684  fvevol - ok
21:45:04.0941 0x1684  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:45:04.0947 0x1684  gagp30kx - ok
21:45:04.0967 0x1684  [ C6E1E9A45C8BCFD073148B6A6B038C69, EB421C687BC3A3CF97685AA598EF0C671AA74DC801185D4E3C197C1B5B24EE02 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:45:04.0990 0x1684  GfExperienceService - ok
21:45:05.0005 0x1684  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:45:05.0024 0x1684  gpsvc - ok
21:45:05.0032 0x1684  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:45:05.0039 0x1684  gupdate - ok
21:45:05.0043 0x1684  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:45:05.0050 0x1684  gupdatem - ok
21:45:05.0052 0x1684  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:45:05.0058 0x1684  hcw85cir - ok
21:45:05.0066 0x1684  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:45:05.0078 0x1684  HdAudAddService - ok
21:45:05.0083 0x1684  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:45:05.0092 0x1684  HDAudBus - ok
21:45:05.0095 0x1684  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:45:05.0101 0x1684  HidBatt - ok
21:45:05.0104 0x1684  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:45:05.0113 0x1684  HidBth - ok
21:45:05.0116 0x1684  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:45:05.0124 0x1684  HidIr - ok
21:45:05.0126 0x1684  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:45:05.0146 0x1684  hidserv - ok
21:45:05.0148 0x1684  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:45:05.0155 0x1684  HidUsb - ok
21:45:05.0159 0x1684  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:45:05.0179 0x1684  hkmsvc - ok
21:45:05.0185 0x1684  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:45:05.0196 0x1684  HomeGroupListener - ok
21:45:05.0202 0x1684  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:45:05.0211 0x1684  HomeGroupProvider - ok
21:45:05.0214 0x1684  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:45:05.0220 0x1684  HpSAMD - ok
21:45:05.0233 0x1684  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:45:05.0250 0x1684  HTTP - ok
21:45:05.0254 0x1684  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:45:05.0259 0x1684  hwpolicy - ok
21:45:05.0262 0x1684  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:45:05.0270 0x1684  i8042prt - ok
21:45:05.0283 0x1684  [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
21:45:05.0297 0x1684  iaStorA - ok
21:45:05.0299 0x1684  IAStorDataMgrSvc - ok
21:45:05.0302 0x1684  [ ABE52EF9AF37C8D4FC67FDB9BE368142, 75B2787A0E45ED4801530D13381E596D1DB635D0A9C3FDFAB3951063048A5ECF ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
21:45:05.0307 0x1684  iaStorF - ok
21:45:05.0315 0x1684  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:45:05.0327 0x1684  iaStorV - ok
21:45:05.0334 0x1684  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:45:05.0341 0x1684  ICCS - ok
21:45:05.0355 0x1684  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:45:05.0373 0x1684  idsvc - ok
21:45:05.0375 0x1684  IEEtwCollectorService - ok
21:45:05.0429 0x1684  [ B12F7F8180BCD99B29AE2A6534857EA1, D095DF08A4F3510B96DE55A69ACCDEA0AACC7244447A858041D4C511835BA066 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:45:05.0495 0x1684  igfx - ok
21:45:05.0502 0x1684  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:45:05.0507 0x1684  iirsp - ok
21:45:05.0521 0x1684  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:45:05.0541 0x1684  IKEEXT - ok
21:45:05.0608 0x1684  [ 0D378E0EC4009E954FB1A358514CE99E, 05B36FCFFBCB01DBD01096B3E72F2AEBCEF91C99EF2AA4DB17EBECC33A1CA0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:45:05.0687 0x1684  IntcAzAudAddService - ok
21:45:05.0699 0x1684  [ FA6094444A7DC90449800F964E0A8668, A6DCF395649FA185596D55713888922BA2A61D96AD0D5E7860FD47EE30B7E4CF ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:45:05.0708 0x1684  Intel(R) PROSet Monitoring Service - ok
21:45:05.0710 0x1684  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:45:05.0715 0x1684  intelide - ok
21:45:05.0718 0x1684  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:45:05.0725 0x1684  intelppm - ok
21:45:05.0729 0x1684  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:45:05.0749 0x1684  IPBusEnum - ok
21:45:05.0753 0x1684  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:45:05.0772 0x1684  IpFilterDriver - ok
21:45:05.0783 0x1684  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:45:05.0811 0x1684  iphlpsvc - ok
21:45:05.0816 0x1684  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:45:05.0824 0x1684  IPMIDRV - ok
21:45:05.0828 0x1684  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:45:05.0849 0x1684  IPNAT - ok
21:45:05.0861 0x1684  [ A9E19D4C0E9487544B0A87D511514DA9, 83767BA2A7EE1DE39DBF824B57D898355F8C5E3CE146CA280B0E336428837E70 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:45:05.0876 0x1684  iPod Service - ok
21:45:05.0879 0x1684  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:45:05.0888 0x1684  IRENUM - ok
21:45:05.0890 0x1684  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:45:05.0896 0x1684  isapnp - ok
21:45:05.0903 0x1684  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:45:05.0913 0x1684  iScsiPrt - ok
21:45:05.0915 0x1684  [ 45392E76EE30DC9C8F0181C785F0BA48, 7FB522E1AA9B877B9FB1A29C2ADC42EA794E8864AD2411AD275F00F00547F8F3 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:45:05.0920 0x1684  iusb3hcs - ok
21:45:05.0929 0x1684  [ C6E8FB7FF41877378CCB30DE6E9941DF, CA808A00C0CC21C1C7BE54F0D1E5D3F24C0032BE821C064E0A63901F20F3C6BC ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:45:05.0939 0x1684  iusb3hub - ok
21:45:05.0954 0x1684  [ 6FBA980433B2B21604CE990FBF542D3F, ACB35A5558DD9EF9A339C9D061207AF5527D3AEFC9AC99AB6CFBA1CE92F8B62D ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:45:05.0971 0x1684  iusb3xhc - ok
21:45:05.0974 0x1684  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:45:05.0980 0x1684  kbdclass - ok
21:45:05.0983 0x1684  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:45:05.0989 0x1684  kbdhid - ok
21:45:05.0991 0x1684  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
21:45:05.0998 0x1684  KeyIso - ok
21:45:06.0011 0x1684  [ 4677AF088A95F02A41F81733E33507C6, 0579EF63D0BB604CA4955A0A0CB1DE65AC99C28DBA6A1EB138793F338D36052A ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
21:45:06.0022 0x1684  Kodak AiO Network Discovery Service - ok
21:45:06.0036 0x1684  [ 60301F8FDF519FFEC307A686209C33BE, B9A31478707B518967A6200813DCBD4DE03824FBFAB6E35D4FA4DA783FD6305A ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
21:45:06.0051 0x1684  Kodak AiO Status Monitor Service - ok
21:45:06.0056 0x1684  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:45:06.0062 0x1684  KSecDD - ok
21:45:06.0067 0x1684  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:45:06.0074 0x1684  KSecPkg - ok
21:45:06.0076 0x1684  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:45:06.0096 0x1684  ksthunk - ok
21:45:06.0104 0x1684  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:45:06.0128 0x1684  KtmRm - ok
21:45:06.0135 0x1684  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:45:06.0157 0x1684  LanmanServer - ok
21:45:06.0162 0x1684  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:45:06.0182 0x1684  LanmanWorkstation - ok
21:45:06.0186 0x1684  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:45:06.0206 0x1684  lltdio - ok
21:45:06.0213 0x1684  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:45:06.0236 0x1684  lltdsvc - ok
21:45:06.0239 0x1684  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:45:06.0258 0x1684  lmhosts - ok
21:45:06.0263 0x1684  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:45:06.0269 0x1684  LSI_FC - ok
21:45:06.0273 0x1684  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:45:06.0280 0x1684  LSI_SAS - ok
21:45:06.0283 0x1684  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:45:06.0289 0x1684  LSI_SAS2 - ok
21:45:06.0293 0x1684  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:45:06.0300 0x1684  LSI_SCSI - ok
21:45:06.0303 0x1684  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:45:06.0324 0x1684  luafv - ok
21:45:06.0328 0x1684  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:45:06.0334 0x1684  MBAMProtector - ok
21:45:06.0358 0x1684  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:45:06.0387 0x1684  MBAMScheduler - ok
21:45:06.0408 0x1684  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:45:06.0431 0x1684  MBAMService - ok
21:45:06.0439 0x1684  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:45:06.0448 0x1684  MBAMSwissArmy - ok
21:45:06.0451 0x1684  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:45:06.0458 0x1684  MBAMWebAccessControl - ok
21:45:06.0462 0x1684  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:45:06.0470 0x1684  Mcx2Svc - ok
21:45:06.0472 0x1684  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:45:06.0477 0x1684  megasas - ok
21:45:06.0484 0x1684  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:45:06.0493 0x1684  MegaSR - ok
21:45:06.0496 0x1684  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:45:06.0502 0x1684  MEIx64 - ok
21:45:06.0505 0x1684  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:45:06.0524 0x1684  MMCSS - ok
21:45:06.0527 0x1684  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:45:06.0546 0x1684  Modem - ok
21:45:06.0549 0x1684  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:45:06.0556 0x1684  monitor - ok
21:45:06.0559 0x1684  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:45:06.0564 0x1684  mouclass - ok
21:45:06.0567 0x1684  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:45:06.0573 0x1684  mouhid - ok
21:45:06.0576 0x1684  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:45:06.0582 0x1684  mountmgr - ok
21:45:06.0587 0x1684  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:45:06.0594 0x1684  mpio - ok
21:45:06.0597 0x1684  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:45:06.0618 0x1684  mpsdrv - ok
21:45:06.0632 0x1684  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:45:06.0664 0x1684  MpsSvc - ok
21:45:06.0669 0x1684  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:45:06.0678 0x1684  MRxDAV - ok
21:45:06.0683 0x1684  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:45:06.0692 0x1684  mrxsmb - ok
21:45:06.0700 0x1684  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:45:06.0711 0x1684  mrxsmb10 - ok
21:45:06.0717 0x1684  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:45:06.0727 0x1684  mrxsmb20 - ok
21:45:06.0730 0x1684  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:45:06.0736 0x1684  msahci - ok
21:45:06.0741 0x1684  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:45:06.0748 0x1684  msdsm - ok
21:45:06.0753 0x1684  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:45:06.0763 0x1684  MSDTC - ok
21:45:06.0767 0x1684  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:45:06.0787 0x1684  Msfs - ok
21:45:06.0789 0x1684  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:45:06.0809 0x1684  mshidkmdf - ok
21:45:06.0811 0x1684  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:45:06.0817 0x1684  msisadrv - ok
21:45:06.0822 0x1684  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:45:06.0844 0x1684  MSiSCSI - ok
21:45:06.0846 0x1684  msiserver - ok
21:45:06.0849 0x1684  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:45:06.0869 0x1684  MSKSSRV - ok
21:45:06.0871 0x1684  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:45:06.0890 0x1684  MSPCLOCK - ok
21:45:06.0893 0x1684  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:45:06.0912 0x1684  MSPQM - ok
21:45:06.0920 0x1684  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:45:06.0931 0x1684  MsRPC - ok
21:45:06.0936 0x1684  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:45:06.0941 0x1684  mssmbios - ok
21:45:06.0943 0x1684  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:45:06.0961 0x1684  MSTEE - ok
21:45:06.0969 0x1684  [ 32528D01ACBBC8DF6211268FA06D7C10, ACAEB89550FDAE7DD7701EB07ED1700933DDFABC753BB639E3C49457A40AFE30 ] mt7612US        C:\Windows\system32\DRIVERS\mt7612US.sys
21:45:06.0987 0x1684  mt7612US - ok
21:45:06.0991 0x1684  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:45:06.0997 0x1684  MTConfig - ok
21:45:07.0000 0x1684  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:45:07.0006 0x1684  Mup - ok
21:45:07.0016 0x1684  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:45:07.0041 0x1684  napagent - ok
21:45:07.0049 0x1684  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:45:07.0062 0x1684  NativeWifiP - ok
21:45:07.0078 0x1684  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:45:07.0098 0x1684  NDIS - ok
21:45:07.0102 0x1684  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:45:07.0120 0x1684  NdisCap - ok
21:45:07.0122 0x1684  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:45:07.0140 0x1684  NdisTapi - ok
21:45:07.0142 0x1684  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:45:07.0160 0x1684  Ndisuio - ok
21:45:07.0166 0x1684  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:45:07.0186 0x1684  NdisWan - ok
21:45:07.0189 0x1684  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:45:07.0207 0x1684  NDProxy - ok
21:45:07.0211 0x1684  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:45:07.0229 0x1684  NetBIOS - ok
21:45:07.0236 0x1684  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:45:07.0249 0x1684  NetBT - ok
21:45:07.0252 0x1684  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
21:45:07.0259 0x1684  Netlogon - ok
21:45:07.0267 0x1684  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:45:07.0290 0x1684  Netman - ok
21:45:07.0306 0x1684  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:07.0315 0x1684  NetMsmqActivator - ok
21:45:07.0319 0x1684  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:07.0326 0x1684  NetPipeActivator - ok
21:45:07.0336 0x1684  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:45:07.0362 0x1684  netprofm - ok
21:45:07.0368 0x1684  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:07.0376 0x1684  NetTcpActivator - ok
21:45:07.0380 0x1684  [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:07.0388 0x1684  NetTcpPortSharing - ok
21:45:07.0391 0x1684  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:45:07.0397 0x1684  nfrd960 - ok
21:45:07.0406 0x1684  [ 956BB5F7CCC82D31BF32AE43A41D1ADE, 4AF9F85B2E6C4966B9125A0F3728459C221EF4CD3FFCDD65435D7AD01E141176 ] NitroReaderDriverReadSpool5 C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
21:45:07.0415 0x1684  NitroReaderDriverReadSpool5 - ok
21:45:07.0423 0x1684  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:45:07.0436 0x1684  NlaSvc - ok
21:45:07.0439 0x1684  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:45:07.0459 0x1684  Npfs - ok
21:45:07.0462 0x1684  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:45:07.0482 0x1684  nsi - ok
21:45:07.0485 0x1684  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:45:07.0504 0x1684  nsiproxy - ok
21:45:07.0532 0x1684  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:45:07.0562 0x1684  Ntfs - ok
21:45:07.0567 0x1684  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:45:07.0586 0x1684  Null - ok
21:45:07.0592 0x1684  [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:45:07.0602 0x1684  NVHDA - ok
21:45:07.0793 0x1684  [ 71CF83223F3ADC2EC9DC0FDA8702E312, A76E94F73CD1EAB5D49EF8A206B1E4BC141620B482236E0FD17F5FA0CAD05863 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:45:08.0016 0x1684  nvlddmkm - ok
21:45:08.0056 0x1684  [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:45:08.0091 0x1684  NvNetworkService - ok
21:45:08.0098 0x1684  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:45:08.0105 0x1684  nvraid - ok
21:45:08.0110 0x1684  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:45:08.0118 0x1684  nvstor - ok
21:45:08.0121 0x1684  [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:45:08.0126 0x1684  NvStreamKms - ok
21:45:08.0177 0x1684  [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
21:45:08.0239 0x1684  NvStreamNetworkSvc - ok
21:45:08.0281 0x1684  [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:45:08.0325 0x1684  NvStreamSvc - ok
21:45:08.0349 0x1684  [ F07CC5C6A71B002C50D74FD611F44538, 85A341530740A71768947E721B0A979DEE328348F3083806A367DAA0CD628CB4 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:45:08.0375 0x1684  nvsvc - ok
21:45:08.0380 0x1684  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:45:08.0387 0x1684  nvvad_WaveExtensible - ok
21:45:08.0391 0x1684  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:45:08.0398 0x1684  nv_agp - ok
21:45:08.0401 0x1684  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:45:08.0407 0x1684  ohci1394 - ok
21:45:08.0459 0x1684  [ 3E498CE04DD40C60769854DF2CE8D21D, 28B9331787FE598A79E40DA839B022D353280BE0E8F0D20CE4AAB6284866DE48 ] Origin Client Service G:\Origin\OriginClientService.exe
21:45:08.0496 0x1684  Origin Client Service - ok
21:45:08.0540 0x1684  [ B66980E730FEF1E31BE39B09F55514A1, 756F7695AB112FB2FEBA905F5F9E7C9435823195DE164AF60071457BC047535E ] Origin Web Helper Service G:\Origin\OriginWebHelperService.exe
21:45:08.0578 0x1684  Origin Web Helper Service - ok
21:45:08.0587 0x1684  [ C9DFA1FBAC82F4FCC7FADD7749546D40, D5F591E089ECB75677F36FA71F0D71885751D72AFFAEC53C0542206F9C6B26A4 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:45:08.0597 0x1684  ose64 - ok
21:45:08.0669 0x1684  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:45:08.0754 0x1684  osppsvc - ok
21:45:08.0767 0x1684  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:45:08.0777 0x1684  p2pimsvc - ok
21:45:08.0787 0x1684  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:45:08.0800 0x1684  p2psvc - ok
21:45:08.0805 0x1684  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:45:08.0812 0x1684  Parport - ok
21:45:08.0815 0x1684  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:45:08.0821 0x1684  partmgr - ok
21:45:08.0827 0x1684  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:45:08.0836 0x1684  PcaSvc - ok
21:45:08.0841 0x1684  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:45:08.0848 0x1684  pci - ok
21:45:08.0850 0x1684  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:45:08.0855 0x1684  pciide - ok
21:45:08.0861 0x1684  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:45:08.0869 0x1684  pcmcia - ok
21:45:08.0871 0x1684  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:45:08.0877 0x1684  pcw - ok
21:45:08.0889 0x1684  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:45:08.0904 0x1684  PEAUTH - ok
21:45:08.0926 0x1684  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:45:08.0954 0x1684  PeerDistSvc - ok
21:45:08.0980 0x1684  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:45:08.0987 0x1684  PerfHost - ok
21:45:09.0011 0x1684  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:45:09.0050 0x1684  pla - ok
21:45:09.0061 0x1684  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:45:09.0074 0x1684  PlugPlay - ok
21:45:09.0078 0x1684  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:45:09.0085 0x1684  PNRPAutoReg - ok
21:45:09.0092 0x1684  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:45:09.0104 0x1684  PNRPsvc - ok
21:45:09.0114 0x1684  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:45:09.0128 0x1684  PolicyAgent - ok
21:45:09.0135 0x1684  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:45:09.0156 0x1684  Power - ok
21:45:09.0161 0x1684  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:45:09.0180 0x1684  PptpMiniport - ok
21:45:09.0183 0x1684  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:45:09.0190 0x1684  Processor - ok
21:45:09.0196 0x1684  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:45:09.0207 0x1684  ProfSvc - ok
21:45:09.0209 0x1684  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:45:09.0215 0x1684  ProtectedStorage - ok
21:45:09.0219 0x1684  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:45:09.0238 0x1684  Psched - ok
21:45:09.0261 0x1684  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:45:09.0291 0x1684  ql2300 - ok
21:45:09.0296 0x1684  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:45:09.0303 0x1684  ql40xx - ok
21:45:09.0309 0x1684  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:45:09.0321 0x1684  QWAVE - ok
21:45:09.0324 0x1684  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:45:09.0333 0x1684  QWAVEdrv - ok
21:45:09.0335 0x1684  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:45:09.0354 0x1684  RasAcd - ok
21:45:09.0358 0x1684  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:45:09.0378 0x1684  RasAgileVpn - ok
21:45:09.0382 0x1684  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:45:09.0403 0x1684  RasAuto - ok
21:45:09.0407 0x1684  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:45:09.0427 0x1684  Rasl2tp - ok
21:45:09.0435 0x1684  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:45:09.0459 0x1684  RasMan - ok
21:45:09.0464 0x1684  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:45:09.0485 0x1684  RasPppoe - ok
21:45:09.0490 0x1684  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:45:09.0510 0x1684  RasSstp - ok
21:45:09.0518 0x1684  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:45:09.0541 0x1684  rdbss - ok
21:45:09.0544 0x1684  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:45:09.0553 0x1684  rdpbus - ok
21:45:09.0555 0x1684  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:45:09.0574 0x1684  RDPCDD - ok
21:45:09.0580 0x1684  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:45:09.0589 0x1684  RDPDR - ok
21:45:09.0592 0x1684  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:45:09.0611 0x1684  RDPENCDD - ok
21:45:09.0614 0x1684  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:45:09.0633 0x1684  RDPREFMP - ok
21:45:09.0640 0x1684  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:45:09.0649 0x1684  RDPWD - ok
21:45:09.0655 0x1684  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:45:09.0663 0x1684  rdyboost - ok
21:45:09.0667 0x1684  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:45:09.0688 0x1684  RemoteAccess - ok
21:45:09.0693 0x1684  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:45:09.0749 0x1684  RemoteRegistry - ok
21:45:09.0752 0x1684  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
21:45:09.0758 0x1684  Revoflt - ok
21:45:09.0761 0x1684  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:45:09.0781 0x1684  RpcEptMapper - ok
21:45:09.0784 0x1684  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:45:09.0790 0x1684  RpcLocator - ok
21:45:09.0800 0x1684  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:45:09.0826 0x1684  RpcSs - ok
21:45:09.0831 0x1684  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:45:09.0850 0x1684  rspndr - ok
21:45:09.0853 0x1684  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:45:09.0858 0x1684  s3cap - ok
21:45:09.0860 0x1684  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
21:45:09.0867 0x1684  SamSs - ok
21:45:09.0870 0x1684  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:45:09.0876 0x1684  sbp2port - ok
21:45:09.0882 0x1684  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:45:09.0904 0x1684  SCardSvr - ok
21:45:09.0909 0x1684  [ 81912490882BE0F971B582AD1C33CA57, F0D94B8DAB7012C6407A866A148A93641684D26400CCF65856A08E423AD18DF0 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
21:45:09.0917 0x1684  SCDEmu - ok
21:45:09.0919 0x1684  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:45:09.0937 0x1684  scfilter - ok
21:45:09.0955 0x1684  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:45:09.0979 0x1684  Schedule - ok
21:45:09.0985 0x1684  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:45:10.0003 0x1684  SCPolicySvc - ok
21:45:10.0030 0x1684  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:45:10.0039 0x1684  SDRSVC - ok
21:45:10.0041 0x1684  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:45:10.0048 0x1684  secdrv - ok
21:45:10.0051 0x1684  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:45:10.0058 0x1684  seclogon - ok
21:45:10.0062 0x1684  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:45:10.0081 0x1684  SENS - ok
21:45:10.0084 0x1684  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:45:10.0092 0x1684  SensrSvc - ok
21:45:10.0096 0x1684  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:45:10.0104 0x1684  Serenum - ok
21:45:10.0107 0x1684  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:45:10.0115 0x1684  Serial - ok
21:45:10.0118 0x1684  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:45:10.0125 0x1684  sermouse - ok
21:45:10.0131 0x1684  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:45:10.0152 0x1684  SessionEnv - ok
21:45:10.0154 0x1684  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:45:10.0162 0x1684  sffdisk - ok
21:45:10.0165 0x1684  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:45:10.0173 0x1684  sffp_mmc - ok
21:45:10.0175 0x1684  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:45:10.0182 0x1684  sffp_sd - ok
21:45:10.0185 0x1684  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:45:10.0193 0x1684  sfloppy - ok
21:45:10.0200 0x1684  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:45:10.0225 0x1684  SharedAccess - ok
21:45:10.0234 0x1684  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:45:10.0260 0x1684  ShellHWDetection - ok
21:45:10.0263 0x1684  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:45:10.0269 0x1684  SiSRaid2 - ok
21:45:10.0273 0x1684  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:45:10.0279 0x1684  SiSRaid4 - ok
21:45:10.0289 0x1684  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:45:10.0300 0x1684  SkypeUpdate - ok
21:45:10.0304 0x1684  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:45:10.0324 0x1684  Smb - ok
21:45:10.0327 0x1684  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:45:10.0336 0x1684  SNMPTRAP - ok
21:45:10.0338 0x1684  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:45:10.0343 0x1684  spldr - ok
21:45:10.0354 0x1684  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
21:45:10.0381 0x1684  Spooler - ok
21:45:10.0433 0x1684  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:45:10.0505 0x1684  sppsvc - ok
21:45:10.0511 0x1684  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:45:10.0532 0x1684  sppuinotify - ok
21:45:10.0541 0x1684  [ FEB80A9EC320569CC82D4DB9F4AC78BC, E6340CDA9B5F59DBE68128356E357FEDA3655A296BFE4B7F44944F2DE5DA9765 ] sptd            C:\Windows\System32\Drivers\sptd.sys
21:45:10.0552 0x1684  sptd - ok
21:45:10.0561 0x1684  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:45:10.0576 0x1684  srv - ok
21:45:10.0585 0x1684  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:45:10.0598 0x1684  srv2 - ok
21:45:10.0603 0x1684  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:45:10.0612 0x1684  srvnet - ok
21:45:10.0618 0x1684  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:45:10.0641 0x1684  SSDPSRV - ok
21:45:10.0645 0x1684  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:45:10.0666 0x1684  SstpSvc - ok
21:45:10.0690 0x1684  [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:45:10.0717 0x1684  Steam Client Service - ok
21:45:10.0728 0x1684  [ 4AD54C2E540F2364607A26F3585A509F, AB453222A1F9C906478AFA9460C4687F4D40B504C2F29E68F047D2D38A2BFBB8 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
21:45:10.0739 0x1684  Stereo Service - ok
21:45:10.0743 0x1684  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:45:10.0747 0x1684  stexstor - ok
21:45:10.0758 0x1684  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:45:10.0777 0x1684  stisvc - ok
21:45:10.0781 0x1684  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:45:10.0786 0x1684  storflt - ok
21:45:10.0788 0x1684  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:45:10.0795 0x1684  StorSvc - ok
21:45:10.0797 0x1684  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:45:10.0802 0x1684  storvsc - ok
21:45:10.0805 0x1684  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:45:10.0809 0x1684  swenum - ok
21:45:10.0820 0x1684  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:45:10.0850 0x1684  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:45:10.0850 0x1684  Detect skipped due to KSN trusted
21:45:10.0850 0x1684  SwitchBoard - ok
21:45:10.0860 0x1684  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:45:10.0886 0x1684  swprv - ok
21:45:10.0914 0x1684  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:45:10.0947 0x1684  SysMain - ok
21:45:10.0953 0x1684  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:45:10.0963 0x1684  TabletInputService - ok
21:45:10.0971 0x1684  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:45:10.0994 0x1684  TapiSrv - ok
21:45:10.0997 0x1684  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:45:11.0018 0x1684  TBS - ok
21:45:11.0047 0x1684  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:45:11.0081 0x1684  Tcpip - ok
21:45:11.0112 0x1684  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:45:11.0147 0x1684  TCPIP6 - ok
21:45:11.0153 0x1684  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:45:11.0172 0x1684  tcpipreg - ok
21:45:11.0175 0x1684  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:45:11.0181 0x1684  TDPIPE - ok
21:45:11.0247 0x1684  [ 1226A953D4FDBDFD570DA5CEE66EAA55, 640922152493057519198A55373A82CD1C7DCF0C219F4ECE7D2C30363FFA1E86 ] TDslMgrService  E:\Telekom netzmanager\DslMgrSvc.exe
21:45:11.0264 0x1684  TDslMgrService - detected UnsignedFile.Multi.Generic ( 1 )
21:45:11.0264 0x1684  Detect skipped due to KSN trusted
21:45:11.0264 0x1684  TDslMgrService - ok
21:45:11.0269 0x1684  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:45:11.0282 0x1684  TDTCP - ok
21:45:11.0289 0x1684  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:45:11.0306 0x1684  tdx - ok
21:45:11.0311 0x1684  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:45:11.0324 0x1684  TermDD - ok
21:45:11.0340 0x1684  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:45:11.0364 0x1684  TermService - ok
21:45:11.0369 0x1684  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:45:11.0383 0x1684  Themes - ok
21:45:11.0387 0x1684  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:45:11.0414 0x1684  THREADORDER - ok
21:45:11.0418 0x1684  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:45:11.0439 0x1684  TrkWks - ok
21:45:11.0445 0x1684  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:45:11.0465 0x1684  TrustedInstaller - ok
21:45:11.0469 0x1684  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:45:11.0476 0x1684  tssecsrv - ok
21:45:11.0479 0x1684  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:45:11.0485 0x1684  TsUsbFlt - ok
21:45:11.0490 0x1684  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:45:11.0509 0x1684  tunnel - ok
21:45:11.0513 0x1684  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:45:11.0519 0x1684  uagp35 - ok
21:45:11.0526 0x1684  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:45:11.0548 0x1684  udfs - ok
21:45:11.0552 0x1684  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:45:11.0559 0x1684  UI0Detect - ok
21:45:11.0562 0x1684  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:45:11.0568 0x1684  uliagpkx - ok
21:45:11.0571 0x1684  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
21:45:11.0577 0x1684  umbus - ok
21:45:11.0579 0x1684  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:45:11.0585 0x1684  UmPass - ok
21:45:11.0591 0x1684  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:45:11.0600 0x1684  UmRdpService - ok
21:45:11.0608 0x1684  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:45:11.0632 0x1684  upnphost - ok
21:45:11.0636 0x1684  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:45:11.0644 0x1684  USBAAPL64 - ok
21:45:11.0648 0x1684  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:45:11.0656 0x1684  usbaudio - ok
21:45:11.0659 0x1684  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:45:11.0667 0x1684  usbccgp - ok
21:45:11.0671 0x1684  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:45:11.0679 0x1684  usbcir - ok
21:45:11.0682 0x1684  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:45:11.0689 0x1684  usbehci - ok
21:45:11.0697 0x1684  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:45:11.0708 0x1684  usbhub - ok
21:45:11.0711 0x1684  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:45:11.0718 0x1684  usbohci - ok
21:45:11.0721 0x1684  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:45:11.0730 0x1684  usbprint - ok
21:45:11.0733 0x1684  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:45:11.0740 0x1684  usbscan - ok
21:45:11.0743 0x1684  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:45:11.0751 0x1684  USBSTOR - ok
21:45:11.0754 0x1684  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:45:11.0761 0x1684  usbuhci - ok
21:45:11.0764 0x1684  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:45:11.0784 0x1684  UxSms - ok
21:45:11.0786 0x1684  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
21:45:11.0793 0x1684  VaultSvc - ok
21:45:11.0809 0x1684  [ 778326796B64809765151DB97A7494A1, E6104C3AB34CB88F0DF19C697DDD53E3785CD2FD42042B1BC655064A617B3F4E ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:45:11.0830 0x1684  VBoxDrv - ok
21:45:11.0836 0x1684  [ EA1E84950229EF42D4C1B0E9CB54CDA2, 63B4A5A4EF3A04ED415B11CDB66661A1E4FFF2E459EF4469EECD3008AA9A1CE9 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
21:45:11.0844 0x1684  VBoxNetAdp - ok
21:45:11.0849 0x1684  [ 37A0640F1B21E870DF6F4D634DFF6EF0, 9B200FC803E1C56172FF228DF9B508572349FEEBE9125995807F5937CF7B7145 ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
21:45:11.0858 0x1684  VBoxNetLwf - ok
21:45:11.0863 0x1684  [ 96A5BE08C3D815B19E40E00314DCF9F6, 3B6A7F2D02BFFD40B03DED95BA07DA77AB910EAFCDAFAC1CA8069BF8B0CEA931 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
21:45:11.0871 0x1684  VBoxUSB - ok
21:45:11.0875 0x1684  [ 28C4EB89F3ABD3147A31FA25AFA48791, 89ECF76A30DE8718AED39C8FA2D442128C8C4D1F43816D167836421B7064B11E ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:45:11.0883 0x1684  VBoxUSBMon - ok
21:45:11.0886 0x1684  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:45:11.0892 0x1684  vdrvroot - ok
21:45:11.0902 0x1684  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:45:11.0928 0x1684  vds - ok
21:45:11.0931 0x1684  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:45:11.0938 0x1684  vga - ok
21:45:11.0940 0x1684  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:45:11.0958 0x1684  VgaSave - ok
21:45:11.0964 0x1684  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:45:11.0972 0x1684  vhdmp - ok
21:45:11.0975 0x1684  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:45:11.0980 0x1684  viaide - ok
21:45:11.0985 0x1684  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:45:11.0993 0x1684  vmbus - ok
21:45:11.0995 0x1684  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:45:12.0003 0x1684  VMBusHID - ok
21:45:12.0004 0x1684  vmci - ok
21:45:12.0006 0x1684  VMnetAdapter - ok
21:45:12.0009 0x1684  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:45:12.0015 0x1684  volmgr - ok
21:45:12.0023 0x1684  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:45:12.0033 0x1684  volmgrx - ok
21:45:12.0041 0x1684  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:45:12.0051 0x1684  volsnap - ok
21:45:12.0057 0x1684  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
21:45:12.0065 0x1684  vpcbus - ok
21:45:12.0069 0x1684  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
21:45:12.0076 0x1684  vpcnfltr - ok
21:45:12.0080 0x1684  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
21:45:12.0088 0x1684  vpcusb - ok
21:45:12.0096 0x1684  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
21:45:12.0107 0x1684  vpcvmm - ok
21:45:12.0113 0x1684  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:45:12.0121 0x1684  vsmraid - ok
21:45:12.0146 0x1684  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:45:12.0192 0x1684  VSS - ok
21:45:12.0196 0x1684  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:45:12.0206 0x1684  vwifibus - ok
21:45:12.0215 0x1684  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:45:12.0241 0x1684  W32Time - ok
21:45:12.0245 0x1684  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:45:12.0252 0x1684  WacomPen - ok
21:45:12.0256 0x1684  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:45:12.0275 0x1684  WANARP - ok
21:45:12.0279 0x1684  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:45:12.0299 0x1684  Wanarpv6 - ok
21:45:12.0320 0x1684  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:45:12.0344 0x1684  WatAdminSvc - ok
21:45:12.0369 0x1684  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:45:12.0400 0x1684  wbengine - ok
21:45:12.0407 0x1684  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:45:12.0420 0x1684  WbioSrvc - ok
21:45:12.0428 0x1684  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:45:12.0444 0x1684  wcncsvc - ok
21:45:12.0447 0x1684  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:45:12.0455 0x1684  WcsPlugInService - ok
21:45:12.0458 0x1684  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:45:12.0463 0x1684  Wd - ok
21:45:12.0477 0x1684  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:45:12.0495 0x1684  Wdf01000 - ok
21:45:12.0500 0x1684  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:45:12.0511 0x1684  WdiServiceHost - ok
21:45:12.0514 0x1684  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:45:12.0525 0x1684  WdiSystemHost - ok
21:45:12.0532 0x1684  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
21:45:12.0542 0x1684  WebClient - ok
21:45:12.0548 0x1684  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:45:12.0571 0x1684  Wecsvc - ok
21:45:12.0575 0x1684  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:45:12.0596 0x1684  wercplsupport - ok
21:45:12.0600 0x1684  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:45:12.0621 0x1684  WerSvc - ok
21:45:12.0623 0x1684  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:45:12.0642 0x1684  WfpLwf - ok
21:45:12.0645 0x1684  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:45:12.0650 0x1684  WIMMount - ok
21:45:12.0652 0x1684  WinDefend - ok
21:45:12.0654 0x1684  WinHttpAutoProxySvc - ok
21:45:12.0665 0x1684  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:45:12.0687 0x1684  Winmgmt - ok
21:45:12.0717 0x1684  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:45:12.0756 0x1684  WinRM - ok
21:45:12.0764 0x1684  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:45:12.0772 0x1684  WinUsb - ok
21:45:12.0788 0x1684  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:45:12.0812 0x1684  Wlansvc - ok
21:45:12.0849 0x1684  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:45:12.0889 0x1684  wlidsvc - ok
21:45:12.0893 0x1684  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:45:12.0901 0x1684  WmiAcpi - ok
21:45:12.0907 0x1684  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:45:12.0917 0x1684  wmiApSrv - ok
21:45:12.0921 0x1684  WMPNetworkSvc - ok
21:45:12.0924 0x1684  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:45:12.0932 0x1684  WPCSvc - ok
21:45:12.0936 0x1684  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:45:12.0945 0x1684  WPDBusEnum - ok
21:45:12.0948 0x1684  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:45:12.0967 0x1684  ws2ifsl - ok
21:45:12.0971 0x1684  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:45:12.0983 0x1684  wscsvc - ok
21:45:12.0984 0x1684  WSearch - ok
21:45:13.0023 0x1684  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:45:13.0070 0x1684  wuauserv - ok
21:45:13.0077 0x1684  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:45:13.0095 0x1684  WudfPf - ok
21:45:13.0101 0x1684  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:45:13.0122 0x1684  WUDFRd - ok
21:45:13.0125 0x1684  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:45:13.0145 0x1684  wudfsvc - ok
21:45:13.0152 0x1684  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:45:13.0164 0x1684  WwanSvc - ok
21:45:13.0167 0x1684  [ F0AE983ABA93D6A0327FC21B9ABED1C3, FB804CF5E8FF083E4223E4845311A1D2BEB2CEE1A0B5F0F1B1CEB0EF4D36B040 ] xb1usb          C:\Windows\system32\DRIVERS\xb1usb.sys
21:45:13.0177 0x1684  xb1usb - ok
21:45:13.0183 0x1684  [ F0701B21AE5546930A7B6DEC4C6F2779, 3ED7E5CA688FDA54604C491EB5A1A062E0D163E534AEAB7D9A2678D7F9175DF5 ] xboxgip         C:\Windows\system32\DRIVERS\xboxgip.sys
21:45:13.0197 0x1684  xboxgip - ok
21:45:13.0200 0x1684  [ 9A59E1059AE62321B7B85B6EB72F1509, 88D93E180C904E2C8B773DA1AC38B160953AFB3D483119DE7DCBEA17E6861555 ] xinputhid       C:\Windows\system32\DRIVERS\xinputhid.sys
21:45:13.0209 0x1684  xinputhid - ok
21:45:13.0213 0x1684  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
21:45:13.0219 0x1684  xusb21 - ok
21:45:13.0220 0x1684  ================ Scan global ===============================
21:45:13.0223 0x1684  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:45:13.0229 0x1684  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:45:13.0238 0x1684  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:45:13.0243 0x1684  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:45:13.0251 0x1684  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:45:13.0255 0x1684  [ Global ] - ok
21:45:13.0255 0x1684  ================ Scan MBR ==================================
21:45:13.0256 0x1684  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:45:13.0551 0x1684  \Device\Harddisk0\DR0 - ok
21:45:13.0555 0x1684  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:45:13.0621 0x1684  \Device\Harddisk1\DR1 - ok
21:45:13.0649 0x1684  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk6\DR6
21:45:13.0869 0x1684  \Device\Harddisk6\DR6 - ok
21:45:13.0870 0x1684  ================ Scan VBR ==================================
21:45:13.0873 0x1684  [ 909137473DDEB604BF3970C2ED5BF06E ] \Device\Harddisk0\DR0\Partition1
21:45:13.0875 0x1684  \Device\Harddisk0\DR0\Partition1 - ok
21:45:13.0877 0x1684  [ A045445BEB9B37164406F84F4112A610 ] \Device\Harddisk0\DR0\Partition2
21:45:13.0879 0x1684  \Device\Harddisk0\DR0\Partition2 - ok
21:45:13.0882 0x1684  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
21:45:13.0882 0x1684  \Device\Harddisk1\DR1\Partition1 - ok
21:45:13.0885 0x1684  [ 0E8C24123BFBB0AFF9101965B0E96270 ] \Device\Harddisk1\DR1\Partition2
21:45:13.0887 0x1684  \Device\Harddisk1\DR1\Partition2 - ok
21:45:13.0890 0x1684  [ BA8FE403DB60F7732141B978798CD4C6 ] \Device\Harddisk6\DR6\Partition1
21:45:13.0892 0x1684  \Device\Harddisk6\DR6\Partition1 - ok
21:45:13.0895 0x1684  [ 959A297B78429791E21E3B5395659A1C ] \Device\Harddisk6\DR6\Partition2
21:45:13.0897 0x1684  \Device\Harddisk6\DR6\Partition2 - ok
21:45:13.0897 0x1684  ================ Scan generic autorun ======================
21:45:14.0130 0x1684  [ CE56F859CEF04D23458FC9C175D5F18B, 85358687BD0E35142FE9C414E98A26740BA3F5028CF82C06B5CA2A4DB9CB22F4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:45:14.0380 0x1684  RTHDVCPL - ok
21:45:14.0392 0x1684  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:45:14.0398 0x1684  ShadowPlay - ok
21:45:14.0407 0x1684  [ E4E7B29D050F5480071984FE6543C311, 9A4D8D1702AE74AB4FE4367EAF4AD6500F59D4F25B3CCACE3EF07613B7B5853C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:45:14.0415 0x1684  USB3MON - ok
21:45:14.0434 0x1684  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:45:14.0458 0x1684  Sidebar - ok
21:45:14.0462 0x1684  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:45:14.0471 0x1684  mctadmin - ok
21:45:14.0489 0x1684  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:45:14.0512 0x1684  Sidebar - ok
21:45:14.0516 0x1684  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:45:14.0526 0x1684  mctadmin - ok
21:45:14.0653 0x1684  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
21:45:14.0798 0x1684  CCleaner Monitoring - ok
21:45:14.0805 0x1684  AV detected via SS2: ESET Smart Security 9.0.408.1, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.407.0 ), 0x41000 ( enabled : updated )
21:45:14.0806 0x1684  FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 9.0.407.0 ), 0x41010 ( enabled )
21:45:15.0909 0x1684  ============================================================
21:45:15.0909 0x1684  Scan finished
21:45:15.0909 0x1684  ============================================================
21:45:15.0918 0x1758  Detected object count: 0
21:45:15.0918 0x1758  Actual detected object count: 0

2.Hälfte

Ein Skript auf dieser Seite ist eventuell beschäftigt oder es antwortet nicht mehr. Sie können das Skript jetzt stoppen, im Debugger öffnen oder weiter ausführen.

Skript: hxxp://www.supremacy1914.de/s1…n-built-min.js?bust=1483523628:8447

auf dieser Seite zumbeispiel

M-K-D-B · 16.01.2017, 17:41

Servus,

setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
Starte den Rechner im Anschluss neu auf.
Downloade dir den MBAM Uninstaller auf deinen Desktop.
Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die neue Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

Erwin80 · 17.01.2017, 09:12

Code:

ATTFilter

# AdwCleaner v6.042 - Bericht erstellt am 16/01/2017 um 20:41:45
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-15.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Erwin- Erwin-PC
# Gestartet von : C:\Users\Erwin\Desktop\Trojaner-Software\AdwCleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [998 Bytes] - [16/01/2017 20:41:45]
C:\AdwCleaner\AdwCleaner[S0].txt - [1378 Bytes] - [13/01/2017 23:12:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [1451 Bytes] - [16/01/2017 20:41:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1216 Bytes] ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 17.01.17
Scan-Zeit: 00:16
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.5.1299
Komponentenversion: 1.0.43
Version des Aktualisierungspakets: 1.0.1030
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Erwin-PC\Erwin

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 380515
Abgelaufene Zeit: 1 Min., 55 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

FRST kommt morgen wenn ich ausgeschlafen habe ca 10 uhr!

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Erwin (Administrator) auf Erwin-PC (17-01-2017 09:07:50)
Gestartet von C:\Users\Erwin\Desktop\Trojaner-Software
Geladene Profile: Erwin (Verfügbare Profile: Erwin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "E:\Programme\FireFox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Programme\FireFox\firefox.exe
(T-Systems Enterprise Services GmbH) E:\Telekom netzmanager\DslMgrSvc.exe
(Mozilla Corporation) E:\Programme\FireFox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {579bb393-5884-11e6-b2a6-806e6f6e6963} - V:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {879de627-7672-11e6-9748-010101010000} - L:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {ae577840-6517-11e6-9168-806e6f6e6963} - L:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-08-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-12-23]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-12-23]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2017-01-14]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
Tcpip\..\Interfaces\{00ECA228-DA30-4653-8611-243CD66FBCB1}: [DhcpNameServer] 62.117.1.25 89.16.129.25
ManualProxies: 

Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zt6rzefm.default
FF ProfilePath: C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default [2017-01-17]
FF Extension: (Ghostery) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\firefox@ghostery.com.xpi [2017-01-10]
FF Extension: (AdBlock for Firefox) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-01-10]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2017-01-10]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-01-10]
FF Extension: (Adblock Plus) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> E:\Programme\VLC Player\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-23] ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2015-07-15] ( )
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNRD -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3372468986-2828329476-3420813562-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Erwin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-10-26] (RocketLife, LLP)
StartMenuInternet: FIREFOX.EXE - E:\Programme\FireFox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://www.facebook.com/
CHR Profile: C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default [2017-01-16]
CHR Extension: (Google Präsentationen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-03]
CHR Extension: (Google Docs) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-03]
CHR Extension: (Google Drive) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-03]
CHR Extension: (YouTube) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-03]
CHR Extension: (Google Tabellen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-03]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2016-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-04]
CHR Extension: (Ghostery) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-01-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-03]
CHR Extension: (Google Mail) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-08] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-08] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3020992 2016-12-28] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2016-11-16] (ESET)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-08-02] (Nitro Software, Inc.)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2119176 2017-01-10] (Electronic Arts)
S4 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2181648 2017-01-10] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R3 TDslMgrService; E:\Telekom netzmanager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]
S4 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [X]
S2 IAStorDataMgrSvc; "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-08] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-06] (Bluestack System Inc. )
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-16] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199304 2016-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-16] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153216 2016-11-16] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208520 2016-11-16] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61568 2016-11-16] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84616 2016-11-16] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R1 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-17] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-17] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-17] (Malwarebytes)
R3 mt7612US; C:\Windows\System32\DRIVERS\mt7612US.sys [376200 2015-12-08] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-08-18] (Duplex Secure Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2016-12-20] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [205440 2016-12-20] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135824 2016-08-16] (Oracle Corporation)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
U3 azlps7l5; C:\Windows\System32\Drivers\azlps7l5.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-17 00:24 - 2017-01-17 00:29 - 00001187 _____ C:\Users\Erwin\Desktop\mbam.txt
2017-01-17 00:16 - 2017-01-17 09:02 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-17 00:16 - 2017-01-17 09:02 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-17 00:16 - 2017-01-17 09:02 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-17 00:16 - 2017-01-17 09:02 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-17 00:16 - 2017-01-17 00:16 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-17 00:16 - 2017-01-17 00:16 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-17 00:16 - 2017-01-17 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-17 00:16 - 2017-01-17 00:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-17 00:16 - 2017-01-17 00:16 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-17 00:16 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-16 20:45 - 2017-01-16 20:45 - 00001297 _____ C:\Users\Erwin\Desktop\AdwCleaner[C0].txt
2017-01-15 21:43 - 2017-01-15 22:00 - 00440798 _____ C:\TDSSKiller.3.1.0.12_15.01.2017_21.43.28_log.txt
2017-01-15 21:42 - 2017-01-17 09:07 - 00000000 ____D C:\FRST
2017-01-14 11:56 - 2017-01-14 11:56 - 00000000 ____D C:\Users\Erwin\Desktop\German_TOP50_ODC_08_01_2017-NoGroup
2017-01-13 23:11 - 2017-01-16 20:41 - 00000000 ____D C:\AdwCleaner
2017-01-13 15:11 - 2017-01-13 15:18 - 00000000 ____D C:\Users\Erwin\Desktop\VBG Scann
2017-01-13 09:34 - 2017-01-13 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-13 09:34 - 2016-12-20 16:32 - 00959720 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-01-12 23:16 - 2017-01-12 23:16 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-01-12 23:15 - 2017-01-12 23:15 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign4d58a7635e3dbb77
2017-01-12 23:15 - 2017-01-12 23:15 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign221877eeaeaf8d12
2017-01-12 22:23 - 2017-01-12 22:23 - 123217752 _____ (Oracle Corporation) C:\Users\Erwin\Desktop\VirtualBox-5.1.12-112440-Win.exe
2017-01-11 23:15 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 23:15 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 23:15 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 23:15 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 23:15 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 23:15 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 23:15 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 23:15 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-11 23:15 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-01-11 23:15 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-01-11 23:15 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-11 23:15 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-01-11 23:15 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-11 23:15 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-01-11 23:15 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-11 23:15 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-11 23:15 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-11 23:15 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-11 23:15 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-11 23:15 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-11 23:15 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-11 23:15 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-11 23:15 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-11 23:15 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-11 23:15 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-11 23:15 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-11 23:15 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-11 23:15 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-11 23:15 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-11 23:15 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-11 23:15 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-11 23:15 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-11 23:15 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-11 23:15 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-01-11 23:15 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-11 23:15 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-11 23:15 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-11 23:15 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-11 23:15 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-11 23:15 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-01-11 23:15 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-01-11 23:15 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-01-11 23:15 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-01-11 23:15 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-11 23:15 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-01-11 23:15 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-01-11 23:15 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-01-11 23:15 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-01-11 23:15 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-01-11 23:15 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-01-11 23:15 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-11 23:15 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-11 23:15 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-11 23:15 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-11 23:15 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-01-11 23:15 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-01-11 23:15 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-01-11 23:15 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-01-11 23:15 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-01-11 23:15 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-01-11 23:15 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-01-11 23:15 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-11 23:15 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-01-11 23:15 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-01-11 23:15 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-11 23:15 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-01-11 23:15 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-01-11 23:15 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-11 23:15 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-01-11 23:15 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-11 23:15 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-11 23:15 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-01-11 23:15 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-01-11 23:15 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-01-11 23:15 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-01-11 23:15 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-01-11 23:15 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-01-11 23:15 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-01-11 23:15 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-01-11 23:15 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-01-11 23:15 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-11 23:15 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-01-11 23:15 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-11 23:15 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-01-11 23:15 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-01-11 23:15 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-01-11 23:15 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-01-11 23:15 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-01-11 23:15 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-01-11 23:15 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-01-11 23:15 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-01-11 23:15 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-11 23:15 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-01-11 23:15 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-01-11 23:15 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-01-11 23:15 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-01-11 23:15 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-01-11 23:15 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-01-11 23:15 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-01-11 23:15 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-01-11 23:15 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-01-11 23:15 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-01-11 23:15 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-11 23:15 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-01-11 23:15 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-01-11 23:15 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-11 23:15 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-01-11 23:15 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-01-11 23:15 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-01-11 23:15 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-01-11 23:15 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-01-11 23:15 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-01-11 23:15 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-11 23:15 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-11 23:15 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-01-11 23:15 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-01-11 23:15 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-01-11 23:15 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-01-11 23:15 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-01-11 23:15 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-01-11 23:15 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-01-11 23:15 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-01-11 23:15 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-01-11 23:14 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 23:14 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 23:14 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-01-11 23:14 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-01-11 23:14 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-01-11 23:14 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-01-11 23:14 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-01-11 23:14 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-01-11 23:14 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-11 13:17 - 2017-01-11 13:17 - 00000000 ____D C:\76ea8cfdd36d8314a963d25ddabd2c
2017-01-11 13:15 - 2017-01-11 13:15 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-01-11 13:14 - 2017-01-11 13:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-11 12:14 - 2017-01-11 12:14 - 00000000 ____D C:\cdfbc0959e2da9c6b73af7e1b5d0
2017-01-11 11:23 - 2017-01-11 11:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-11 11:10 - 2017-01-11 11:10 - 00000000 ____D C:\71eb7f0b421421d252a1
2017-01-11 11:05 - 2017-01-11 13:32 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-11 10:53 - 2017-01-11 10:53 - 01017572 _____ C:\Users\Erwin\Desktop\o15-ctrremove.diagcab
2017-01-10 13:21 - 2017-01-10 14:43 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\AbiSuite
2017-01-10 13:21 - 2017-01-10 13:21 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2017-01-10 13:21 - 2017-01-10 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2017-01-10 11:40 - 2017-01-10 11:40 - 00058696 _____ C:\Users\Erwin\Desktop\cc_20170110_114048.reg
2017-01-10 11:24 - 2017-01-11 13:33 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-10 00:33 - 2017-01-10 00:33 - 18309328 _____ (Microsoft Corporation) C:\Users\Erwin\Downloads\MediaCreationTool.exe
2017-01-10 00:20 - 2017-01-10 00:21 - 162179096 _____ (EPC Consulting und Software GmbH) C:\Users\Erwin\Downloads\Duden_Korrektor_Microsoft_Office_12.1.exe
2017-01-08 15:07 - 2017-01-08 15:07 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignf0dd2df0aa6e3a47
2017-01-08 14:59 - 2017-01-08 14:59 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc94718ec7d481d3d
2017-01-08 14:59 - 2017-01-08 14:59 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc4538462b2111533
2017-01-07 14:08 - 2017-01-07 14:08 - 00000000 ____D C:\Windows\ERUNT
2017-01-05 15:48 - 2017-01-05 16:37 - 00000000 ____D C:\Users\Erwin\Desktop\OMI-Me_4_U-2015-C4
2017-01-05 00:09 - 2017-01-05 00:09 - 00000000 ____D C:\Users\Erwin\Documents\MAGIX Downloads
2017-01-04 23:42 - 2017-01-05 00:14 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\MAGIX
2017-01-04 23:42 - 2017-01-04 23:42 - 00000000 ____D C:\Users\Erwin\Documents\MAGIX_MusicEditor
2017-01-04 23:42 - 2017-01-04 23:42 - 00000000 ____D C:\Users\Erwin\AppData\Local\Xara
2017-01-04 23:41 - 2017-01-05 00:09 - 00000000 ___RD C:\Users\Erwin\Documents\MAGIX
2017-01-04 23:40 - 2017-01-06 14:48 - 00000000 ____D C:\ProgramData\MAGIX
2017-01-04 23:40 - 2017-01-04 23:40 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd8c771ac2ceaf7b5
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc751790f82222218
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignaf059cf210f1b4e8
2017-01-04 13:32 - 2017-01-04 20:57 - 00000000 ____D C:\Users\Erwin\Desktop\German TOP50 01.01.2017
2017-01-03 16:55 - 2017-01-09 11:20 - 00000000 ____D C:\Users\Erwin\Desktop\Alte Firefox-Daten
2017-01-03 16:52 - 2017-01-17 09:03 - 00000000 ____D C:\Users\Erwin\AppData\LocalLow\Mozilla
2017-01-03 16:48 - 2017-01-03 16:48 - 00243552 _____ C:\Users\Erwin\Desktop\Firefox Setup Stub 50.1.0.exe
2016-12-29 18:32 - 2016-12-29 18:32 - 00000778 _____ C:\Users\Erwin\Desktop\Start Tor Browser.lnk
2016-12-29 18:32 - 2016-12-29 18:32 - 00000778 _____ C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-12-29 00:39 - 2016-12-29 00:40 - 00000000 ____D C:\Users\Erwin\Documents\Ableton
2016-12-28 23:27 - 2017-01-04 19:23 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-28 23:26 - 2016-12-29 00:44 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Ableton
2016-12-28 23:26 - 2016-12-28 23:26 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-12-28 21:37 - 2016-12-28 21:37 - 00000000 ____D C:\de63200890cbf850afd3c700889515
2016-12-27 10:18 - 2016-12-27 10:23 - 00000000 ____D C:\Users\Erwin\Desktop\Wohnung Friedrich-Wolf-Str. 4
2016-12-25 14:18 - 2016-12-25 14:18 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsigne5366bf2748e4ffd
2016-12-25 14:18 - 2016-12-25 14:18 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd715b855f746097e
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ____D C:\ProgramData\T-Online
2016-12-23 11:29 - 2007-09-12 17:24 - 00041024 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\DslTestSp5a64.sys
2016-12-23 11:28 - 2016-12-23 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager
2016-12-23 11:28 - 2007-08-01 14:49 - 00019008 _____ (T-Systems Enterprise Services GmbH) C:\Windows\system32\Drivers\dslmnlwf.sys
2016-12-23 10:48 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Erwin\AppData\Local\Chromium
2016-12-23 10:38 - 2016-12-23 10:39 - 00000000 ____D C:\Users\Erwin\Desktop\Schloss konflikt
2016-12-22 12:41 - 2016-12-22 12:41 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd1d326e19262b78c
2016-12-22 12:41 - 2016-12-22 12:41 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign32dc2236ae449d67
2016-12-22 11:59 - 2016-12-22 11:59 - 00000000 ____D C:\Users\Erwin\Desktop\Becca handy lieder
2016-12-20 22:19 - 2016-12-20 22:19 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-20 16:31 - 2016-12-20 16:31 - 00205440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-12-20 16:30 - 2016-12-20 16:30 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-12-19 21:38 - 2016-12-19 21:42 - 00352256 _____ C:\Users\Erwin\Documents\Database1.accdb
2016-12-19 15:43 - 2016-12-19 20:51 - 00249684 _____ C:\Users\Erwin\Desktop\Schichtplan Utti 36h Woche.xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-17 09:07 - 2009-07-14 05:45 - 00033392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-17 09:07 - 2009-07-14 05:45 - 00033392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-17 09:06 - 2009-07-14 18:58 - 00702266 _____ C:\Windows\system32\perfh007.dat
2017-01-17 09:06 - 2009-07-14 18:58 - 00150664 _____ C:\Windows\system32\perfc007.dat
2017-01-17 09:06 - 2009-07-14 06:13 - 01623690 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-17 09:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-17 09:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-16 21:22 - 2016-08-02 10:41 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-01-16 08:33 - 2016-08-03 19:29 - 00000000 ____D C:\Users\Erwin\AppData\Local\Adobe
2017-01-15 22:53 - 2016-08-02 15:43 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Origin
2017-01-15 22:08 - 2016-08-02 15:42 - 00000000 ____D C:\ProgramData\Origin
2017-01-14 12:41 - 2016-08-04 08:06 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\GanymedeNet
2017-01-13 23:11 - 2016-09-22 07:24 - 00000000 ____D C:\Users\Erwin\AppData\Local\CrashDumps
2017-01-13 23:10 - 2016-08-02 10:02 - 00000000 ____D C:\Users\Erwin\Desktop\Trojaner-Software
2017-01-13 09:38 - 2016-08-02 10:01 - 00000000 ___RD C:\Users\Erwin\Desktop\Spiele
2017-01-13 09:35 - 2016-08-17 22:32 - 00000000 ____D C:\Users\Erwin\.VirtualBox
2017-01-12 23:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 22:42 - 2016-08-02 08:54 - 00000000 ____D C:\Users\Erwin
2017-01-12 22:39 - 2016-08-06 10:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-12 22:37 - 2016-08-02 09:37 - 00000000 ____D C:\Program Files (x86)\Intel
2017-01-12 22:33 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-12 22:31 - 2016-09-14 19:57 - 00000000 ____D C:\Program Files\OBS
2017-01-12 22:25 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2017-01-12 07:00 - 2009-07-14 05:45 - 05121752 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 00:09 - 2016-08-02 09:00 - 01600778 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-01-12 00:07 - 2016-08-02 20:17 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 00:05 - 2010-06-24 10:52 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2017-01-11 23:43 - 2016-09-14 12:23 - 00613376 _____ C:\Users\Erwin\Desktop\Patrick _September.xls
2017-01-11 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-11 13:19 - 2016-08-03 20:27 - 00002180 _____ C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-01-11 13:19 - 2016-08-02 13:55 - 00000000 ___RD C:\Users\Erwin\OneDrive
2017-01-11 13:17 - 2016-11-17 09:30 - 00000000 ___HT C:\Windows\wusa.lock
2017-01-11 12:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-11 10:59 - 2016-09-22 07:24 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-11 10:58 - 2016-08-02 19:43 - 00000000 ____D C:\Users\Erwin\AppData\Local\ElevatedDiagnostics
2017-01-11 10:27 - 2016-08-09 20:04 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Skype
2017-01-10 12:13 - 2016-08-12 22:15 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Nitro
2017-01-10 12:06 - 2016-08-02 10:20 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Mozilla
2017-01-10 12:06 - 2016-08-02 10:20 - 00000000 ____D C:\Users\Erwin\AppData\Local\Mozilla
2017-01-10 00:32 - 2016-08-02 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-10 00:10 - 2016-08-17 22:33 - 00000000 ____D C:\Users\Erwin\VirtualBox VMs
2017-01-07 18:45 - 2016-08-04 08:05 - 00000000 ____D C:\Program Files (x86)\Ganymede
2017-01-06 19:23 - 2016-12-15 15:38 - 00000000 ____D C:\ProgramData\Gaijin
2017-01-06 19:22 - 2016-08-12 05:42 - 00000000 ____D C:\Users\Erwin\AppData\Local\Ubisoft Game Launcher
2017-01-05 16:36 - 2016-08-03 20:43 - 00000000 ____D C:\Users\Erwin\AppData\LocalLow\Temp
2017-01-05 14:58 - 2016-11-17 23:05 - 00000000 ____D C:\Users\Erwin\Desktop\Hochzeit Becca & Erwin
2017-01-05 00:37 - 2016-08-02 08:55 - 00150696 _____ C:\Users\Erwin\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-04 23:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2017-01-02 17:16 - 2016-11-01 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-28 21:18 - 2016-08-02 20:58 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\TeamViewer
2016-12-23 12:49 - 2016-08-02 08:54 - 00000000 ____D C:\Users\Erwin\AppData\Local\VirtualStore
2016-12-23 11:29 - 2016-08-02 08:54 - 00000000 ___RD C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 11:28 - 2016-08-02 09:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-23 10:48 - 2016-08-12 06:39 - 00000000 ____D C:\Users\Erwin\AppData\Local\Steam
2016-12-23 10:42 - 2016-08-02 10:00 - 00000000 ____D C:\Users\Erwin\Desktop\Dokumente Erwin & Becca Handy
2016-12-23 10:39 - 2016-12-06 10:56 - 00000000 ____D C:\Users\Erwin\Desktop\Anwalt VBG Knie Links
2016-12-20 23:12 - 2003-03-30 16:28 - 00095232 _____ () C:\Users\Erwin\Desktop\IC_annocheat104.exe
2016-12-20 16:30 - 2016-09-11 10:42 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-12-19 22:05 - 2016-08-02 10:02 - 00000000 ____D C:\Users\Erwin\Desktop\Vip Verkehrsunternehmen
2016-12-19 21:38 - 2016-08-02 08:54 - 00000000 ___SD C:\Users\Erwin\AppData\Roaming\Microsoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-02 09:50 - 2016-08-02 09:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-13 18:57

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Erwin (17-01-2017 09:08:12)
Gestartet von C:\Users\Erwin\Desktop\Trojaner-Software
Windows 7 Professional Service Pack 1 (X64) (2016-08-02 07:52:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3372468986-2828329476-3420813562-500 - Administrator - Disabled)
Gast (S-1-5-21-3372468986-2828329476-3420813562-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3372468986-2828329476-3420813562-1002 - Limited - Enabled)
Erwin (S-1-5-21-3372468986-2828329476-3420813562-1000 - Administrator - Enabled) => C:\Users\Erwin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security 9.0.408.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.50.6271 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.3 - Broadcom Corporation)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )
ESET Smart Security (HKLM\...\{A6F36CF6-73C0-454D-A95C-5613B146B3D4}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
FIFA 17 DEMO (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts)
GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.9.1.1 - Eastman Kodak Company)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nitro Reader 5 (HKLM\...\{2C5E29B1-314E-4FB0-A2F0-1A8AE7C64536}) (Version: 5.5.9.2 - Nitro)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenTTD 1.6.0 (HKLM-x32\...\OpenTTD) (Version: 1.6.0 - OpenTTD)
Oracle VM VirtualBox 5.1.12 (HKLM\...\{C212962C-71C4-4D9F-B8E0-D2CD00C8B8FE}) (Version: 5.1.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\PrintProjects) (Version: 1.0.0.22142 - RocketLife Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Erwin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_3\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\Windows\system32\igfxEM.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A180622-138A-4E02-B7BD-C533E09CA20D} - System32\Tasks\AdobeAAMUpdater-1.0-Erwin-PC-Erwin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {0FDE99B9-CB3D-40B7-BFB8-0B3635067196} - System32\Tasks\{52FBD96F-0634-4871-A92C-532DBCA30A17} => pcalua.exe -a C:\Users\Erwin\Desktop\OInstall.exe -d C:\Users\Erwin\Desktop
Task: {111B498F-DE5F-4862-8DE3-BC2C2B071589} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {1FE4C4B8-6234-41AC-A4D0-5A6CE7F9B7BB} - System32\Tasks\{D4FFACDD-9517-4AA8-902C-55D8FF274B79} => pcalua.exe -a E:\Download´s\FirmwareFlashLauncher.exe -d E:\Download´s
Task: {21A7F18D-AD88-49AE-8507-77770A3EF0A8} - System32\Tasks\{7F5601B7-248D-42BF-ACB5-C5AD91A35D3B} => pcalua.exe -a C:\Users\Erwin\Desktop\64\KB2779768_64\MSuSetup.exe -d C:\Users\Erwin\Desktop\64\KB2779768_64
Task: {2D0F8821-9F89-4330-BF24-758ACF013E59} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {63CA0A79-9850-48D7-AE8F-90F5274E830F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {6AD20159-38B4-4F9D-B178-43B3EBF1FCE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-03] (Google Inc.)
Task: {7EF6253C-F52A-4B9B-89CF-E507592D28AD} - System32\Tasks\{B4D3AA97-5062-49BE-928D-8EAE3BAE338F} => pcalua.exe -a E:\Download´s\FirmwareFlashLauncher(1).exe -d E:\Download´s
Task: {A07D970C-B40F-4BEA-858E-198D5CB01EE6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {B5C935A9-5C37-4457-86CB-0B4D6B24B044} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {B6FD41E6-0D4A-436C-B922-75823E6555F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {C19167BC-B8EE-4353-9213-1A6FECB45826} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-03] (Google Inc.)
Task: {DAF52731-8EC1-4B25-9628-C2C29E31F92C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DCE0FC36-2E0A-47F8-9810-AF01A160B27E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-01-17 00:16 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-17 00:16 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-01-17 00:16 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-23 22:29 - 2016-09-23 22:29 - 19588800 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.117.1.25 - 89.16.129.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{D50E84CE-F0A3-4982-AB2E-53EDB5157FB4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22BFE914-FE40-4A43-9E35-62C3EF0E7D1B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F815EC64-1D71-4D31-AED9-4790890637A9}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B71657F-FC9B-4992-B317-8B89B58F8F34}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{667485FE-4A31-40F0-A114-BDBFA82E0939}] => G:\Steam Game\Steam.exe
FirewallRules: [{EC171D1D-4B4A-482B-9BE6-2C5182EDBE17}] => G:\Steam Game\Steam.exe
FirewallRules: [{02AA4018-36C2-405D-B90A-E1E08DE55242}] => G:\Steam Game\bin\steamwebhelper.exe
FirewallRules: [{7E3ED941-83BD-4F49-9972-0D23DA1954A9}] => G:\Steam Game\bin\steamwebhelper.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{37BC8809-6BED-4AA6-B121-5B9197434595}] => G:\Steam Game\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7B1B9810-CC38-46D2-9640-EFD419A2A27E}] => G:\Steam Game\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324F8606-34EB-4430-A007-451326AC7B74}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8596BB2D-70FD-4C2B-B215-151B37E3B607}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E23A9C43-7E31-4D96-82D8-E124DE0528FE}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09E5B1C8-8485-4E3E-88D6-069649335AA7}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2250172-51CA-4C9C-96CC-B135DFC618B5}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3818DE62-C42F-4667-A7C4-3B6F73403660}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8298C7FE-A5CF-4A71-8649-AD31823CF64D}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9DE4C7F5-EC7F-4C19-AE92-5DB265D69D46}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BE363FC-D3D2-4D40-BFB2-F6DB9D1936CD}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A64E27A6-139F-4169-9E6E-27CAFC2FC0E7}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{51D339E4-7AA3-455C-8B33-ADC0A39C2F18}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A05DD337-A473-45AB-847D-7229666BFFE2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8D7D9FC-815B-4751-8B74-F0E39B7DF5C8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2842E376-4236-484A-9F30-720B9FCE5BCC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1A618FF8-246C-4356-93C9-14B6780A4324}] => G:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{EE6A2E46-FD07-4937-B347-4B0BEFED3131}] => G:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{C566B15C-9957-42EC-97A6-AD17B355A414}] => LPort=9322
FirewallRules: [{7B2237A9-06A0-4820-ADEB-22C2EE723CBE}] => LPort=5353
FirewallRules: [{F0F507C5-784D-48DB-9C30-7DD033E9CB6C}] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{F6C9CB37-EC83-405C-9DC2-4F8AE89826CF}] => C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{15DCD263-9EAB-414F-AC12-FAA08CF00B4F}] => C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{794909E7-AF26-4D6D-B746-6E24725FABF4}] => C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{FD8D8B9D-1860-4C84-8308-40D41DCDFFFA}] => C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{6DBBBA87-3B1B-4D3E-B053-A2E86C08284B}] => G:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{6A26BEF7-F12E-4AB8-8D49-AD65497AC873}] => G:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{6210DDAB-7BFF-44AB-8184-5BCD0E45FC0D}] => LPort=80
FirewallRules: [{B086EF2B-C420-458A-A1FF-ABEED87DB972}] => LPort=443
FirewallRules: [{2E97F039-B399-4DBB-A671-04BD1F8E11F6}] => LPort=3216
FirewallRules: [{63026457-6171-4DED-8AE5-049D46C34467}] => LPort=18000
FirewallRules: [{9203F572-D973-4193-969D-F6CF18B561C1}] => LPort=18120
FirewallRules: [{E89BE0E4-9AD5-460E-9D25-FE241789647B}] => LPort=18060
FirewallRules: [{8259DA93-329F-4522-8FB7-5FC4B3EA5935}] => LPort=27900
FirewallRules: [{E3447003-B92B-4263-8333-696FDE05302E}] => LPort=29900
FirewallRules: [{F85B4469-3BA4-48DF-A154-ED1133916CAC}] => LPort=18000
FirewallRules: [{823569C6-BA5E-42BB-A56A-E77541871628}] => LPort=29900
FirewallRules: [{39CA125D-DCA0-4AB7-98F3-D3FB6DF121E2}] => G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{DD0725D5-A624-4000-850C-6B60AA83C4CB}] => G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{BFE90204-8330-4D17-811B-8486C7F37D6D}] => E:\Programme\ITunes\iTunes.exe
FirewallRules: [{0D6B3F25-AAD7-49F5-9D38-A8E89ED3B54C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F0C58E10-CA4A-4E8E-8749-A771B0005F3F}] => LPort=80
FirewallRules: [{77F616BF-3AB4-44FC-BE29-02DE8E33B4D3}] => LPort=443
FirewallRules: [{13B3B28B-6875-48F9-BB7A-AFEB502C3A0F}] => LPort=20010
FirewallRules: [{DA6BE6AE-5F07-4CC2-A485-DCC697580CF1}] => LPort=3478
FirewallRules: [{1C19AA7B-2679-4C0D-90E1-6A150B93391F}] => LPort=7850
FirewallRules: [{0C37499C-88DF-403C-A7BF-C5EE0B5EB5A3}] => LPort=7852
FirewallRules: [{98892FFC-F835-4703-BBA1-E54F76DD4EAD}] => LPort=7853
FirewallRules: [{919D2A0E-25B1-422E-B6DC-3371C1982864}] => LPort=27022
FirewallRules: [{EC3BF2F6-D646-43C6-B625-604DADD7B62C}] => LPort=6881
FirewallRules: [{43D406D2-C4CA-43C7-8E9F-698051001913}] => LPort=33333
FirewallRules: [{8892625B-CF9B-440A-A5BA-DC92C9902456}] => LPort=20443
FirewallRules: [{994AC187-7210-482D-85F5-BBA5FB9F76F3}] => LPort=8090
FirewallRules: [{B85A6748-17D3-4462-BA5B-7148E9F94616}] => G:\Steam Game\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C58645F2-CC20-400D-A927-D480F1B6A348}] => G:\Steam Game\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F8C50A2-D98E-4F6A-87B5-71306C8B7FBE}] => G:\Steam Game\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{D56DE574-7518-4601-AA2E-84C5201141F6}] => G:\Steam Game\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{65967735-9065-40C8-B8AF-6384A4AA740F}] => E:\Programme\FireFox\firefox.exe
FirewallRules: [{CEE04512-58D3-44B5-B6DE-F61A997A0207}] => E:\Programme\FireFox\firefox.exe

==================== Wiederherstellungspunkte =========================

16-01-2017 22:28:37 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/13/2017 03:13:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f70

Startzeit: 01d26da64cd68ffb

Endzeit: 5

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 7bd651ac-d99a-11e6-8e6a-010101010000

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2017 08:12:19 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.

Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))


Systemfehler:
=============
Error: (01/17/2017 09:02:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/16/2017 08:47:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/16/2017 08:42:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
epp

Error: (01/16/2017 08:41:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Pipe wurde beendet.

Error: (01/16/2017 08:41:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/16/2017 08:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/16/2017 08:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/16/2017 08:41:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/16/2017 08:41:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/16/2017 08:41:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NitroPDFReaderDriverCreatorReadSpool5" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16276.84 MB
Verfügbarer physikalischer RAM: 11544.84 MB
Summe virtueller Speicher: 32551.86 MB
Verfügbarer virtueller Speicher: 27460.99 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:2.76 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: () (Fixed) (Total:926.44 GB) (Free:196.18 GB) NTFS
Drive f: (Musik) (Fixed) (Total:936.58 GB) (Free:85.26 GB) NTFS
Drive g: (Games) (Fixed) (Total:2794.39 GB) (Free:2664.71 GB) NTFS
Drive k: (DEW95_FULL) (CDROM) (Total:0.56 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 75F281A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)
Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

M-K-D-B · 17.01.2017, 15:52

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Erwin80 · 18.01.2017, 16:15

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5cc5192eb523b74eac29cb49ee8fed7e
# end=init
# utc_time=2017-01-17 11:05:19
# local_time=2017-01-18 12:05:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 32096
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5cc5192eb523b74eac29cb49ee8fed7e
# end=updated
# utc_time=2017-01-17 11:07:25
# local_time=2017-01-18 12:07:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5cc5192eb523b74eac29cb49ee8fed7e
# end=restart
# utc_time=2017-01-18 12:03:56
# local_time=2017-01-18 01:03:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7758 236327686 0 0
# compatibility_mode_1='ESET Smart Security 9.0'
# compatibility_mode=8232 16777213 100 100 107135 14567730 0 0
# scanned=221239
# found=0
# cleaned=0
# scan_time=3390
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5cc5192eb523b74eac29cb49ee8fed7e
# end=init
# utc_time=2017-01-18 10:41:47
# local_time=2017-01-18 11:41:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 32102
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5cc5192eb523b74eac29cb49ee8fed7e
# end=updated
# utc_time=2017-01-18 10:42:30
# local_time=2017-01-18 11:42:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5cc5192eb523b74eac29cb49ee8fed7e
# engine=32102
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-18 02:59:54
# local_time=2017-01-18 03:59:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 57286 236381444 0 0
# compatibility_mode_1='ESET Smart Security 9.0'
# compatibility_mode=8232 16777213 100 100 160893 14621488 0 0
# scanned=542626
# found=2
# cleaned=0
# scan_time=15444
sh=10458D6D7C7C5E603FCBBFEC1264C6859DBBDDC3 ft=0 fh=0000000000000000 vn="Variante von Win32/FusionCore.I eventuell unerwÃ¼nschte Anwendung" ac=I fn="E:\DownloadÂ´s\PowerISO6.zip"
sh=F5787F12AAB0D6D0DE0A911AB1495C31426C53EA ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABO Trojaner" ac=I fn="E:\DownloadÂ´s\sr-sjsotsgk.iso"

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : Erwin-PC
   Windows . . . . . . . : 6.1.1.7601.X64/8
   User name . . . . . . : Erwin-PC\Erwin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-01-18 16:04:15
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 10s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 5

   Objects scanned . . . : 1.675.775
   Files scanned . . . . : 61.908
   Remnants scanned  . . : 453.333 files / 1.160.534 keys

Miniport ____________________________________________________________________

   Primary
      DriverObject . . . : FFFFFA800D00ABF0
      DriverName . . . . : \Driver\iaStorA
      DriverPath . . . . : \SystemRoot\system32\DRIVERS\iaStorA.sys
      StartIo  . . . . . : 0000000000000000 +0
      IRP_MJ_SCSI  . . . : FFFFFA800DAE12C0 +0
   Solution
      DriverObject . . . : FFFFFA800D00ABF0
      DriverName . . . . : \Driver\iaStorA
      DriverPath . . . . : \SystemRoot\system32\DRIVERS\iaStorA.sys
      StartIo  . . . . . : 0000000000000000 +0
      IRP_MJ_SCSI  . . . : FFFFF880015626C0 \SystemRoot\system32\DRIVERS\storport.sys+5824

Suspicious files ____________________________________________________________

   C:\Users\Erwin\Desktop\Trojaner-Software\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.420.736 bytes
      Age  . . . . . . . : 79.8 days (2016-10-30 20:01:39)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E58ADE7FA354A1F256B4608AFD698C379E33FF23D5F62C95BDFC33995C230745
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\Erwin\Desktop\Trojaner-Software\FRST64.exe
      Size . . . . . . . : 2.419.200 bytes
      Age  . . . . . . . : 79.8 days (2016-10-30 20:01:39)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4328056D29124B65881B3A7D1862CE24222EFE6999560C86A784633DA6E9B2BD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\Erwin\Desktop\Trojaner-Software\Oracle VM VirtualBox.lnk.exe
      Size . . . . . . . : 2.420.736 bytes
      Age  . . . . . . . : 18.1 days (2016-12-31 14:44:28)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E58ADE7FA354A1F256B4608AFD698C379E33FF23D5F62C95BDFC33995C230745
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   E:\Download´s\FRST64.exe
      Size . . . . . . . : 2.419.200 bytes
      Age  . . . . . . . : 2.8 days (2017-01-15 21:41:15)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4328056D29124B65881B3A7D1862CE24222EFE6999560C86A784633DA6E9B2BD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\E:\Download´s\FRST64.exe

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Erwin (Administrator) auf Erwin-PC (18-01-2017 16:09:22)
Gestartet von C:\Users\Erwin\Desktop\Trojaner-Software
Geladene Profile: Erwin (Verfügbare Profile: Erwin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "E:\Programme\FireFox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(T-Systems Enterprise Services GmbH) E:\Telekom netzmanager\DslMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) E:\Programme\FireFox\firefox.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Programme\FireFox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
(Bluestack System Inc. ) C:\Program Files (x86)\Bluestacks\BstkSVC.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Electronic Arts) G:\Origin\Origin.exe
() G:\Origin\QtWebEngineProcess.exe
() G:\Origin\QtWebEngineProcess.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {579bb393-5884-11e6-b2a6-806e6f6e6963} - V:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {879de627-7672-11e6-9748-010101010000} - L:\setup.exe
HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\MountPoints2: {ae577840-6517-11e6-9168-806e6f6e6963} - L:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-08-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-12-23]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2016-12-23]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2017-01-18]
ShortcutTarget: DSL-Manager.lnk -> E:\Telekom netzmanager\DslMgr.exe (T-Systems Enterprise Services GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
Tcpip\..\Interfaces\{00ECA228-DA30-4653-8611-243CD66FBCB1}: [DhcpNameServer] 62.117.1.25 89.16.129.25

Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-11] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zt6rzefm.default
FF ProfilePath: C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default [2017-01-18]
FF Extension: (Ghostery) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\firefox@ghostery.com.xpi [2017-01-10]
FF Extension: (AdBlock for Firefox) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-01-10]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2017-01-10]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-01-10]
FF Extension: (Adblock Plus) - C:\Users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\zt6rzefm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> E:\Programme\VLC Player\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-23] ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2015-07-15] ( )
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-11] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNRD -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3372468986-2828329476-3420813562-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Erwin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-10-26] (RocketLife, LLP)
StartMenuInternet: FIREFOX.EXE - E:\Programme\FireFox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://www.facebook.com/
CHR Profile: C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default [2017-01-17]
CHR Extension: (Google Präsentationen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-03]
CHR Extension: (Google Docs) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-03]
CHR Extension: (Google Drive) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-03]
CHR Extension: (YouTube) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-03]
CHR Extension: (Google Tabellen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-03]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2016-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-04]
CHR Extension: (Ghostery) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-01-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-03]
CHR Extension: (Google Mail) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Erwin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-08] (BlueStack Systems, Inc.)
R3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-08] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3020992 2016-12-28] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2016-11-16] (ESET)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NitroReaderDriverReadSpool5; C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe [327328 2016-08-02] (Nitro Software, Inc.)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2119176 2017-01-10] (Electronic Arts)
S4 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [2181648 2017-01-10] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 TDslMgrService; E:\Telekom netzmanager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]
S4 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [X]
S2 IAStorDataMgrSvc; "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-08] (BlueStack Systems)
R3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-06] (Bluestack System Inc. )
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-16] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199304 2016-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-16] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153216 2016-11-16] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208520 2016-11-16] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61568 2016-11-16] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84616 2016-11-16] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R1 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-17] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-18] (Malwarebytes)
R3 mt7612US; C:\Windows\System32\DRIVERS\mt7612US.sys [376200 2015-12-08] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-08-18] (Duplex Secure Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2016-12-20] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [205440 2016-12-20] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135824 2016-08-16] (Oracle Corporation)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)
U3 ag4mcq37; C:\Windows\System32\Drivers\ag4mcq37.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-18 16:01 - 2017-01-18 16:01 - 00000350 _____ C:\Users\Erwin\Desktop\Eset online.txt
2017-01-18 11:42 - 2017-01-18 12:58 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-18 00:05 - 2017-01-18 00:05 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-17 11:16 - 2017-01-17 11:16 - 00000000 ____D C:\MappedFiles
2017-01-17 00:24 - 2017-01-17 00:29 - 00001187 _____ C:\Users\Erwin\Desktop\mbam.txt
2017-01-17 00:16 - 2017-01-18 09:49 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-17 00:16 - 2017-01-18 09:49 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-17 00:16 - 2017-01-18 09:49 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-17 00:16 - 2017-01-17 09:02 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-17 00:16 - 2017-01-17 00:16 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-17 00:16 - 2017-01-17 00:16 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-17 00:16 - 2017-01-17 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-17 00:16 - 2017-01-17 00:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-17 00:16 - 2017-01-17 00:16 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-17 00:16 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-16 20:45 - 2017-01-16 20:45 - 00001297 _____ C:\Users\Erwin\Desktop\AdwCleaner[C0].txt
2017-01-15 21:43 - 2017-01-15 22:00 - 00440798 _____ C:\TDSSKiller.3.1.0.12_15.01.2017_21.43.28_log.txt
2017-01-15 21:42 - 2017-01-18 16:09 - 00000000 ____D C:\FRST
2017-01-14 11:56 - 2017-01-14 11:56 - 00000000 ____D C:\Users\Erwin\Desktop\German_TOP50_ODC_08_01_2017-NoGroup
2017-01-13 23:11 - 2017-01-16 20:41 - 00000000 ____D C:\AdwCleaner
2017-01-13 15:11 - 2017-01-13 15:18 - 00000000 ____D C:\Users\Erwin\Desktop\VBG Scann
2017-01-13 09:34 - 2017-01-13 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-13 09:34 - 2016-12-20 16:32 - 00959720 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-01-12 23:16 - 2017-01-12 23:16 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-01-12 23:15 - 2017-01-12 23:15 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign4d58a7635e3dbb77
2017-01-12 23:15 - 2017-01-12 23:15 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign221877eeaeaf8d12
2017-01-12 22:23 - 2017-01-12 22:23 - 123217752 _____ (Oracle Corporation) C:\Users\Erwin\Desktop\VirtualBox-5.1.12-112440-Win.exe
2017-01-11 23:15 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 23:15 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 23:15 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 23:15 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 23:15 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 23:15 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 23:15 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 23:15 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 23:15 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 23:15 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 23:15 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-11 23:15 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-01-11 23:15 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-01-11 23:15 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-11 23:15 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-01-11 23:15 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-11 23:15 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-01-11 23:15 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-11 23:15 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-11 23:15 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-11 23:15 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-11 23:15 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-11 23:15 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-11 23:15 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-11 23:15 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-11 23:15 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-11 23:15 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-11 23:15 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-11 23:15 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-11 23:15 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-11 23:15 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-11 23:15 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-11 23:15 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-11 23:15 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-11 23:15 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-11 23:15 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-11 23:15 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-01-11 23:15 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-11 23:15 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-11 23:15 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-11 23:15 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-11 23:15 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-11 23:15 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-01-11 23:15 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-01-11 23:15 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-01-11 23:15 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-01-11 23:15 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-11 23:15 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-01-11 23:15 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-01-11 23:15 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-01-11 23:15 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-01-11 23:15 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-01-11 23:15 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-11 23:15 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-01-11 23:15 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-11 23:15 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-11 23:15 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-11 23:15 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-11 23:15 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-01-11 23:15 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-01-11 23:15 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-01-11 23:15 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-01-11 23:15 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-01-11 23:15 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-01-11 23:15 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-01-11 23:15 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-11 23:15 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-01-11 23:15 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-01-11 23:15 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-11 23:15 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-01-11 23:15 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-01-11 23:15 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-11 23:15 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-01-11 23:15 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-11 23:15 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-11 23:15 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-01-11 23:15 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-01-11 23:15 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-01-11 23:15 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-01-11 23:15 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-01-11 23:15 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-01-11 23:15 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-01-11 23:15 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-01-11 23:15 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-01-11 23:15 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-01-11 23:15 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-01-11 23:15 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-11 23:15 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-01-11 23:15 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-11 23:15 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-01-11 23:15 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-01-11 23:15 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-01-11 23:15 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-01-11 23:15 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-01-11 23:15 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-01-11 23:15 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-01-11 23:15 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-01-11 23:15 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-01-11 23:15 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-01-11 23:15 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-11 23:15 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-01-11 23:15 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-01-11 23:15 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-01-11 23:15 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-01-11 23:15 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-01-11 23:15 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-01-11 23:15 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-01-11 23:15 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-01-11 23:15 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-01-11 23:15 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-01-11 23:15 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-01-11 23:15 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-01-11 23:15 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-11 23:15 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-01-11 23:15 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-01-11 23:15 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-11 23:15 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-01-11 23:15 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-01-11 23:15 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-01-11 23:15 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-11 23:15 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-01-11 23:15 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-01-11 23:15 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-01-11 23:15 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-11 23:15 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-11 23:15 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-01-11 23:15 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-01-11 23:15 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-01-11 23:15 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-01-11 23:15 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-01-11 23:15 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-01-11 23:15 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-01-11 23:15 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-01-11 23:15 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-01-11 23:15 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-01-11 23:15 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-01-11 23:15 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-01-11 23:14 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 23:14 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 23:14 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-01-11 23:14 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-01-11 23:14 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-01-11 23:14 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-01-11 23:14 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-01-11 23:14 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-01-11 23:14 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-11 23:14 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-11 13:17 - 2017-01-11 13:17 - 00000000 ____D C:\76ea8cfdd36d8314a963d25ddabd2c
2017-01-11 13:15 - 2017-01-11 13:15 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-11 13:15 - 2017-01-11 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-01-11 13:14 - 2017-01-11 13:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-11 12:14 - 2017-01-11 12:14 - 00000000 ____D C:\cdfbc0959e2da9c6b73af7e1b5d0
2017-01-11 11:23 - 2017-01-11 11:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-11 11:10 - 2017-01-11 11:10 - 00000000 ____D C:\71eb7f0b421421d252a1
2017-01-11 11:05 - 2017-01-11 13:32 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-11 10:53 - 2017-01-11 10:53 - 01017572 _____ C:\Users\Erwin\Desktop\o15-ctrremove.diagcab
2017-01-10 13:21 - 2017-01-10 14:43 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\AbiSuite
2017-01-10 13:21 - 2017-01-10 13:21 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2017-01-10 13:21 - 2017-01-10 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2017-01-10 11:40 - 2017-01-10 11:40 - 00058696 _____ C:\Users\Erwin\Desktop\cc_20170110_114048.reg
2017-01-10 11:24 - 2017-01-11 13:33 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-10 00:33 - 2017-01-10 00:33 - 18309328 _____ (Microsoft Corporation) C:\Users\Erwin\Downloads\MediaCreationTool.exe
2017-01-10 00:20 - 2017-01-10 00:21 - 162179096 _____ (EPC Consulting und Software GmbH) C:\Users\Erwin\Downloads\Duden_Korrektor_Microsoft_Office_12.1.exe
2017-01-08 15:07 - 2017-01-08 15:07 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignf0dd2df0aa6e3a47
2017-01-08 14:59 - 2017-01-08 14:59 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc94718ec7d481d3d
2017-01-08 14:59 - 2017-01-08 14:59 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc4538462b2111533
2017-01-07 14:08 - 2017-01-07 14:08 - 00000000 ____D C:\Windows\ERUNT
2017-01-05 15:48 - 2017-01-05 16:37 - 00000000 ____D C:\Users\Erwin\Desktop\OMI-Me_4_U-2015-C4
2017-01-05 00:09 - 2017-01-05 00:09 - 00000000 ____D C:\Users\Erwin\Documents\MAGIX Downloads
2017-01-04 23:42 - 2017-01-05 00:14 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\MAGIX
2017-01-04 23:42 - 2017-01-04 23:42 - 00000000 ____D C:\Users\Erwin\Documents\MAGIX_MusicEditor
2017-01-04 23:42 - 2017-01-04 23:42 - 00000000 ____D C:\Users\Erwin\AppData\Local\Xara
2017-01-04 23:41 - 2017-01-05 00:09 - 00000000 ___RD C:\Users\Erwin\Documents\MAGIX
2017-01-04 23:40 - 2017-01-06 14:48 - 00000000 ____D C:\ProgramData\MAGIX
2017-01-04 23:40 - 2017-01-04 23:40 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd8c771ac2ceaf7b5
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignc751790f82222218
2017-01-04 21:00 - 2017-01-04 21:00 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignaf059cf210f1b4e8
2017-01-04 13:32 - 2017-01-04 20:57 - 00000000 ____D C:\Users\Erwin\Desktop\German TOP50 01.01.2017
2017-01-03 16:55 - 2017-01-09 11:20 - 00000000 ____D C:\Users\Erwin\Desktop\Alte Firefox-Daten
2017-01-03 16:52 - 2017-01-18 09:52 - 00000000 ____D C:\Users\Erwin\AppData\LocalLow\Mozilla
2017-01-03 16:48 - 2017-01-03 16:48 - 00243552 _____ C:\Users\Erwin\Desktop\Firefox Setup Stub 50.1.0.exe
2016-12-29 18:32 - 2016-12-29 18:32 - 00000778 _____ C:\Users\Erwin\Desktop\Start Tor Browser.lnk
2016-12-29 18:32 - 2016-12-29 18:32 - 00000778 _____ C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-12-29 00:39 - 2016-12-29 00:40 - 00000000 ____D C:\Users\Erwin\Documents\Ableton
2016-12-28 23:27 - 2017-01-04 19:23 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-28 23:26 - 2016-12-29 00:44 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Ableton
2016-12-28 23:26 - 2016-12-28 23:26 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-12-28 21:37 - 2016-12-28 21:37 - 00000000 ____D C:\de63200890cbf850afd3c700889515
2016-12-27 10:18 - 2016-12-27 10:23 - 00000000 ____D C:\Users\Erwin\Desktop\Wohnung Friedrich-Wolf-Str. 4
2016-12-25 14:18 - 2016-12-25 14:18 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsigne5366bf2748e4ffd
2016-12-25 14:18 - 2016-12-25 14:18 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd715b855f746097e
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2016-12-23 11:29 - 00000000 ____D C:\ProgramData\T-Online
2016-12-23 11:29 - 2007-09-12 17:24 - 00041024 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\DslTestSp5a64.sys
2016-12-23 11:28 - 2016-12-23 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager
2016-12-23 11:28 - 2007-08-01 14:49 - 00019008 _____ (T-Systems Enterprise Services GmbH) C:\Windows\system32\Drivers\dslmnlwf.sys
2016-12-23 10:48 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Erwin\AppData\Local\Chromium
2016-12-23 10:38 - 2016-12-23 10:39 - 00000000 ____D C:\Users\Erwin\Desktop\Schloss konflikt
2016-12-22 12:41 - 2016-12-22 12:41 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsignd1d326e19262b78c
2016-12-22 12:41 - 2016-12-22 12:41 - 00000000 ____D C:\Users\Erwin\AppData\Local\Tempzxpsign32dc2236ae449d67
2016-12-22 11:59 - 2016-12-22 11:59 - 00000000 ____D C:\Users\Erwin\Desktop\Becca handy lieder
2016-12-20 22:19 - 2016-12-20 22:19 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-20 16:31 - 2016-12-20 16:31 - 00205440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-12-20 16:30 - 2016-12-20 16:30 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-12-19 21:38 - 2016-12-19 21:42 - 00352256 _____ C:\Users\Erwin\Documents\Database1.accdb
2016-12-19 15:43 - 2016-12-19 20:51 - 00249684 _____ C:\Users\Erwin\Desktop\Schichtplan Utti 36h Woche.xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-18 16:08 - 2016-08-02 15:43 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Origin
2017-01-18 15:08 - 2016-08-02 15:42 - 00000000 ____D C:\ProgramData\Origin
2017-01-18 15:08 - 2016-08-02 10:01 - 00000000 ___RD C:\Users\Erwin\Desktop\Spiele
2017-01-18 13:26 - 2016-11-22 14:34 - 00000000 ____D C:\Users\Erwin\Documents\Benutzerdefinierte Office-Vorlagen
2017-01-18 09:59 - 2016-08-03 19:29 - 00000000 ____D C:\Users\Erwin\AppData\Local\Adobe
2017-01-18 09:57 - 2009-07-14 05:45 - 00033392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-18 09:57 - 2009-07-14 05:45 - 00033392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-18 09:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-18 09:53 - 2009-07-14 18:58 - 00702266 _____ C:\Windows\system32\perfh007.dat
2017-01-18 09:53 - 2009-07-14 18:58 - 00150664 _____ C:\Windows\system32\perfc007.dat
2017-01-18 09:53 - 2009-07-14 06:13 - 01623690 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-18 09:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-18 09:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-17 23:58 - 2016-08-02 10:02 - 00000000 ____D C:\Users\Erwin\Desktop\Trojaner-Software
2017-01-17 23:54 - 2016-08-02 10:41 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-01-17 11:27 - 2016-08-02 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-17 11:16 - 2016-08-02 08:54 - 00000000 ____D C:\Users\Erwin\AppData\Local\VirtualStore
2017-01-14 12:41 - 2016-08-04 08:06 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\GanymedeNet
2017-01-13 23:11 - 2016-09-22 07:24 - 00000000 ____D C:\Users\Erwin\AppData\Local\CrashDumps
2017-01-13 09:35 - 2016-08-17 22:32 - 00000000 ____D C:\Users\Erwin\.VirtualBox
2017-01-12 23:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 22:42 - 2016-08-02 08:54 - 00000000 ____D C:\Users\Erwin
2017-01-12 22:39 - 2016-08-06 10:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-12 22:37 - 2016-08-02 09:37 - 00000000 ____D C:\Program Files (x86)\Intel
2017-01-12 22:33 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-12 22:31 - 2016-09-14 19:57 - 00000000 ____D C:\Program Files\OBS
2017-01-12 22:25 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2017-01-12 07:00 - 2009-07-14 05:45 - 05121752 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 00:09 - 2016-08-02 09:00 - 01600778 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-01-12 00:07 - 2016-08-02 20:17 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 00:05 - 2010-06-24 10:52 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2017-01-11 23:43 - 2016-09-14 12:23 - 00613376 _____ C:\Users\Erwin\Desktop\Patrick _September.xls
2017-01-11 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-11 13:19 - 2016-08-03 20:27 - 00002180 _____ C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-01-11 13:19 - 2016-08-02 13:55 - 00000000 ___RD C:\Users\Erwin\OneDrive
2017-01-11 13:17 - 2016-11-17 09:30 - 00000000 ___HT C:\Windows\wusa.lock
2017-01-11 10:59 - 2016-09-22 07:24 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-11 10:58 - 2016-08-02 19:43 - 00000000 ____D C:\Users\Erwin\AppData\Local\ElevatedDiagnostics
2017-01-11 10:27 - 2016-08-09 20:04 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Skype
2017-01-10 12:13 - 2016-08-12 22:15 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Nitro
2017-01-10 12:06 - 2016-08-02 10:20 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\Mozilla
2017-01-10 12:06 - 2016-08-02 10:20 - 00000000 ____D C:\Users\Erwin\AppData\Local\Mozilla
2017-01-10 00:10 - 2016-08-17 22:33 - 00000000 ____D C:\Users\Erwin\VirtualBox VMs
2017-01-07 18:45 - 2016-08-04 08:05 - 00000000 ____D C:\Program Files (x86)\Ganymede
2017-01-06 19:23 - 2016-12-15 15:38 - 00000000 ____D C:\ProgramData\Gaijin
2017-01-06 19:22 - 2016-08-12 05:42 - 00000000 ____D C:\Users\Erwin\AppData\Local\Ubisoft Game Launcher
2017-01-05 16:36 - 2016-08-03 20:43 - 00000000 ____D C:\Users\Erwin\AppData\LocalLow\Temp
2017-01-05 14:58 - 2016-11-17 23:05 - 00000000 ____D C:\Users\Erwin\Desktop\Hochzeit Becca & Erwin
2017-01-05 00:37 - 2016-08-02 08:55 - 00150696 _____ C:\Users\Erwin\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-04 23:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2017-01-02 17:16 - 2016-11-01 22:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-28 21:18 - 2016-08-02 20:58 - 00000000 ____D C:\Users\Erwin\AppData\Roaming\TeamViewer
2016-12-23 11:29 - 2016-08-02 08:54 - 00000000 ___RD C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-23 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 11:29 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 11:28 - 2016-08-02 09:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-23 10:48 - 2016-08-12 06:39 - 00000000 ____D C:\Users\Erwin\AppData\Local\Steam
2016-12-23 10:42 - 2016-08-02 10:00 - 00000000 ____D C:\Users\Erwin\Desktop\Dokumente Erwin & Becca Handy
2016-12-23 10:39 - 2016-12-06 10:56 - 00000000 ____D C:\Users\Erwin\Desktop\Anwalt VBG Knie Links
2016-12-20 23:12 - 2003-03-30 16:28 - 00095232 _____ () C:\Users\Erwin\Desktop\IC_annocheat104.exe
2016-12-20 16:30 - 2016-09-11 10:42 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-12-19 22:05 - 2016-08-02 10:02 - 00000000 ____D C:\Users\Erwin\Desktop\Vip Verkehrsunternehmen
2016-12-19 21:38 - 2016-08-02 08:54 - 00000000 ___SD C:\Users\Erwin\AppData\Roaming\Microsoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-02 09:50 - 2016-08-02 09:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-13 18:57

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Erwin (18-01-2017 16:09:45)
Gestartet von C:\Users\Erwin\Desktop\Trojaner-Software
Windows 7 Professional Service Pack 1 (X64) (2016-08-02 07:52:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3372468986-2828329476-3420813562-500 - Administrator - Disabled)
Gast (S-1-5-21-3372468986-2828329476-3420813562-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3372468986-2828329476-3420813562-1002 - Limited - Enabled)
Erwin (S-1-5-21-3372468986-2828329476-3420813562-1000 - Administrator - Enabled) => C:\Users\Erwin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security 9.0.408.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Ansel (Version: 372.90 - NVIDIA Corporation) Hidden
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.50.6271 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.3 - Broadcom Corporation)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESET Smart Security (HKLM\...\{A6F36CF6-73C0-454D-A95C-5613B146B3D4}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.44686 - Electronic Arts)
FIFA 17 DEMO (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts)
GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.9.1.1 - Eastman Kodak Company)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nitro Reader 5 (HKLM\...\{2C5E29B1-314E-4FB0-A2F0-1A8AE7C64536}) (Version: 5.5.9.2 - Nitro)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenTTD 1.6.0 (HKLM-x32\...\OpenTTD) (Version: 1.6.0 - OpenTTD)
Oracle VM VirtualBox 5.1.12 (HKLM\...\{C212962C-71C4-4D9F-B8E0-D2CD00C8B8FE}) (Version: 5.1.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\...\PrintProjects) (Version: 1.0.0.22142 - RocketLife Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Erwin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_3\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\Windows\system32\igfxEM.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3372468986-2828329476-3420813562-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A180622-138A-4E02-B7BD-C533E09CA20D} - System32\Tasks\AdobeAAMUpdater-1.0-Erwin-PC-Erwin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {0FDE99B9-CB3D-40B7-BFB8-0B3635067196} - System32\Tasks\{52FBD96F-0634-4871-A92C-532DBCA30A17} => pcalua.exe -a C:\Users\Erwin\Desktop\OInstall.exe -d C:\Users\Erwin\Desktop
Task: {111B498F-DE5F-4862-8DE3-BC2C2B071589} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {1FE4C4B8-6234-41AC-A4D0-5A6CE7F9B7BB} - System32\Tasks\{D4FFACDD-9517-4AA8-902C-55D8FF274B79} => pcalua.exe -a E:\Download´s\FirmwareFlashLauncher.exe -d E:\Download´s
Task: {21A7F18D-AD88-49AE-8507-77770A3EF0A8} - System32\Tasks\{7F5601B7-248D-42BF-ACB5-C5AD91A35D3B} => pcalua.exe -a C:\Users\Erwin\Desktop\64\KB2779768_64\MSuSetup.exe -d C:\Users\Erwin\Desktop\64\KB2779768_64
Task: {2D0F8821-9F89-4330-BF24-758ACF013E59} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {63CA0A79-9850-48D7-AE8F-90F5274E830F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {6AD20159-38B4-4F9D-B178-43B3EBF1FCE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-03] (Google Inc.)
Task: {7EF6253C-F52A-4B9B-89CF-E507592D28AD} - System32\Tasks\{B4D3AA97-5062-49BE-928D-8EAE3BAE338F} => pcalua.exe -a E:\Download´s\FirmwareFlashLauncher(1).exe -d E:\Download´s
Task: {A07D970C-B40F-4BEA-858E-198D5CB01EE6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {B5C935A9-5C37-4457-86CB-0B4D6B24B044} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {B6FD41E6-0D4A-436C-B922-75823E6555F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {C19167BC-B8EE-4353-9213-1A6FECB45826} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-03] (Google Inc.)
Task: {DAF52731-8EC1-4B25-9628-C2C29E31F92C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DCE0FC36-2E0A-47F8-9810-AF01A160B27E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-01-17 00:16 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-17 00:16 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-12 20:18 - 2017-01-10 12:28 - 00022024 _____ () G:\Origin\QtWebEngineProcess.exe
2016-09-23 22:29 - 2016-09-23 22:29 - 19588800 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
2016-09-12 20:18 - 2017-01-10 12:28 - 02493440 _____ () G:\Origin\libGLESv2.dll
2016-09-12 20:18 - 2017-01-10 12:28 - 00012288 _____ () G:\Origin\libEGL.DLL
2016-08-02 15:43 - 2016-08-02 15:43 - 00266240 _____ () G:\Origin\imageformats\qmng.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3372468986-2828329476-3420813562-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.117.1.25 - 89.16.129.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{D50E84CE-F0A3-4982-AB2E-53EDB5157FB4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22BFE914-FE40-4A43-9E35-62C3EF0E7D1B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F815EC64-1D71-4D31-AED9-4790890637A9}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B71657F-FC9B-4992-B317-8B89B58F8F34}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{667485FE-4A31-40F0-A114-BDBFA82E0939}] => G:\Steam Game\Steam.exe
FirewallRules: [{EC171D1D-4B4A-482B-9BE6-2C5182EDBE17}] => G:\Steam Game\Steam.exe
FirewallRules: [{02AA4018-36C2-405D-B90A-E1E08DE55242}] => G:\Steam Game\bin\steamwebhelper.exe
FirewallRules: [{7E3ED941-83BD-4F49-9972-0D23DA1954A9}] => G:\Steam Game\bin\steamwebhelper.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{37BC8809-6BED-4AA6-B121-5B9197434595}] => G:\Steam Game\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7B1B9810-CC38-46D2-9640-EFD419A2A27E}] => G:\Steam Game\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324F8606-34EB-4430-A007-451326AC7B74}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8596BB2D-70FD-4C2B-B215-151B37E3B607}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E23A9C43-7E31-4D96-82D8-E124DE0528FE}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09E5B1C8-8485-4E3E-88D6-069649335AA7}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2250172-51CA-4C9C-96CC-B135DFC618B5}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3818DE62-C42F-4667-A7C4-3B6F73403660}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8298C7FE-A5CF-4A71-8649-AD31823CF64D}] => C:\Users\Erwin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9DE4C7F5-EC7F-4C19-AE92-5DB265D69D46}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BE363FC-D3D2-4D40-BFB2-F6DB9D1936CD}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A64E27A6-139F-4169-9E6E-27CAFC2FC0E7}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{51D339E4-7AA3-455C-8B33-ADC0A39C2F18}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A05DD337-A473-45AB-847D-7229666BFFE2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8D7D9FC-815B-4751-8B74-F0E39B7DF5C8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2842E376-4236-484A-9F30-720B9FCE5BCC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1A618FF8-246C-4356-93C9-14B6780A4324}] => G:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{EE6A2E46-FD07-4937-B347-4B0BEFED3131}] => G:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{C566B15C-9957-42EC-97A6-AD17B355A414}] => LPort=9322
FirewallRules: [{7B2237A9-06A0-4820-ADEB-22C2EE723CBE}] => LPort=5353
FirewallRules: [{F0F507C5-784D-48DB-9C30-7DD033E9CB6C}] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{F6C9CB37-EC83-405C-9DC2-4F8AE89826CF}] => C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{15DCD263-9EAB-414F-AC12-FAA08CF00B4F}] => C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{794909E7-AF26-4D6D-B746-6E24725FABF4}] => C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{FD8D8B9D-1860-4C84-8308-40D41DCDFFFA}] => C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{6210DDAB-7BFF-44AB-8184-5BCD0E45FC0D}] => LPort=80
FirewallRules: [{B086EF2B-C420-458A-A1FF-ABEED87DB972}] => LPort=443
FirewallRules: [{2E97F039-B399-4DBB-A671-04BD1F8E11F6}] => LPort=3216
FirewallRules: [{63026457-6171-4DED-8AE5-049D46C34467}] => LPort=18000
FirewallRules: [{9203F572-D973-4193-969D-F6CF18B561C1}] => LPort=18120
FirewallRules: [{E89BE0E4-9AD5-460E-9D25-FE241789647B}] => LPort=18060
FirewallRules: [{8259DA93-329F-4522-8FB7-5FC4B3EA5935}] => LPort=27900
FirewallRules: [{E3447003-B92B-4263-8333-696FDE05302E}] => LPort=29900
FirewallRules: [{F85B4469-3BA4-48DF-A154-ED1133916CAC}] => LPort=18000
FirewallRules: [{823569C6-BA5E-42BB-A56A-E77541871628}] => LPort=29900
FirewallRules: [{39CA125D-DCA0-4AB7-98F3-D3FB6DF121E2}] => G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{DD0725D5-A624-4000-850C-6B60AA83C4CB}] => G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{BFE90204-8330-4D17-811B-8486C7F37D6D}] => E:\Programme\ITunes\iTunes.exe
FirewallRules: [{0D6B3F25-AAD7-49F5-9D38-A8E89ED3B54C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F0C58E10-CA4A-4E8E-8749-A771B0005F3F}] => LPort=80
FirewallRules: [{77F616BF-3AB4-44FC-BE29-02DE8E33B4D3}] => LPort=443
FirewallRules: [{13B3B28B-6875-48F9-BB7A-AFEB502C3A0F}] => LPort=20010
FirewallRules: [{DA6BE6AE-5F07-4CC2-A485-DCC697580CF1}] => LPort=3478
FirewallRules: [{1C19AA7B-2679-4C0D-90E1-6A150B93391F}] => LPort=7850
FirewallRules: [{0C37499C-88DF-403C-A7BF-C5EE0B5EB5A3}] => LPort=7852
FirewallRules: [{98892FFC-F835-4703-BBA1-E54F76DD4EAD}] => LPort=7853
FirewallRules: [{919D2A0E-25B1-422E-B6DC-3371C1982864}] => LPort=27022
FirewallRules: [{EC3BF2F6-D646-43C6-B625-604DADD7B62C}] => LPort=6881
FirewallRules: [{43D406D2-C4CA-43C7-8E9F-698051001913}] => LPort=33333
FirewallRules: [{8892625B-CF9B-440A-A5BA-DC92C9902456}] => LPort=20443
FirewallRules: [{994AC187-7210-482D-85F5-BBA5FB9F76F3}] => LPort=8090
FirewallRules: [{B85A6748-17D3-4462-BA5B-7148E9F94616}] => G:\Steam Game\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C58645F2-CC20-400D-A927-D480F1B6A348}] => G:\Steam Game\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F8C50A2-D98E-4F6A-87B5-71306C8B7FBE}] => G:\Steam Game\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{D56DE574-7518-4601-AA2E-84C5201141F6}] => G:\Steam Game\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{65967735-9065-40C8-B8AF-6384A4AA740F}] => E:\Programme\FireFox\firefox.exe
FirewallRules: [{CEE04512-58D3-44B5-B6DE-F61A997A0207}] => E:\Programme\FireFox\firefox.exe
FirewallRules: [{5253EE6C-B22E-4F41-A261-DD1B9AAE99AE}] => G:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{39FC1055-E4DF-482B-94E8-798FDDABD66A}] => G:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/18/2017 04:02:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/18/2017 11:41:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Download´s\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/18/2017 11:41:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Download´s\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/18/2017 11:41:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Download´s\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/18/2017 11:41:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Download´s\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/18/2017 09:53:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18
Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41a
ID des fehlerhaften Prozesses: 0x1008
Startzeit der fehlerhaften Anwendung: 0x01d27167cfe97224
Pfad der fehlerhaften Anwendung: E:\Telekom netzmanager\DslMgrSvc.exe
Pfad des fehlerhaften Moduls: E:\Telekom netzmanager\DslMgrSvc.exe
Berichtskennung: 88bda68c-dd5b-11e6-b51d-010101010000

Error: (01/18/2017 01:04:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18
Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41a
ID des fehlerhaften Prozesses: 0x13a4
Startzeit der fehlerhaften Anwendung: 0x01d27115baf2e90d
Pfad der fehlerhaften Anwendung: E:\Telekom netzmanager\DslMgrSvc.exe
Pfad des fehlerhaften Moduls: E:\Telekom netzmanager\DslMgrSvc.exe
Berichtskennung: a06fa0ed-dd11-11e6-968c-010101010000

Error: (01/18/2017 12:05:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Download´s\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/18/2017 12:05:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Download´s\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/17/2017 09:29:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18
Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c41a
ID des fehlerhaften Prozesses: 0x17e4
Startzeit der fehlerhaften Anwendung: 0x01d2709845685545
Pfad der fehlerhaften Anwendung: E:\Telekom netzmanager\DslMgrSvc.exe
Pfad des fehlerhaften Moduls: E:\Telekom netzmanager\DslMgrSvc.exe
Berichtskennung: 0030ddfd-dc8f-11e6-a149-010101010000


Systemfehler:
=============
Error: (01/18/2017 12:57:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/18/2017 11:42:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/18/2017 11:42:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Erwin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/18/2017 11:42:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/18/2017 11:42:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Erwin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/18/2017 11:42:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/18/2017 11:42:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Erwin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/18/2017 11:41:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/18/2017 11:41:58 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Erwin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/18/2017 11:41:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 16276.84 MB
Verfügbarer physikalischer RAM: 9389.26 MB
Summe virtueller Speicher: 32551.86 MB
Verfügbarer virtueller Speicher: 25194 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:3.21 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: () (Fixed) (Total:926.44 GB) (Free:196.17 GB) NTFS
Drive f: (Musik) (Fixed) (Total:936.58 GB) (Free:85.26 GB) NTFS
Drive g: (Games) (Fixed) (Total:2794.39 GB) (Free:2664.53 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 75F281A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)
Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

skriptfehler besteht nicht aber nun komm ich mal zu dem problem das mein laufwerk C: sich selber voll macht und immer nach jeden start eine andere menge an speicher frei bleibt !

skriptfehler besteht nicht mehr aber nun komm ich mal zu dem problem das mein laufwerk C: sich selber voll macht und immer nach jeden start eine andere menge an speicher frei bleibt !

M-K-D-B · 18.01.2017, 17:00

Servus,

also Malware sehe ich keine in den Logdateien, also muss es was anderes sein (Windows internes Problem, Treiber, etc.).

Was du noch machen kannst:

1)

Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
Starte das Programm und führe die Punkte 1-7 durch. (Siehe Bildanleitung)

2)
Inplace-Upgrade

3)
Windows Neuinstallation

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
[/url] Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Erwin80 · 19.01.2017, 15:18

Danke für deine Hilfe

M-K-D-B · 19.01.2017, 16:58

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Brwoser befall!

Plagegeister aller Art und deren Bekämpfung: Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Brwoser befall!

Ähnliche Themen: Brwoser befall!

15.01.2017, 08:53	#1
Erwin80	Brwoser befall! hilfe holt mich hier raus. nein mal ganz ehrlich mein Moziller ist als einziger browser der, der noch spinnt und skriptfehler hat, daher frage ich wer mir helfen würde diesen Fehler zu Eliminieren.

19.01.2017, 15:18	#11
Erwin80	Brwoser befall! Danke für deine Hilfe