| |
| |||||||
Log-Analyse und Auswertung: Avast - svchost geblockt Malware LinkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.02.2017, 16:54
| #1 |
 |  Avast - svchost geblockt Malware Link Liebes Team, Ich habe heute folgende Warnung von Avast! bekommen: Code:
ATTFilter 15.02.2017 13:43:56 https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:44:30 https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:45:02 https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:45:34 https://131.253.61.84/ [L] URL:Mal (0)
Dabei habe ich zu diesem Zeitpunkt nicht am Rechner gesessen und wurde nur durch die Audio-Meldung auf die Warnung aufmerksam. Danke im Voraus für eure Hilfe! Daniel EDIT sagt: Mein Betriebssystem ist Windows 10. Das habe ich vergessen mit zu schreiben. EDIT Ende Ich habe bisher den FRST-Scan gemacht, dazu hier die Log-Dateien: FRST.TXT (Anmerkung: Ich habe den Klarnamen eines bekannten im Bereich erstellte Dateien und Ordner zensiert, sowie meinen microsoft-Login-Namen zensiert) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 01
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (15-02-2017 16:06:09)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [OneDrive] => C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1517280 2017-02-07] (Microsoft Corporation) <===== ACHTUNG
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [22982848 2016-12-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-12]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-15]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-22]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
S2 IBG_gds_db; C:\Program Files (x86)\Embarcadero\Studio\18.0\InterBaseXE7\bin\ibguard.exe [636744 2016-02-25] (Embarcadero Technologies, Inc.)
S3 IBS_gds_db; C:\Program Files (x86)\Embarcadero\Studio\18.0\InterBaseXE7\bin\ibserver.exe [5587272 2016-02-25] (Embarcadero Technologies, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-15 16:06 - 2017-02-15 16:06 - 00029608 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-15 16:05 - 2017-02-15 16:06 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-15 16:05 - 02422272 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 21:58 - 2017-02-13 21:58 - 00000000 ___HD C:\OneDriveTemp
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:10 - 2016-07-22 08:21 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\SET3DA.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\SET399.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETE6F9.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETBBB3.tmp
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_***********.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software
2017-01-19 19:38 - 2017-01-19 19:38 - 00000000 ____D C:\Users\danie\Downloads\Django Unchained-kinox to(44884)-bySGexx
2017-01-16 17:38 - 2017-01-16 17:38 - 00205440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2017-01-16 17:38 - 2017-01-16 17:38 - 00137920 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys
2017-01-16 17:38 - 2017-01-16 17:38 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-15 16:03 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-15 15:54 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-15 14:28 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-15 14:27 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-15 13:55 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-15 11:37 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-15 08:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-15 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 21:58 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-13 21:58 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-13 16:31 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 21:41 - 2016-08-06 18:00 - 00004278 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-02 13:59 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-01 20:57 - 2016-08-04 20:24 - 01004544 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-01 20:57 - 2016-07-16 23:51 - 00550294 _____ C:\Windows\system32\perfh007.dat
2017-02-01 20:57 - 2016-07-16 23:51 - 00156908 _____ C:\Windows\system32\perfc007.dat
2017-02-01 20:50 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-01 20:50 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-01 20:45 - 2016-08-04 20:16 - 05014704 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 18:07 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-23 14:47 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-01-23 14:42 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP
2017-01-19 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-19 18:14 - 2016-08-04 23:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-19 18:05 - 2016-08-04 22:38 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-01-18 21:42 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 21:10 - 2016-08-12 15:26 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\Program Files\Java
2017-01-16 17:38 - 2017-01-12 18:23 - 00959720 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-01-16 17:38 - 2016-09-29 21:37 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole3735512050020065073.dll
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole5825304206742508178.dll
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole6305030320323710800.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 22:03
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 01
durchgeführt von danie (15-02-2017 16:06:50)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Embarcadero InterBase XE7 (HKLM-x32\...\Embarcadero InterBase XE7) (Version: Embarcadero InterBase XE7 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio 10.1 Berlin (HKLM-x32\...\Embarcadero RAD Studio 10.1 Berlin) (Version: 18.0 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio Berlin (x32 Version: 18.0 - Embarcadero Technologies, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FastReport 5 Embarcadero edition (HKLM-x32\...\{7FBAEA0A-5C1A-4a2e-8BD1-275A0C3755BB}) (Version: Embarcadero Edition - FastReports)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows 10 SDK Installer (HKLM-x32\...\Microsoft Windows 10 SDK Installer) (Version: 18.0 - Embarcadero Technologies Inc.)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version: - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version: - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Zortam Mp3 Media Studio 21.35 (HKLM-x32\...\Zortam Mp3 Media Studio_is1) (Version: - Zortam)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2493413F-9C60-497D-8DA3-AE1DA66A2B3D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {32D51965-AA80-4FDA-8DB7-1781EB4FB623} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*************************** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {EE42846D-A85E-4918-8320-349AF43E2871} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-11 22:58 - 2016-12-21 07:55 - 07843840 _____ () C:\Windows\ShellExperiences\QuickConnectUI.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 09:09 - 2017-02-06 09:09 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:42 - 2016-11-23 08:42 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-04 20:47 - 2016-08-04 20:47 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-07-17 00:01 - 2016-07-17 00:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-15 08:57 - 2017-02-15 08:58 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-01-23 08:04 - 2017-01-23 08:04 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-14 19:11 - 2017-02-14 19:11 - 06350848 _____ () C:\Program Files\AVAST Software\Avast\defs\17021400\algo.dll
2017-02-15 11:12 - 2017-02-15 11:12 - 06350848 _____ () C:\Program Files\AVAST Software\Avast\defs\17021500\algo.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-08-04 23:14 - 2013-04-05 12:23 - 00954880 _____ () C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2016-08-06 18:00 - 2016-08-06 18:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 01:29 - 2017-02-07 05:48 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-08-19 13:45 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-08 01:29 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-08-19 13:45 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-08 01:29 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-19 13:45 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-08 01:29 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-08 01:29 - 2016-12-22 07:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-08 01:29 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-08 01:29 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2016-08-04 22:48 - 00001050 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Wiederherstellungspunkte =========================
23-01-2017 14:51:59 Installed calibre 64bit
02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/15/2017 04:03:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 03:50:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 03:50:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:50:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\filetypeverifier.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\14.0\Debugger\target\armv4i\vsgraphicsremoteengine.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/15/2017 03:49:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 02:18:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Systemfehler:
=============
Error: (02/15/2017 03:53:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/15/2017 03:51:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/15/2017 03:51:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/15/2017 03:49:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/15/2017 03:46:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/15/2017 03:46:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys
Error: (02/15/2017 03:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/15/2017 03:46:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys
Error: (02/15/2017 03:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/15/2017 03:46:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-12-07 16:02:25.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-07 16:02:25.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.930
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-18 13:06:10.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-18 13:06:10.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 3860.96 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 3789.86 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:209.11 GB) (Free:57.85 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:3.64 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
16.02.2017, 12:32
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Avast - svchost geblockt Malware LinkZitat:
Du hast gecrackte Software von Adobe auf dem Rechner.   Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ |
|
16.02.2017, 17:00
| #3 |
| | Avast - svchost geblockt Malware Link Hallo Cosinus,
__________________ich hoffe ich habe jetzt alles entfernt. Anbei wieder die beiden logs - erneut mit zensierten Namen. FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (16-02-2017 16:47:52)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-22]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (uMatrix) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2017-02-15]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [51104 2016-08-02] (USBPcap)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-16 16:47 - 2017-02-16 16:48 - 00025945 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-16 16:47 - 2017-02-16 16:47 - 00000000 ___HD C:\OneDriveTemp
2017-02-16 16:47 - 2017-02-16 16:47 - 00000000 ____D C:\Users\danie\Desktop\FRST-OlderVersion
2017-02-16 16:31 - 2017-02-16 16:31 - 00000000 ____D C:\Users\danie\AppData\Local\{FE8BEBBE-9A66-4252-9271-3B862ED0CA94}
2017-02-15 19:20 - 2017-02-15 19:20 - 00000000 ____D C:\Users\danie\AppData\Roaming\Wireshark
2017-02-15 18:13 - 2017-02-15 18:13 - 00001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00001569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\USBPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-02-15 18:12 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\Wireshark
2017-02-15 18:08 - 2017-02-15 18:11 - 49360976 _____ (Wireshark development team) C:\Users\danie\Desktop\Wireshark-win64-2.2.4.exe
2017-02-15 16:05 - 2017-02-16 16:47 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-16 16:47 - 02422272 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_***********.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software
2017-01-19 19:38 - 2017-01-19 19:38 - 00000000 ____D C:\Users\danie\Downloads\Django Unchained-kinox to(44884)-bySGexx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-16 16:48 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-16 16:48 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-16 16:47 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-16 16:47 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-16 16:46 - 2016-08-04 20:24 - 01097934 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-16 16:46 - 2016-07-16 23:51 - 00601120 _____ C:\Windows\system32\perfh007.dat
2017-02-16 16:46 - 2016-07-16 23:51 - 00171116 _____ C:\Windows\system32\perfc007.dat
2017-02-16 16:42 - 2016-08-04 20:16 - 05002832 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-16 16:42 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-16 16:41 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\Embarcadero
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-16 16:15 - 2016-08-05 17:25 - 00000000 ____D C:\Program Files\Adobe
2017-02-16 16:15 - 2016-08-05 17:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-16 16:14 - 2016-08-04 22:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-02-16 16:14 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-16 16:09 - 2016-08-04 22:18 - 00000000 ____D C:\ProgramData\Adobe
2017-02-16 15:51 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-16 15:51 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-02-16 14:37 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-16 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-16 12:29 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-16 09:50 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-16 08:49 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-15 22:28 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-15 18:13 - 2016-08-04 20:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 21:41 - 2016-08-06 18:00 - 00004278 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP
2017-01-19 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-19 18:14 - 2016-08-04 23:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-18 21:42 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 21:10 - 2016-08-12 15:26 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\Program Files\Java
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log
Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-15 20:32 - 2017-02-15 20:32 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole2050292058776030906.dll
2017-02-15 20:32 - 2017-02-15 20:32 - 0040448 _____ () C:\Users\danie\AppData\Local\Temp\proxy_vole4484201258717203537.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 22:03
==================== Ende von FRST.txt ============================
Additions.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
durchgeführt von danie (16-02-2017 16:48:44)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version: - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version: - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
USBPcap 1.1.0.0-g794bf26-5 (HKLM\...\USBPcap) (Version: 1.1.0.0-g794bf26-5 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Wireshark 2.2.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2493413F-9C60-497D-8DA3-AE1DA66A2B3D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-11 22:58 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-16 14:47 - 2017-02-16 14:47 - 05833216 _____ () C:\Program Files\AVAST Software\Avast\defs\17021600\algo.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2016-08-06 19:43 - 2017-02-07 21:11 - 51777648 _____ () C:\Users\danie\AppData\Roaming\Spotify\libcef.dll
2016-10-28 13:50 - 2017-02-07 21:11 - 00110192 _____ () C:\Users\danie\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-08-06 19:43 - 2017-02-07 21:11 - 01803888 _____ () C:\Users\danie\AppData\Roaming\Spotify\libglesv2.dll
2016-08-06 19:43 - 2017-02-07 21:11 - 00086128 _____ () C:\Users\danie\AppData\Roaming\Spotify\libegl.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-06 18:00 - 2016-08-06 18:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 01:29 - 2017-02-07 05:48 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-08-19 13:45 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-08 01:29 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-08-19 13:45 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-08 01:29 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-19 13:45 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-08 01:29 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-08 01:29 - 2016-12-22 07:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-08 01:29 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-08 01:29 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2017-02-16 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Wiederherstellungspunkte =========================
23-01-2017 14:51:59 Installed calibre 64bit
02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch
15-02-2017 18:12:46 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/16/2017 04:42:03 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (02/16/2017 03:46:33 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (02/16/2017 03:21:14 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-9T9O37C)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.
Error: (02/15/2017 06:45:37 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0006; CorrelationId: {80EF0F66-32CE-4ED2-AFF6-39D526F42E76}
Error: (02/15/2017 06:42:19 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (02/15/2017 06:41:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/15/2017 06:15:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 06:15:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 06:14:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 06:14:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (02/16/2017 04:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 04:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 04:47:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 04:44:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/16/2017 04:41:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 04:20:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "InterBase XE7 Guardian gds_db" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (02/16/2017 03:48:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/16/2017 03:46:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 03:46:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 03:46:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2016-12-07 16:02:25.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-07 16:02:25.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.930
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-18 13:06:10.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-18 13:06:10.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 5195.79 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 6401.64 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:209.11 GB) (Free:92.65 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:43.94 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
16.02.2017, 19:06
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast - svchost geblockt Malware Link Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.02.2017, 19:11
| #5 |
| | Avast - svchost geblockt Malware Link Avast ist deinstalliert. Sorry, da hätte ich auch vorher dran denken können. Brauchst du einen neuen Suchlauf von FRST? |
|
16.02.2017, 19:55
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast - svchost geblockt Malware Link 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Avast - svchost geblockt Malware Link |
|
16.02.2017, 20:43
| #7 |
| | Avast - svchost geblockt Malware Link Beide Programme haben nichts gefunden. Malwarebytes habe ich vorher aktualisiert wie beschrieben, im TDSSKiller gab es allerdings keine Option zum Update - ich hoffe das hat trotzdem automatisch stattgefunden. Vllt kannst du ja mehr aus den logs lesen (Oder mir sagen, dass der Recherner clean ist ... ich gehe einfach mal davon aus, dass es kein gänzlich unbekannter virus/Trojaner ist, das kann man ja eh nie ausschließen) EDIT: Der TDSS-Killer log ist zu groß um ihn hier einzufügen. Ich habe ihn daher als ZIP-File angehangen... Tut mir leid für die Unannehmlichkeiten. mbar-log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.16.10
rootkit: v2017.02.15.01
Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
danie :: DESKTOP-9T9O37C [administrator]
16.02.2017 20:00:25
mbar-log-2017-02-16 (20-00-25).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 364817
Time elapsed: 18 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von pitti911 (16.02.2017 um 20:48 Uhr) |
|
16.02.2017, 21:55
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast - svchost geblockt Malware Link Bitte lies den Lesetoff richtig!! Es wurde ausdrücklich geschrieben, dass Anhänge unerwünscht sind!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2017, 21:58
| #9 |
| | Avast - svchost geblockt Malware Link Das habe ich auch gelesen, sonst hätte ich mich nicht dafür entschuldigt, dass ich den Log angehängt habe... Der TDSSKiller-Log ist auch zu lang um ihn in einem separaten Post zu posten. Wenn ich ihn irgendwo zwischendrin unterbrechen soll und auf zwei Posts aufteilen, kann ich das auch machen - das ist aber die einzige Alternative zum Anhang. EDIT: Ich teile den Log auf zwei Posts auf (In der Hoffnung, dass das reicht) Code:
ATTFilter 20:28:53.0019 0x0be0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
20:28:57.0154 0x0be0 ============================================================
20:28:57.0154 0x0be0 Current date / time: 2017/02/16 20:28:57.0154
20:28:57.0154 0x0be0 SystemInfo:
20:28:57.0154 0x0be0
20:28:57.0154 0x0be0 OS Version: 10.0.14393 ServicePack: 0.0
20:28:57.0154 0x0be0 Product type: Workstation
20:28:57.0154 0x0be0 ComputerName: DESKTOP-9T9O37C
20:28:57.0154 0x0be0 UserName: danie
20:28:57.0154 0x0be0 Windows directory: C:\Windows
20:28:57.0154 0x0be0 System windows directory: C:\Windows
20:28:57.0154 0x0be0 Running under WOW64
20:28:57.0154 0x0be0 Processor architecture: Intel x64
20:28:57.0154 0x0be0 Number of processors: 8
20:28:57.0154 0x0be0 Page size: 0x1000
20:28:57.0154 0x0be0 Boot type: Normal boot
20:28:57.0154 0x0be0 CodeIntegrityOptions = 0x00000001
20:28:57.0155 0x0be0 ============================================================
20:28:57.0214 0x0be0 KLMD registered as C:\Windows\system32\drivers\19544463.sys
20:28:57.0214 0x0be0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
20:28:58.0338 0x0be0 System UUID: {830F3899-34E1-81FB-A689-9CCA937CB700}
20:28:59.0064 0x0be0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:59.0065 0x0be0 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:59.0074 0x0be0 ============================================================
20:28:59.0074 0x0be0 \Device\Harddisk0\DR0:
20:28:59.0075 0x0be0 MBR partitions:
20:28:59.0075 0x0be0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE7F7C03
20:28:59.0075 0x0be0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF1A15, BlocksNum 0x2939322C
20:28:59.0075 0x0be0 \Device\Harddisk1\DR1:
20:28:59.0075 0x0be0 MBR partitions:
20:28:59.0075 0x0be0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
20:28:59.0075 0x0be0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1A236800
20:28:59.0075 0x0be0 ============================================================
20:28:59.0076 0x0be0 C: <-> \Device\Harddisk1\DR1\Partition2
20:28:59.0078 0x0be0 D: <-> \Device\Harddisk0\DR0\Partition1
20:28:59.0357 0x0be0 F: <-> \Device\Harddisk0\DR0\Partition2
20:28:59.0357 0x0be0 ============================================================
20:28:59.0358 0x0be0 Initialize success
20:28:59.0358 0x0be0 ============================================================
20:29:21.0744 0x2f04 ============================================================
20:29:21.0744 0x2f04 Scan started
20:29:21.0744 0x2f04 Mode: Manual; SigCheck; TDLFS;
20:29:21.0744 0x2f04 ============================================================
20:29:21.0744 0x2f04 KSN ping started
20:29:21.0819 0x2f04 KSN ping finished: true
20:29:22.0651 0x2f04 ================ Scan system memory ========================
20:29:22.0651 0x2f04 System memory - ok
20:29:22.0652 0x2f04 ================ Scan services =============================
20:29:22.0714 0x2f04 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:29:22.0785 0x2f04 1394ohci - ok
20:29:22.0796 0x2f04 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:29:22.0816 0x2f04 3ware - ok
20:29:22.0842 0x2f04 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:29:22.0881 0x2f04 ACPI - ok
20:29:22.0887 0x2f04 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\Windows\System32\drivers\AcpiDev.sys
20:29:22.0906 0x2f04 AcpiDev - ok
20:29:22.0914 0x2f04 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:29:22.0934 0x2f04 acpiex - ok
20:29:22.0939 0x2f04 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:29:22.0957 0x2f04 acpipagr - ok
20:29:22.0961 0x2f04 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:29:22.0981 0x2f04 AcpiPmi - ok
20:29:22.0986 0x2f04 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:29:23.0006 0x2f04 acpitime - ok
20:29:23.0045 0x2f04 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
20:29:23.0098 0x2f04 ADP80XX - ok
20:29:23.0121 0x2f04 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\Windows\system32\drivers\afd.sys
20:29:23.0158 0x2f04 AFD - ok
20:29:23.0226 0x2f04 [ F2EB8EB5FC46FB849498BBEF2AD6539D, 6BC9938B3E432963FFAB6A13E9237DA7888A3595522BBE99F2AA556ED06F5651 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
20:29:23.0304 0x2f04 AGSService - ok
20:29:23.0318 0x2f04 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
20:29:23.0353 0x2f04 ahcache - ok
20:29:23.0357 0x2f04 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\Windows\System32\AJRouter.dll
20:29:23.0376 0x2f04 AJRouter - ok
20:29:23.0382 0x2f04 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\Windows\System32\alg.exe
20:29:23.0405 0x2f04 ALG - ok
20:29:23.0417 0x2f04 [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:29:23.0442 0x2f04 AMD External Events Utility - ok
20:29:23.0449 0x2f04 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:29:23.0472 0x2f04 AmdK8 - ok
20:29:23.0476 0x2f04 amdkmdag - ok
20:29:23.0500 0x2f04 [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:29:23.0537 0x2f04 amdkmdap - ok
20:29:23.0546 0x2f04 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:29:23.0567 0x2f04 AmdPPM - ok
20:29:23.0573 0x2f04 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:29:23.0591 0x2f04 amdsata - ok
20:29:23.0602 0x2f04 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:29:23.0626 0x2f04 amdsbs - ok
20:29:23.0631 0x2f04 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:29:23.0647 0x2f04 amdxata - ok
20:29:23.0655 0x2f04 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\Windows\system32\drivers\appid.sys
20:29:23.0676 0x2f04 AppID - ok
20:29:23.0683 0x2f04 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:29:23.0711 0x2f04 AppIDSvc - ok
20:29:23.0718 0x2f04 [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\Windows\System32\appinfo.dll
20:29:23.0749 0x2f04 Appinfo - ok
20:29:23.0758 0x2f04 [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:29:23.0770 0x2f04 Apple Mobile Device Service - ok
20:29:23.0774 0x2f04 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\Windows\system32\drivers\applockerfltr.sys
20:29:23.0804 0x2f04 applockerfltr - ok
20:29:23.0824 0x2f04 [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness C:\Windows\system32\AppReadiness.dll
20:29:23.0873 0x2f04 AppReadiness - ok
20:29:23.0940 0x2f04 [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
20:29:24.0072 0x2f04 AppXSvc - ok
20:29:24.0084 0x2f04 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:29:24.0103 0x2f04 arcsas - ok
20:29:24.0109 0x2f04 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:29:24.0127 0x2f04 ASLDRService - ok
20:29:24.0131 0x2f04 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:29:24.0139 0x2f04 ASMMAP64 - ok
20:29:24.0146 0x2f04 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
20:29:24.0165 0x2f04 AsyncMac - ok
20:29:24.0170 0x2f04 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:29:24.0187 0x2f04 atapi - ok
20:29:24.0311 0x2f04 [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr C:\Windows\System32\drivers\athwnx.sys
20:29:24.0524 0x2f04 athr - ok
20:29:24.0538 0x2f04 [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWT6.sys
20:29:24.0560 0x2f04 AtiHDAudioService - ok
20:29:24.0566 0x2f04 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:29:24.0576 0x2f04 ATKGFNEXSrv - ok
20:29:24.0589 0x2f04 [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:29:24.0630 0x2f04 AudioEndpointBuilder - ok
20:29:24.0661 0x2f04 [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:29:24.0721 0x2f04 Audiosrv - ok
20:29:24.0732 0x2f04 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:29:24.0756 0x2f04 AxInstSV - ok
20:29:24.0776 0x2f04 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:29:24.0809 0x2f04 b06bdrv - ok
20:29:24.0815 0x2f04 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:29:24.0836 0x2f04 BasicDisplay - ok
20:29:24.0841 0x2f04 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:29:24.0858 0x2f04 BasicRender - ok
20:29:24.0864 0x2f04 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\Windows\System32\drivers\bcmfn.sys
20:29:24.0882 0x2f04 bcmfn - ok
20:29:24.0886 0x2f04 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
20:29:24.0903 0x2f04 bcmfn2 - ok
20:29:24.0916 0x2f04 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\Windows\System32\bdesvc.dll
20:29:24.0956 0x2f04 BDESVC - ok
20:29:24.0961 0x2f04 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\Windows\system32\drivers\Beep.sys
20:29:24.0978 0x2f04 Beep - ok
20:29:25.0006 0x2f04 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\Windows\System32\bfe.dll
20:29:25.0060 0x2f04 BFE - ok
20:29:25.0094 0x2f04 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\Windows\System32\qmgr.dll
20:29:25.0166 0x2f04 BITS - ok
20:29:25.0184 0x2f04 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:29:25.0205 0x2f04 Bonjour Service - ok
20:29:25.0212 0x2f04 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:29:25.0238 0x2f04 bowser - ok
20:29:25.0263 0x2f04 [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:29:25.0325 0x2f04 BrokerInfrastructure - ok
20:29:25.0335 0x2f04 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\Windows\System32\browser.dll
20:29:25.0358 0x2f04 Browser - ok
20:29:25.0370 0x2f04 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:29:25.0388 0x2f04 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:29:25.0488 0x2f04 Detect skipped due to KSN trusted
20:29:25.0488 0x2f04 BrYNSvc - ok
20:29:25.0497 0x2f04 [ A70E09FD082BFA67BE085D41C8B6A85F, 1711163E7BE0DE83701A0293BF5D4D37AAD124D88F6FFA3FCC6CF0F3A7D3B78D ] BthA2DP C:\Windows\system32\drivers\BthA2DP.sys
20:29:25.0528 0x2f04 BthA2DP - ok
20:29:25.0534 0x2f04 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:29:25.0552 0x2f04 BthAvrcpTg - ok
20:29:25.0560 0x2f04 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
20:29:25.0586 0x2f04 BthEnum - ok
20:29:25.0591 0x2f04 [ 20C63A9CC92CEA8D284C6EA36FED68DC, DA7669CCCA6838269297DD45EDB48149898B3E14648B5DB3B93AF82A3279B411 ] BthHFAud C:\Windows\System32\drivers\BthHfAud.sys
20:29:25.0610 0x2f04 BthHFAud - ok
20:29:25.0615 0x2f04 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:29:25.0636 0x2f04 BthHFEnum - ok
20:29:25.0641 0x2f04 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:29:25.0657 0x2f04 bthhfhid - ok
20:29:25.0670 0x2f04 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
20:29:25.0701 0x2f04 BthHFSrv - ok
20:29:25.0707 0x2f04 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:29:25.0726 0x2f04 BTHMODEM - ok
20:29:25.0734 0x2f04 [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan C:\Windows\System32\drivers\bthpan.sys
20:29:25.0761 0x2f04 BthPan - ok
20:29:25.0793 0x2f04 [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT C:\Windows\System32\drivers\BTHport.sys
20:29:25.0854 0x2f04 BTHPORT - ok
20:29:25.0863 0x2f04 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\Windows\system32\bthserv.dll
20:29:25.0887 0x2f04 bthserv - ok
20:29:25.0893 0x2f04 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\Windows\System32\drivers\BTHUSB.sys
20:29:25.0914 0x2f04 BTHUSB - ok
20:29:25.0919 0x2f04 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
20:29:25.0939 0x2f04 buttonconverter - ok
20:29:25.0947 0x2f04 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\Windows\System32\drivers\capimg.sys
20:29:25.0988 0x2f04 CapImg - ok
20:29:25.0995 0x2f04 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:29:26.0019 0x2f04 cdfs - ok
20:29:26.0036 0x2f04 [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\Windows\System32\CDPSvc.dll
20:29:26.0074 0x2f04 CDPSvc - ok
20:29:26.0088 0x2f04 [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\Windows\System32\CDPUserSvc.dll
20:29:26.0119 0x2f04 CDPUserSvc - ok
20:29:26.0131 0x2f04 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:29:26.0154 0x2f04 cdrom - ok
20:29:26.0163 0x2f04 [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc C:\Windows\System32\certprop.dll
20:29:26.0196 0x2f04 CertPropSvc - ok
20:29:26.0209 0x2f04 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\Windows\system32\drivers\cht4sx64.sys
20:29:26.0235 0x2f04 cht4iscsi - ok
20:29:26.0300 0x2f04 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\Windows\System32\drivers\cht4vx64.sys
20:29:26.0387 0x2f04 cht4vbd - ok
20:29:26.0395 0x2f04 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\Windows\System32\drivers\circlass.sys
20:29:26.0414 0x2f04 circlass - ok
20:29:26.0428 0x2f04 [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:29:26.0456 0x2f04 CLFS - ok
20:29:26.0564 0x2f04 [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
20:29:26.0686 0x2f04 ClickToRunSvc - ok
20:29:26.0714 0x2f04 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\Windows\System32\ClipSVC.dll
20:29:26.0754 0x2f04 ClipSVC - ok
20:29:26.0761 0x2f04 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\Windows\System32\drivers\registry.sys
20:29:26.0781 0x2f04 clreg - ok
20:29:26.0793 0x2f04 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:29:26.0809 0x2f04 CmBatt - ok
20:29:26.0832 0x2f04 [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG C:\Windows\system32\Drivers\cng.sys
20:29:26.0868 0x2f04 CNG - ok
20:29:26.0874 0x2f04 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
20:29:26.0889 0x2f04 cnghwassist - ok
20:29:26.0914 0x2f04 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
20:29:26.0932 0x2f04 CompositeBus - ok
20:29:26.0936 0x2f04 COMSysApp - ok
20:29:26.0943 0x2f04 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\Windows\system32\drivers\condrv.sys
20:29:26.0958 0x2f04 condrv - ok
20:29:26.0984 0x2f04 [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
20:29:27.0029 0x2f04 CoreMessagingRegistrar - ok
20:29:27.0040 0x2f04 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:29:27.0065 0x2f04 CryptSvc - ok
20:29:27.0071 0x2f04 [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam C:\Windows\system32\drivers\dam.sys
20:29:27.0088 0x2f04 dam - ok
20:29:27.0095 0x2f04 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
20:29:27.0109 0x2f04 dbupdate - ok
20:29:27.0116 0x2f04 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
20:29:27.0128 0x2f04 dbupdatem - ok
20:29:27.0131 0x2f04 dbx - ok
20:29:27.0137 0x2f04 [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc C:\Windows\system32\DbxSvc.exe
20:29:27.0147 0x2f04 DbxSvc - ok
20:29:27.0179 0x2f04 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:29:27.0240 0x2f04 DcomLaunch - ok
20:29:27.0249 0x2f04 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\Windows\system32\dcpsvc.dll
20:29:27.0285 0x2f04 DcpSvc - ok
20:29:27.0302 0x2f04 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\Windows\System32\defragsvc.dll
20:29:27.0349 0x2f04 defragsvc - ok
20:29:27.0365 0x2f04 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\Windows\system32\das.dll
20:29:27.0406 0x2f04 DeviceAssociationService - ok
20:29:27.0414 0x2f04 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:29:27.0442 0x2f04 DeviceInstall - ok
20:29:27.0447 0x2f04 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
20:29:27.0465 0x2f04 DevQueryBroker - ok
20:29:27.0473 0x2f04 [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:29:27.0502 0x2f04 Dfsc - ok
20:29:27.0511 0x2f04 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:29:27.0525 0x2f04 dg_ssudbus - ok
20:29:27.0539 0x2f04 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:29:27.0577 0x2f04 Dhcp - ok
20:29:27.0585 0x2f04 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:29:27.0628 0x2f04 diagnosticshub.standardcollector.service - ok
20:29:27.0687 0x2f04 [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack C:\Windows\system32\diagtrack.dll
20:29:27.0798 0x2f04 DiagTrack - ok
20:29:27.0808 0x2f04 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\Windows\system32\drivers\disk.sys
20:29:27.0825 0x2f04 disk - ok
20:29:27.0840 0x2f04 [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
20:29:27.0881 0x2f04 DmEnrollmentSvc - ok
20:29:27.0889 0x2f04 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:29:27.0906 0x2f04 dmvsc - ok
20:29:27.0911 0x2f04 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
20:29:27.0945 0x2f04 dmwappushservice - ok
20:29:27.0956 0x2f04 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:29:27.0990 0x2f04 Dnscache - ok
20:29:28.0005 0x2f04 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\Windows\System32\dot3svc.dll
20:29:28.0035 0x2f04 dot3svc - ok
20:29:28.0044 0x2f04 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\Windows\system32\dps.dll
20:29:28.0068 0x2f04 DPS - ok
20:29:28.0072 0x2f04 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\Windows\system32\DRIVERS\drmkaud.sys
20:29:28.0088 0x2f04 drmkaud - ok
20:29:28.0097 0x2f04 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:29:28.0130 0x2f04 DsmSvc - ok
20:29:28.0139 0x2f04 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\Windows\System32\DsSvc.dll
20:29:28.0163 0x2f04 DsSvc - ok
20:29:28.0228 0x2f04 [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:29:28.0322 0x2f04 DXGKrnl - ok
20:29:28.0332 0x2f04 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\Windows\System32\eapsvc.dll
20:29:28.0361 0x2f04 EapHost - ok
20:29:28.0455 0x2f04 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:29:28.0590 0x2f04 ebdrv - ok
20:29:28.0600 0x2f04 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\Windows\System32\lsass.exe
20:29:28.0616 0x2f04 EFS - ok
20:29:28.0623 0x2f04 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:29:28.0641 0x2f04 EhStorClass - ok
20:29:28.0648 0x2f04 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:29:28.0666 0x2f04 EhStorTcgDrv - ok
20:29:28.0673 0x2f04 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
20:29:28.0699 0x2f04 embeddedmode - ok
20:29:28.0711 0x2f04 [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
20:29:28.0742 0x2f04 EntAppSvc - ok
20:29:28.0746 0x2f04 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:29:28.0764 0x2f04 ErrDev - ok
20:29:28.0785 0x2f04 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\Windows\system32\es.dll
20:29:28.0823 0x2f04 EventSystem - ok
20:29:28.0837 0x2f04 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\Windows\system32\drivers\exfat.sys
20:29:28.0868 0x2f04 exfat - ok
20:29:28.0881 0x2f04 [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:29:28.0906 0x2f04 fastfat - ok
20:29:28.0928 0x2f04 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\Windows\system32\fxssvc.exe
20:29:28.0975 0x2f04 Fax - ok
20:29:28.0981 0x2f04 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\Windows\System32\drivers\fdc.sys
20:29:29.0001 0x2f04 fdc - ok
20:29:29.0005 0x2f04 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:29:29.0031 0x2f04 fdPHost - ok
20:29:29.0036 0x2f04 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\Windows\system32\fdrespub.dll
20:29:29.0059 0x2f04 FDResPub - ok
20:29:29.0066 0x2f04 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\Windows\system32\fhsvc.dll
20:29:29.0109 0x2f04 fhsvc - ok
20:29:29.0116 0x2f04 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys
20:29:29.0136 0x2f04 FileCrypt - ok
20:29:29.0143 0x2f04 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:29:29.0159 0x2f04 FileInfo - ok
20:29:29.0165 0x2f04 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:29:29.0187 0x2f04 Filetrace - ok
20:29:29.0191 0x2f04 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:29:29.0208 0x2f04 flpydisk - ok
20:29:29.0222 0x2f04 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:29:29.0248 0x2f04 FltMgr - ok
20:29:29.0303 0x2f04 [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache C:\Windows\system32\FntCache.dll
20:29:29.0410 0x2f04 FontCache - ok
20:29:29.0418 0x2f04 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:29:29.0432 0x2f04 FontCache3.0.0.0 - ok
20:29:29.0460 0x2f04 [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer C:\Windows\system32\FrameServer.dll
20:29:29.0518 0x2f04 FrameServer - ok
20:29:29.0524 0x2f04 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:29:29.0540 0x2f04 FsDepends - ok
20:29:29.0544 0x2f04 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:29:29.0559 0x2f04 Fs_Rec - ok
20:29:29.0581 0x2f04 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:29:29.0617 0x2f04 fvevol - ok
20:29:29.0623 0x2f04 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:29:29.0632 0x2f04 GEARAspiWDM - ok
20:29:29.0637 0x2f04 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:29:29.0655 0x2f04 gencounter - ok
20:29:29.0659 0x2f04 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys
20:29:29.0677 0x2f04 genericusbfn - ok
20:29:29.0686 0x2f04 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:29:29.0705 0x2f04 GPIOClx0101 - ok
20:29:29.0746 0x2f04 [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\Windows\System32\gpsvc.dll
20:29:29.0820 0x2f04 gpsvc - ok
20:29:29.0826 0x2f04 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys
20:29:29.0843 0x2f04 GpuEnergyDrv - ok
20:29:29.0851 0x2f04 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:29.0865 0x2f04 gupdate - ok
20:29:29.0873 0x2f04 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:29.0885 0x2f04 gupdatem - ok
20:29:29.0900 0x2f04 [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
20:29:29.0935 0x2f04 HdAudAddService - ok
20:29:29.0941 0x2f04 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:29:29.0961 0x2f04 HDAudBus - ok
20:29:29.0967 0x2f04 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\System32\drivers\HECIx64.sys
20:29:29.0976 0x2f04 HECIx64 - ok
20:29:29.0982 0x2f04 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:29:29.0999 0x2f04 HidBatt - ok
20:29:30.0007 0x2f04 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:29:30.0028 0x2f04 HidBth - ok
20:29:30.0033 0x2f04 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:29:30.0051 0x2f04 hidi2c - ok
20:29:30.0056 0x2f04 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys
20:29:30.0072 0x2f04 hidinterrupt - ok
20:29:30.0076 0x2f04 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:29:30.0095 0x2f04 HidIr - ok
20:29:30.0101 0x2f04 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\Windows\system32\hidserv.dll
20:29:30.0119 0x2f04 hidserv - ok
20:29:30.0124 0x2f04 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:29:30.0159 0x2f04 HidUsb - ok
20:29:30.0171 0x2f04 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:29:30.0205 0x2f04 HomeGroupListener - ok
20:29:30.0221 0x2f04 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:29:30.0259 0x2f04 HomeGroupProvider - ok
20:29:30.0266 0x2f04 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:29:30.0283 0x2f04 HpSAMD - ok
20:29:30.0319 0x2f04 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:29:30.0374 0x2f04 HTTP - ok
20:29:30.0381 0x2f04 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\Windows\System32\hvhostsvc.dll
20:29:30.0402 0x2f04 HvHost - ok
20:29:30.0408 0x2f04 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\Windows\system32\drivers\hvservice.sys
20:29:30.0424 0x2f04 hvservice - ok
20:29:30.0429 0x2f04 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:29:30.0444 0x2f04 hwpolicy - ok
20:29:30.0449 0x2f04 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:29:30.0465 0x2f04 hyperkbd - ok
20:29:30.0472 0x2f04 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:29:30.0494 0x2f04 i8042prt - ok
20:29:30.0499 0x2f04 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\Windows\System32\drivers\iagpio.sys
20:29:30.0518 0x2f04 iagpio - ok
20:29:30.0524 0x2f04 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\Windows\System32\drivers\iai2c.sys
20:29:30.0545 0x2f04 iai2c - ok
20:29:30.0550 0x2f04 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
20:29:30.0569 0x2f04 iaLPSS2i_GPIO2 - ok
20:29:30.0578 0x2f04 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
20:29:30.0595 0x2f04 iaLPSS2i_I2C - ok
20:29:30.0600 0x2f04 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:29:30.0611 0x2f04 iaLPSSi_GPIO - ok
20:29:30.0619 0x2f04 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:29:30.0642 0x2f04 iaLPSSi_I2C - ok
20:29:30.0664 0x2f04 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
20:29:30.0701 0x2f04 iaStorAV - ok
20:29:30.0718 0x2f04 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:29:30.0746 0x2f04 iaStorV - ok
20:29:30.0766 0x2f04 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\Windows\System32\drivers\ibbus.sys
20:29:30.0798 0x2f04 ibbus - ok
20:29:30.0809 0x2f04 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\Windows\System32\tetheringservice.dll
20:29:30.0837 0x2f04 icssvc - ok
20:29:30.0867 0x2f04 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\Windows\System32\ikeext.dll
20:29:30.0926 0x2f04 IKEEXT - ok
20:29:30.0931 0x2f04 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\Windows\System32\drivers\IndirectKmd.sys
20:29:30.0949 0x2f04 IndirectKmd - ok
20:29:31.0083 0x2f04 [ A15C6143EED6F615C4BBD28796C6BD49, 5D3E50F29FAA94F9EBCFE675A32E392367C4385CD3594CF37940B41D3F0A2810 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:29:31.0238 0x2f04 IntcAzAudAddService - ok
20:29:31.0247 0x2f04 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\Windows\system32\drivers\intelide.sys
20:29:31.0261 0x2f04 intelide - ok
20:29:31.0267 0x2f04 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\Windows\system32\drivers\intelpep.sys
20:29:31.0283 0x2f04 intelpep - ok
20:29:31.0291 0x2f04 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:29:31.0312 0x2f04 intelppm - ok
20:29:31.0318 0x2f04 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\Windows\system32\drivers\iorate.sys
20:29:31.0335 0x2f04 iorate - ok
20:29:31.0341 0x2f04 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:29:31.0362 0x2f04 IpFilterDriver - ok
20:29:31.0393 0x2f04 [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:29:31.0458 0x2f04 iphlpsvc - ok
20:29:31.0466 0x2f04 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:29:31.0482 0x2f04 IPMIDRV - ok
20:29:31.0492 0x2f04 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:29:31.0519 0x2f04 IPNAT - ok
20:29:31.0541 0x2f04 [ 913B3F329D1561411B19EF3DF4F85871, 0F503B1584499EC4DC4A55303AB55E8D04E024E48748874E830992DD93BC491B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:29:31.0566 0x2f04 iPod Service - ok
20:29:31.0571 0x2f04 [ 45F14ACEA013C63A070AC5DB19677620, F60D48E7456800E311B2B7FABB3C03919D47971230C743A118982FDE07E04847 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
20:29:31.0584 0x2f04 IpOverUsbSvc - ok
20:29:31.0593 0x2f04 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\Windows\system32\drivers\irda.sys
20:29:31.0615 0x2f04 irda - ok
20:29:31.0620 0x2f04 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:29:31.0639 0x2f04 IRENUM - ok
20:29:31.0645 0x2f04 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\Windows\System32\irmon.dll
20:29:31.0663 0x2f04 irmon - ok
20:29:31.0667 0x2f04 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:29:31.0682 0x2f04 isapnp - ok
20:29:31.0694 0x2f04 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:29:31.0717 0x2f04 iScsiPrt - ok
20:29:31.0723 0x2f04 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:29:31.0739 0x2f04 kbdclass - ok
20:29:31.0744 0x2f04 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:29:31.0769 0x2f04 kbdhid - ok
20:29:31.0774 0x2f04 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\Windows\System32\drivers\kdnic.sys
20:29:31.0793 0x2f04 kdnic - ok
20:29:31.0798 0x2f04 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\Windows\system32\lsass.exe
20:29:31.0814 0x2f04 KeyIso - ok
20:29:31.0822 0x2f04 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:29:31.0841 0x2f04 KSecDD - ok
20:29:31.0850 0x2f04 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:29:31.0869 0x2f04 KSecPkg - ok
20:29:31.0874 0x2f04 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:29:31.0898 0x2f04 ksthunk - ok
20:29:31.0913 0x2f04 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:29:31.0948 0x2f04 KtmRm - ok
20:29:31.0957 0x2f04 [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C C:\Windows\System32\drivers\L1C63x64.sys
20:29:31.0978 0x2f04 L1C - ok
20:29:31.0991 0x2f04 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:29:32.0025 0x2f04 LanmanServer - ok
20:29:32.0038 0x2f04 [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:29:32.0072 0x2f04 LanmanWorkstation - ok
20:29:32.0079 0x2f04 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\Windows\System32\lfsvc.dll
20:29:32.0098 0x2f04 lfsvc - ok
20:29:32.0103 0x2f04 [ 5E7641AECAC4CFC7B4B442B461A25C83, 1F6AF4ED863C17A1A326A4CB0D289EAABFAD748A6B0A7CE40CF842694572FDB7 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
20:29:32.0116 0x2f04 LGBusEnum - ok
20:29:32.0121 0x2f04 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
20:29:32.0130 0x2f04 LGCoreTemp - ok
20:29:32.0137 0x2f04 [ 7D24DEBE7BC0C01A30A9A65806B61453, 342E758AD6F88E3FA83B69F26836A9F54D1A3BE344D1D2F9C6394E085E5FCA92 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
20:29:32.0149 0x2f04 LGJoyXlCore - ok
20:29:32.0154 0x2f04 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
20:29:32.0165 0x2f04 LGSHidFilt - ok
20:29:32.0170 0x2f04 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
20:29:32.0179 0x2f04 LGSUsbFilt - ok
20:29:32.0185 0x2f04 [ DBEAB45BA2B47C057F3BAE5AD0654173, 9660B803F4AD4BD3427F1A24D09B2712E4DC0E25A18942984AF01750D77C118C ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
20:29:32.0196 0x2f04 LGVirHid - ok
20:29:32.0201 0x2f04 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll
20:29:32.0226 0x2f04 LicenseManager - ok
20:29:32.0232 0x2f04 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\Windows\system32\drivers\lltdio.sys
20:29:32.0251 0x2f04 lltdio - ok
20:29:32.0262 0x2f04 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:29:32.0296 0x2f04 lltdsvc - ok
20:29:32.0301 0x2f04 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:29:32.0321 0x2f04 lmhosts - ok
20:29:32.0329 0x2f04 [ 7159380FEF0F34EEBFEACF261F25EB76, 78E7AE140C80A6C3BBF93F87DFB0BD3D9456A4C8F386758ED2A2FD544A10D494 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
20:29:32.0342 0x2f04 LogiRegistryService - ok
20:29:32.0352 0x2f04 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:29:32.0371 0x2f04 LSI_SAS - ok
20:29:32.0377 0x2f04 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys
20:29:32.0395 0x2f04 LSI_SAS2i - ok
20:29:32.0402 0x2f04 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys
20:29:32.0420 0x2f04 LSI_SAS3i - ok
20:29:32.0425 0x2f04 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:29:32.0442 0x2f04 LSI_SSS - ok
20:29:32.0466 0x2f04 [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\Windows\System32\lsm.dll
20:29:32.0522 0x2f04 LSM - ok
20:29:32.0530 0x2f04 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\Windows\system32\drivers\luafv.sys
20:29:32.0556 0x2f04 luafv - ok
20:29:32.0563 0x2f04 [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker C:\Windows\System32\moshost.dll
20:29:32.0590 0x2f04 MapsBroker - ok
20:29:32.0595 0x2f04 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\Windows\system32\drivers\megasas.sys
20:29:32.0612 0x2f04 megasas - ok
20:29:32.0617 0x2f04 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\Windows\system32\drivers\MegaSas2i.sys
20:29:32.0634 0x2f04 megasas2i - ok
20:29:32.0654 0x2f04 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\Windows\system32\drivers\megasr.sys
20:29:32.0689 0x2f04 megasr - ok
20:29:32.0696 0x2f04 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
20:29:32.0716 0x2f04 MessagingService - ok
20:29:32.0747 0x2f04 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys
20:29:32.0791 0x2f04 mlx4_bus - ok
20:29:32.0798 0x2f04 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\Windows\system32\drivers\mmcss.sys
20:29:32.0817 0x2f04 MMCSS - ok
20:29:32.0822 0x2f04 [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\Windows\system32\drivers\modem.sys
20:29:32.0845 0x2f04 Modem - ok
20:29:32.0851 0x2f04 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\Windows\System32\drivers\monitor.sys
20:29:32.0869 0x2f04 monitor - ok
20:29:32.0874 0x2f04 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:29:32.0890 0x2f04 mouclass - ok
20:29:32.0895 0x2f04 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:29:32.0913 0x2f04 mouhid - ok
20:29:32.0920 0x2f04 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:29:32.0938 0x2f04 mountmgr - ok
20:29:32.0944 0x2f04 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:29:32.0963 0x2f04 mpsdrv - ok
20:29:32.0992 0x2f04 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:29:33.0052 0x2f04 MpsSvc - ok
20:29:33.0061 0x2f04 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:29:33.0105 0x2f04 MRxDAV - ok
20:29:33.0122 0x2f04 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:29:33.0150 0x2f04 mrxsmb - ok
20:29:33.0162 0x2f04 [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:29:33.0196 0x2f04 mrxsmb10 - ok
20:29:33.0207 0x2f04 [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:29:33.0227 0x2f04 mrxsmb20 - ok
20:29:33.0236 0x2f04 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\Windows\system32\drivers\bridge.sys
20:29:33.0257 0x2f04 MsBridge - ok
20:29:33.0265 0x2f04 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\Windows\System32\msdtc.exe
20:29:33.0290 0x2f04 MSDTC - ok
20:29:33.0298 0x2f04 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:29:33.0316 0x2f04 Msfs - ok
20:29:33.0321 0x2f04 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:29:33.0337 0x2f04 msgpiowin32 - ok
20:29:33.0342 0x2f04 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:29:33.0359 0x2f04 mshidkmdf - ok
20:29:33.0364 0x2f04 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:29:33.0380 0x2f04 mshidumdf - ok
20:29:33.0385 0x2f04 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:29:33.0400 0x2f04 msisadrv - ok
20:29:33.0409 0x2f04 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:29:33.0455 0x2f04 MSiSCSI - ok
20:29:33.0460 0x2f04 msiserver - ok
20:29:33.0465 0x2f04 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\Windows\system32\DRIVERS\MSKSSRV.sys
20:29:33.0489 0x2f04 MSKSSRV - ok
20:29:33.0495 0x2f04 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\Windows\system32\drivers\mslldp.sys
20:29:33.0517 0x2f04 MsLldp - ok
20:29:33.0521 0x2f04 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\Windows\system32\DRIVERS\MSPCLOCK.sys
20:29:33.0544 0x2f04 MSPCLOCK - ok
20:29:33.0549 0x2f04 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\Windows\system32\DRIVERS\MSPQM.sys
20:29:33.0572 0x2f04 MSPQM - ok
20:29:33.0587 0x2f04 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:29:33.0612 0x2f04 MsRPC - ok
20:29:33.0620 0x2f04 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:29:33.0635 0x2f04 mssmbios - ok
20:29:33.0639 0x2f04 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\Windows\system32\DRIVERS\MSTEE.sys
20:29:33.0663 0x2f04 MSTEE - ok
20:29:33.0668 0x2f04 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:29:33.0685 0x2f04 MTConfig - ok
20:29:33.0690 0x2f04 [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
20:29:33.0697 0x2f04 MTsensor - ok
20:29:33.0704 0x2f04 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:29:33.0722 0x2f04 Mup - ok
20:29:33.0728 0x2f04 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:29:33.0745 0x2f04 mvumis - ok
20:29:33.0764 0x2f04 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:29:33.0811 0x2f04 NativeWifiP - ok
20:29:33.0820 0x2f04 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:29:33.0847 0x2f04 NcaSvc - ok
20:29:33.0861 0x2f04 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\Windows\System32\ncbservice.dll
20:29:33.0895 0x2f04 NcbService - ok
20:29:33.0901 0x2f04 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:29:33.0937 0x2f04 NcdAutoSetup - ok
20:29:33.0944 0x2f04 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys
20:29:33.0961 0x2f04 ndfltr - ok
20:29:34.0002 0x2f04 [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS C:\Windows\system32\drivers\ndis.sys
20:29:34.0060 0x2f04 NDIS - ok
20:29:34.0067 0x2f04 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys
20:29:34.0085 0x2f04 NdisCap - ok
20:29:34.0092 0x2f04 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys
20:29:34.0133 0x2f04 NdisImPlatform - ok
20:29:34.0138 0x2f04 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:29:34.0161 0x2f04 NdisTapi - ok
20:29:34.0167 0x2f04 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys
20:29:34.0185 0x2f04 Ndisuio - ok
20:29:34.0189 0x2f04 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
20:29:34.0207 0x2f04 NdisVirtualBus - ok
20:29:34.0216 0x2f04 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\Windows\System32\drivers\ndiswan.sys
20:29:34.0250 0x2f04 NdisWan - ok
20:29:34.0258 0x2f04 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys
20:29:34.0289 0x2f04 ndiswanlegacy - ok
20:29:34.0295 0x2f04 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys
20:29:34.0320 0x2f04 ndproxy - ok
20:29:34.0328 0x2f04 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:29:34.0358 0x2f04 Ndu - ok
20:29:34.0363 0x2f04 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\System32\drivers\netaapl64.sys
20:29:34.0404 0x2f04 Netaapl - ok
20:29:34.0410 0x2f04 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\Windows\system32\drivers\NetAdapterCx.sys
20:29:34.0431 0x2f04 NetAdapterCx - ok
20:29:34.0437 0x2f04 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\Windows\system32\drivers\netbios.sys
20:29:34.0453 0x2f04 NetBIOS - ok
20:29:34.0467 0x2f04 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:29:34.0496 0x2f04 NetBT - ok
20:29:34.0502 0x2f04 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\Windows\system32\lsass.exe
20:29:34.0519 0x2f04 Netlogon - ok
20:29:34.0530 0x2f04 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\Windows\System32\netman.dll
20:29:34.0559 0x2f04 Netman - ok
20:29:34.0578 0x2f04 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\Windows\System32\netprofmsvc.dll
20:29:34.0619 0x2f04 netprofm - ok
20:29:34.0632 0x2f04 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll
20:29:34.0669 0x2f04 NetSetupSvc - ok
20:29:34.0680 0x2f04 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:34.0700 0x2f04 NetTcpPortSharing - ok
20:29:34.0715 0x2f04 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll
20:29:34.0750 0x2f04 NgcCtnrSvc - ok
20:29:34.0782 0x2f04 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\Windows\system32\ngcsvc.dll
20:29:34.0852 0x2f04 NgcSvc - ok
20:29:34.0866 0x2f04 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:29:34.0899 0x2f04 NlaSvc - ok
20:29:34.0905 0x2f04 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
20:29:34.0914 0x2f04 NPF - ok
20:29:34.0920 0x2f04 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:29:34.0938 0x2f04 Npfs - ok
20:29:34.0943 0x2f04 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:29:34.0960 0x2f04 npsvctrig - ok
20:29:34.0965 0x2f04 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\Windows\system32\nsisvc.dll
20:29:34.0984 0x2f04 nsi - ok
20:29:34.0989 0x2f04 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:29:35.0008 0x2f04 nsiproxy - ok
20:29:35.0078 0x2f04 [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS C:\Windows\system32\drivers\NTFS.sys
20:29:35.0163 0x2f04 NTFS - ok
20:29:35.0171 0x2f04 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\Windows\system32\drivers\Null.sys
20:29:35.0188 0x2f04 Null - ok
20:29:35.0197 0x2f04 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:29:35.0215 0x2f04 nvraid - ok
20:29:35.0224 0x2f04 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:29:35.0244 0x2f04 nvstor - ok
20:29:35.0258 0x2f04 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\Windows\System32\APHostService.dll
20:29:35.0293 0x2f04 OneSyncSvc - ok
20:29:35.0307 0x2f04 [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:29:35.0326 0x2f04 ose - ok
20:29:35.0339 0x2f04 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:29:35.0375 0x2f04 p2pimsvc - ok
20:29:35.0392 0x2f04 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\Windows\system32\p2psvc.dll
20:29:35.0428 0x2f04 p2psvc - ok
20:29:35.0437 0x2f04 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\Windows\System32\drivers\parport.sys
20:29:35.0457 0x2f04 Parport - ok
20:29:35.0465 0x2f04 [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:29:35.0483 0x2f04 partmgr - ok
20:29:35.0501 0x2f04 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\Windows\System32\pcasvc.dll
20:29:35.0534 0x2f04 PcaSvc - ok
20:29:35.0547 0x2f04 [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\Windows\system32\drivers\pci.sys
20:29:35.0573 0x2f04 pci - ok
20:29:35.0578 0x2f04 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\Windows\system32\drivers\pciide.sys
20:29:35.0593 0x2f04 pciide - ok
20:29:35.0601 0x2f04 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:29:35.0618 0x2f04 pcmcia - ok
20:29:35.0623 0x2f04 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\Windows\system32\drivers\pcw.sys
20:29:35.0641 0x2f04 pcw - ok
20:29:35.0647 0x2f04 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\Windows\system32\drivers\pdc.sys
20:29:35.0666 0x2f04 pdc - ok
20:29:35.0691 0x2f04 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:29:35.0745 0x2f04 PEAUTH - ok
20:29:35.0752 0x2f04 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\Windows\system32\drivers\percsas2i.sys
20:29:35.0768 0x2f04 percsas2i - ok
20:29:35.0776 0x2f04 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\Windows\system32\drivers\percsas3i.sys
20:29:35.0792 0x2f04 percsas3i - ok
20:29:35.0825 0x2f04 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:29:35.0846 0x2f04 PerfHost - ok
20:29:35.0877 0x2f04 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\Windows\System32\PhoneService.dll
20:29:35.0930 0x2f04 PhoneSvc - ok
20:29:35.0941 0x2f04 [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
20:29:35.0973 0x2f04 PimIndexMaintenanceSvc - ok
20:29:36.0021 0x2f04 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\Windows\system32\pla.dll
20:29:36.0104 0x2f04 pla - ok
20:29:36.0113 0x2f04 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:29:36.0140 0x2f04 PlugPlay - ok
20:29:36.0144 0x2f04 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:29:36.0162 0x2f04 PNRPAutoReg - ok
20:29:36.0174 0x2f04 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:29:36.0206 0x2f04 PNRPsvc - ok
20:29:36.0221 0x2f04 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:29:36.0256 0x2f04 PolicyAgent - ok
20:29:36.0265 0x2f04 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\Windows\system32\umpo.dll
20:29:36.0292 0x2f04 Power - ok
20:29:36.0300 0x2f04 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\Windows\System32\drivers\raspptp.sys
20:29:36.0326 0x2f04 PptpMiniport - ok
20:29:36.0430 0x2f04 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:29:36.0604 0x2f04 PrintNotify - ok
20:29:36.0616 0x2f04 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\Windows\System32\drivers\processr.sys
20:29:36.0639 0x2f04 Processor - ok
Geändert von pitti911 (16.02.2017 um 22:03 Uhr) |
|
16.02.2017, 22:04
| #10 |
| | Avast - svchost geblockt Malware Link Teil 2: Code:
ATTFilter 20:29:36.0652 0x2f04 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\Windows\system32\profsvc.dll
20:29:36.0692 0x2f04 ProfSvc - ok
20:29:36.0701 0x2f04 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\Windows\system32\drivers\pacer.sys
20:29:36.0720 0x2f04 Psched - ok
20:29:36.0732 0x2f04 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\Windows\system32\qwave.dll
20:29:36.0761 0x2f04 QWAVE - ok
20:29:36.0767 0x2f04 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:29:36.0785 0x2f04 QWAVEdrv - ok
20:29:36.0790 0x2f04 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:29:36.0805 0x2f04 RasAcd - ok
20:29:36.0812 0x2f04 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\Windows\System32\drivers\AgileVpn.sys
20:29:36.0839 0x2f04 RasAgileVpn - ok
20:29:36.0846 0x2f04 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\Windows\System32\rasauto.dll
20:29:36.0868 0x2f04 RasAuto - ok
20:29:36.0874 0x2f04 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\Windows\System32\drivers\rasl2tp.sys
20:29:36.0904 0x2f04 Rasl2tp - ok
20:29:36.0927 0x2f04 [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan C:\Windows\System32\rasmans.dll
20:29:36.0982 0x2f04 RasMan - ok
20:29:36.0989 0x2f04 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:29:37.0010 0x2f04 RasPppoe - ok
20:29:37.0017 0x2f04 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\Windows\System32\drivers\rassstp.sys
20:29:37.0042 0x2f04 RasSstp - ok
20:29:37.0061 0x2f04 [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:29:37.0090 0x2f04 rdbss - ok
20:29:37.0097 0x2f04 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:29:37.0114 0x2f04 rdpbus - ok
20:29:37.0123 0x2f04 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:29:37.0148 0x2f04 RDPDR - ok
20:29:37.0157 0x2f04 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:29:37.0174 0x2f04 RdpVideoMiniport - ok
20:29:37.0192 0x2f04 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:29:37.0220 0x2f04 rdyboost - ok
20:29:37.0251 0x2f04 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\Windows\system32\drivers\ReFSv1.sys
20:29:37.0295 0x2f04 ReFSv1 - ok
20:29:37.0315 0x2f04 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:29:37.0360 0x2f04 RemoteAccess - ok
20:29:37.0365 0x2f04 [ 10E4D1F67A369A3F6E9CE00AC4A43BE0, D41D7DD9CBFB718AFE94883AE8E79832D4DA3321878BEAB81F4382DC1DFAB8A7 ] RemoteMouseService C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
20:29:37.0371 0x2f04 RemoteMouseService - detected UnsignedFile.Multi.Generic ( 1 )
20:29:37.0465 0x2f04 Detect skipped due to KSN trusted
20:29:37.0465 0x2f04 RemoteMouseService - ok
20:29:37.0473 0x2f04 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:29:37.0505 0x2f04 RemoteRegistry - ok
20:29:37.0527 0x2f04 [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo C:\Windows\system32\RDXService.dll
20:29:37.0579 0x2f04 RetailDemo - ok
20:29:37.0589 0x2f04 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
20:29:37.0612 0x2f04 RFCOMM - ok
20:29:37.0621 0x2f04 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\Windows\System32\RMapi.dll
20:29:37.0645 0x2f04 RmSvc - ok
20:29:37.0652 0x2f04 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
20:29:37.0663 0x2f04 rpcapd - ok
20:29:37.0669 0x2f04 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:29:37.0691 0x2f04 RpcEptMapper - ok
20:29:37.0695 0x2f04 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\Windows\system32\locator.exe
20:29:37.0712 0x2f04 RpcLocator - ok
20:29:37.0740 0x2f04 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\Windows\system32\rpcss.dll
20:29:37.0796 0x2f04 RpcSs - ok
20:29:37.0804 0x2f04 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\Windows\system32\drivers\rspndr.sys
20:29:37.0824 0x2f04 rspndr - ok
20:29:37.0828 0x2f04 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:29:37.0844 0x2f04 s3cap - ok
20:29:37.0849 0x2f04 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\Windows\system32\lsass.exe
20:29:37.0865 0x2f04 SamSs - ok
20:29:37.0872 0x2f04 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:29:37.0890 0x2f04 sbp2port - ok
20:29:37.0901 0x2f04 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:29:37.0946 0x2f04 SCardSvr - ok
20:29:37.0955 0x2f04 [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
20:29:37.0982 0x2f04 ScDeviceEnum - ok
20:29:37.0987 0x2f04 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:29:38.0020 0x2f04 scfilter - ok
20:29:38.0052 0x2f04 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\Windows\system32\schedsvc.dll
20:29:38.0117 0x2f04 Schedule - ok
20:29:38.0125 0x2f04 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\Windows\system32\drivers\scmbus.sys
20:29:38.0142 0x2f04 scmbus - ok
20:29:38.0150 0x2f04 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\Windows\System32\drivers\scmdisk0101.sys
20:29:38.0172 0x2f04 scmdisk0101 - ok
20:29:38.0182 0x2f04 [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:29:38.0204 0x2f04 SCPolicySvc - ok
20:29:38.0216 0x2f04 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:29:38.0240 0x2f04 sdbus - ok
20:29:38.0249 0x2f04 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:29:38.0273 0x2f04 SDRSVC - ok
20:29:38.0280 0x2f04 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:29:38.0298 0x2f04 sdstor - ok
20:29:38.0303 0x2f04 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\Windows\system32\seclogon.dll
20:29:38.0321 0x2f04 seclogon - ok
20:29:38.0327 0x2f04 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\Windows\System32\sens.dll
20:29:38.0352 0x2f04 SENS - ok
20:29:38.0396 0x2f04 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\Windows\System32\SensorDataService.exe
20:29:38.0475 0x2f04 SensorDataService - ok
20:29:38.0493 0x2f04 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\Windows\system32\SensorService.dll
20:29:38.0534 0x2f04 SensorService - ok
20:29:38.0543 0x2f04 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:29:38.0569 0x2f04 SensrSvc - ok
20:29:38.0575 0x2f04 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:29:38.0592 0x2f04 SerCx - ok
20:29:38.0600 0x2f04 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
20:29:38.0618 0x2f04 SerCx2 - ok
20:29:38.0623 0x2f04 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\Windows\System32\drivers\serenum.sys
20:29:38.0641 0x2f04 Serenum - ok
20:29:38.0648 0x2f04 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\Windows\System32\drivers\serial.sys
20:29:38.0667 0x2f04 Serial - ok
20:29:38.0673 0x2f04 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:29:38.0689 0x2f04 sermouse - ok
20:29:38.0709 0x2f04 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\Windows\system32\sessenv.dll
20:29:38.0748 0x2f04 SessionEnv - ok
20:29:38.0753 0x2f04 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:29:38.0769 0x2f04 sfloppy - ok
20:29:38.0790 0x2f04 [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:29:38.0836 0x2f04 SharedAccess - ok
20:29:38.0859 0x2f04 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:29:38.0912 0x2f04 ShellHWDetection - ok
20:29:38.0921 0x2f04 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\Windows\system32\Windows.SharedPC.AccountManager.dll
20:29:38.0947 0x2f04 shpamsvc - ok
20:29:38.0952 0x2f04 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:29:38.0969 0x2f04 SiSRaid2 - ok
20:29:38.0975 0x2f04 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:29:38.0991 0x2f04 SiSRaid4 - ok
20:29:39.0004 0x2f04 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:29:39.0037 0x2f04 SkypeUpdate - ok
20:29:39.0043 0x2f04 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\Windows\System32\smphost.dll
20:29:39.0068 0x2f04 smphost - ok
20:29:39.0089 0x2f04 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\Windows\system32\SmsRouterSvc.dll
20:29:39.0134 0x2f04 SmsRouter - ok
20:29:39.0143 0x2f04 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:29:39.0162 0x2f04 SNMPTRAP - ok
20:29:39.0181 0x2f04 [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:29:39.0214 0x2f04 spaceport - ok
20:29:39.0221 0x2f04 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:29:39.0238 0x2f04 SpbCx - ok
20:29:39.0266 0x2f04 [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler C:\Windows\System32\spoolsv.exe
20:29:39.0327 0x2f04 Spooler - ok
20:29:39.0490 0x2f04 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\Windows\system32\sppsvc.exe
20:29:39.0706 0x2f04 sppsvc - ok
20:29:39.0727 0x2f04 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\Windows\system32\DRIVERS\srv.sys
20:29:39.0760 0x2f04 srv - ok
20:29:39.0784 0x2f04 [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:29:39.0838 0x2f04 srv2 - ok
20:29:39.0850 0x2f04 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:29:39.0876 0x2f04 srvnet - ok
20:29:39.0887 0x2f04 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:29:39.0915 0x2f04 SSDPSRV - ok
20:29:39.0925 0x2f04 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:29:39.0952 0x2f04 SstpSvc - ok
20:29:39.0961 0x2f04 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:29:39.0976 0x2f04 ssudmdm - ok
20:29:40.0002 0x2f04 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
20:29:40.0032 0x2f04 ss_conn_service - ok
20:29:40.0152 0x2f04 [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\Windows\system32\windows.staterepository.dll
20:29:40.0366 0x2f04 StateRepository - ok
20:29:40.0375 0x2f04 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:29:40.0391 0x2f04 stexstor - ok
20:29:40.0395 0x2f04 [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
20:29:40.0413 0x2f04 StillCam - ok
20:29:40.0435 0x2f04 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\Windows\System32\wiaservc.dll
20:29:40.0483 0x2f04 stisvc - ok
20:29:40.0491 0x2f04 [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\Windows\system32\drivers\storahci.sys
20:29:40.0509 0x2f04 storahci - ok
20:29:40.0514 0x2f04 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:29:40.0529 0x2f04 storflt - ok
20:29:40.0536 0x2f04 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\Windows\system32\drivers\stornvme.sys
20:29:40.0553 0x2f04 stornvme - ok
20:29:40.0559 0x2f04 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\Windows\system32\drivers\storqosflt.sys
20:29:40.0579 0x2f04 storqosflt - ok
20:29:40.0593 0x2f04 [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\Windows\system32\storsvc.dll
20:29:40.0635 0x2f04 StorSvc - ok
20:29:40.0641 0x2f04 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\Windows\system32\drivers\storufs.sys
20:29:40.0655 0x2f04 storufs - ok
20:29:40.0660 0x2f04 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:29:40.0675 0x2f04 storvsc - ok
20:29:40.0679 0x2f04 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\Windows\system32\svsvc.dll
20:29:40.0700 0x2f04 svsvc - ok
20:29:40.0710 0x2f04 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\Windows\System32\drivers\swenum.sys
20:29:40.0726 0x2f04 swenum - ok
20:29:40.0741 0x2f04 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\Windows\System32\swprv.dll
20:29:40.0785 0x2f04 swprv - ok
20:29:40.0791 0x2f04 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys
20:29:40.0809 0x2f04 Synth3dVsc - ok
20:29:40.0822 0x2f04 [ 01A658167619075BAAD31C96074C0B38, B1113D6DAF15C62FF1A0D1D108D0C83660829B09E984DBB7AC2D7EFF0138A38A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:29:40.0840 0x2f04 SynTP - ok
20:29:40.0871 0x2f04 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\Windows\system32\sysmain.dll
20:29:40.0936 0x2f04 SysMain - ok
20:29:40.0951 0x2f04 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:29:40.0985 0x2f04 SystemEventsBroker - ok
20:29:40.0993 0x2f04 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:29:41.0020 0x2f04 TabletInputService - ok
20:29:41.0034 0x2f04 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:29:41.0065 0x2f04 TapiSrv - ok
20:29:41.0138 0x2f04 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:29:41.0239 0x2f04 Tcpip - ok
20:29:41.0315 0x2f04 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys
20:29:41.0408 0x2f04 Tcpip6 - ok
20:29:41.0419 0x2f04 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:29:41.0439 0x2f04 tcpipreg - ok
20:29:41.0450 0x2f04 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:29:41.0468 0x2f04 tdx - ok
20:29:41.0476 0x2f04 [ 2625DD0C44FEB294E4096E129938C618, 50CD1F8618C46911A1A5DF62797AC16BD88E1915288D62B09BF2BDB44472C68B ] Te.Service C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
20:29:41.0510 0x2f04 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
20:29:41.0610 0x2f04 Detect skipped due to KSN trusted
20:29:41.0610 0x2f04 Te.Service - ok
20:29:41.0892 0x2f04 [ 44449A0EB8EBD8DCBC3ED4BB62BA3A5F, 168197015D1E5ED71775250084C224A1100E0F989A6D1CC4102004E5AAD74F3A ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
20:29:42.0185 0x2f04 TeamViewer - ok
20:29:42.0202 0x2f04 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:29:42.0217 0x2f04 terminpt - ok
20:29:42.0250 0x2f04 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\Windows\System32\termsrv.dll
20:29:42.0317 0x2f04 TermService - ok
20:29:42.0325 0x2f04 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\Windows\system32\themeservice.dll
20:29:42.0353 0x2f04 Themes - ok
20:29:42.0365 0x2f04 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
20:29:42.0399 0x2f04 TieringEngineService - ok
20:29:42.0419 0x2f04 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
20:29:42.0463 0x2f04 tiledatamodelsvc - ok
20:29:42.0474 0x2f04 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\Windows\System32\TimeBrokerServer.dll
20:29:42.0499 0x2f04 TimeBrokerSvc - ok
20:29:42.0508 0x2f04 [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\Windows\System32\drivers\tpm.sys
20:29:42.0530 0x2f04 TPM - ok
20:29:42.0538 0x2f04 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\Windows\System32\trkwks.dll
20:29:42.0559 0x2f04 TrkWks - ok
20:29:42.0567 0x2f04 [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:29:42.0595 0x2f04 TrustedInstaller - ok
20:29:42.0603 0x2f04 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\Windows\system32\drivers\TsUsbFlt.sys
20:29:42.0623 0x2f04 tsusbflt - ok
20:29:42.0628 0x2f04 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:29:42.0645 0x2f04 TsUsbGD - ok
20:29:42.0654 0x2f04 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\Windows\System32\drivers\tunnel.sys
20:29:42.0676 0x2f04 tunnel - ok
20:29:42.0683 0x2f04 [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\Windows\system32\tzautoupdate.dll
20:29:42.0711 0x2f04 tzautoupdate - ok
20:29:42.0717 0x2f04 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:29:42.0733 0x2f04 UASPStor - ok
20:29:42.0739 0x2f04 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys
20:29:42.0760 0x2f04 UcmCx0101 - ok
20:29:42.0767 0x2f04 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\Windows\system32\Drivers\UcmTcpciCx.sys
20:29:42.0788 0x2f04 UcmTcpciCx0101 - ok
20:29:42.0793 0x2f04 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys
20:29:42.0810 0x2f04 UcmUcsi - ok
20:29:42.0820 0x2f04 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys
20:29:42.0841 0x2f04 Ucx01000 - ok
20:29:42.0845 0x2f04 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\Windows\system32\drivers\udecx.sys
20:29:42.0864 0x2f04 UdeCx - ok
20:29:42.0877 0x2f04 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:29:42.0913 0x2f04 udfs - ok
20:29:42.0919 0x2f04 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\Windows\System32\drivers\UEFI.sys
20:29:42.0933 0x2f04 UEFI - ok
20:29:42.0944 0x2f04 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys
20:29:42.0967 0x2f04 Ufx01000 - ok
20:29:42.0974 0x2f04 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys
20:29:42.0991 0x2f04 UfxChipidea - ok
20:29:42.0999 0x2f04 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys
20:29:43.0019 0x2f04 ufxsynopsys - ok
20:29:43.0028 0x2f04 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:29:43.0050 0x2f04 UI0Detect - ok
20:29:43.0055 0x2f04 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\Windows\System32\drivers\umbus.sys
20:29:43.0074 0x2f04 umbus - ok
20:29:43.0078 0x2f04 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\Windows\System32\drivers\umpass.sys
20:29:43.0093 0x2f04 UmPass - ok
20:29:43.0105 0x2f04 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\Windows\System32\umrdp.dll
20:29:43.0134 0x2f04 UmRdpService - ok
20:29:43.0172 0x2f04 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\Windows\System32\unistore.dll
20:29:43.0243 0x2f04 UnistoreSvc - ok
20:29:43.0263 0x2f04 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\Windows\System32\upnphost.dll
20:29:43.0307 0x2f04 upnphost - ok
20:29:43.0312 0x2f04 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys
20:29:43.0327 0x2f04 UrsChipidea - ok
20:29:43.0333 0x2f04 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys
20:29:43.0349 0x2f04 UrsCx01000 - ok
20:29:43.0354 0x2f04 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys
20:29:43.0369 0x2f04 UrsSynopsys - ok
20:29:43.0374 0x2f04 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
20:29:43.0426 0x2f04 USBAAPL64 - ok
20:29:43.0435 0x2f04 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:29:43.0455 0x2f04 usbccgp - ok
20:29:43.0463 0x2f04 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:29:43.0484 0x2f04 usbcir - ok
20:29:43.0491 0x2f04 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:29:43.0508 0x2f04 usbehci - ok
20:29:43.0526 0x2f04 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:29:43.0558 0x2f04 usbhub - ok
20:29:43.0576 0x2f04 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:29:43.0609 0x2f04 USBHUB3 - ok
20:29:43.0614 0x2f04 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:29:43.0632 0x2f04 usbohci - ok
20:29:43.0638 0x2f04 [ BC26F06004E97CFBC8C04E995A320881, 400844A3BD36FCF8C35D1B56D90DACDF8F445D94DF3DF352AB448C26F132D565 ] USBPcap C:\Windows\system32\DRIVERS\USBPcap.sys
20:29:43.0650 0x2f04 USBPcap - ok
20:29:43.0654 0x2f04 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:29:43.0672 0x2f04 usbprint - ok
20:29:43.0678 0x2f04 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\Windows\System32\drivers\usbser.sys
20:29:43.0696 0x2f04 usbser - ok
20:29:43.0704 0x2f04 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:29:43.0723 0x2f04 USBSTOR - ok
20:29:43.0728 0x2f04 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:29:43.0744 0x2f04 usbuhci - ok
20:29:43.0755 0x2f04 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:29:43.0788 0x2f04 usbvideo - ok
20:29:43.0802 0x2f04 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:29:43.0829 0x2f04 USBXHCI - ok
20:29:43.0875 0x2f04 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\Windows\System32\userdataservice.dll
20:29:43.0960 0x2f04 UserDataSvc - ok
20:29:43.0997 0x2f04 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\Windows\System32\usermgr.dll
20:29:44.0069 0x2f04 UserManager - ok
20:29:44.0090 0x2f04 [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc C:\Windows\system32\usocore.dll
20:29:44.0137 0x2f04 UsoSvc - ok
20:29:44.0143 0x2f04 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\Windows\system32\lsass.exe
20:29:44.0159 0x2f04 VaultSvc - ok
20:29:44.0190 0x2f04 [ 0D9780E8495C84911491AE1603711E39, 4D9E1157CA84E0DE1A1BFB9A75576AA49B37BD02F780CC84012A79720B183F0F ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
20:29:44.0229 0x2f04 VBoxDrv - ok
20:29:44.0238 0x2f04 [ 45633D58D5DB28E5F210CF51588E537D, DF88F66E360535966557249127AC17EC11746F478DC73210526E2545422C77FF ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
20:29:44.0250 0x2f04 VBoxNetAdp - ok
20:29:44.0259 0x2f04 [ B802AC859F5BEF61FFB24F1513755106, 54A75B61946D7B8B4A61C15BE79D81E8D10B08D8BE4F6F02BB6A4DC0DF9A6B76 ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
20:29:44.0273 0x2f04 VBoxNetLwf - ok
20:29:44.0282 0x2f04 [ B79F4C1E062395A5724C89919EBE3144, 413D31B9433AA92695A4F32FE003176ACC17E588C8DF4AE8BC404621A0FC9185 ] VBoxUSB C:\Windows\System32\Drivers\VBoxUSB.sys
20:29:44.0317 0x2f04 VBoxUSB - ok
20:29:44.0326 0x2f04 [ FEB686C223F7EA10B530108C81BB110B, 79AAAE2345694617F7A35068F0614E256B179A803C14639591B1DC796CB92F47 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
20:29:44.0339 0x2f04 VBoxUSBMon - ok
20:29:44.0344 0x2f04 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:29:44.0360 0x2f04 vdrvroot - ok
20:29:44.0383 0x2f04 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\Windows\System32\vds.exe
20:29:44.0433 0x2f04 vds - ok
20:29:44.0444 0x2f04 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:29:44.0465 0x2f04 VerifierExt - ok
20:29:44.0490 0x2f04 [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:29:44.0529 0x2f04 vhdmp - ok
20:29:44.0535 0x2f04 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\Windows\System32\drivers\vhf.sys
20:29:44.0552 0x2f04 vhf - ok
20:29:44.0558 0x2f04 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:29:44.0576 0x2f04 vmbus - ok
20:29:44.0580 0x2f04 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:29:44.0596 0x2f04 VMBusHID - ok
20:29:44.0601 0x2f04 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\Windows\System32\drivers\vmgid.sys
20:29:44.0617 0x2f04 vmgid - ok
20:29:44.0632 0x2f04 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\Windows\System32\icsvc.dll
20:29:44.0667 0x2f04 vmicguestinterface - ok
20:29:44.0678 0x2f04 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\Windows\System32\icsvc.dll
20:29:44.0705 0x2f04 vmicheartbeat - ok
20:29:44.0718 0x2f04 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\Windows\System32\icsvc.dll
20:29:44.0745 0x2f04 vmickvpexchange - ok
20:29:44.0759 0x2f04 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv C:\Windows\System32\icsvcext.dll
20:29:44.0797 0x2f04 vmicrdv - ok
20:29:44.0809 0x2f04 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\Windows\System32\icsvc.dll
20:29:44.0838 0x2f04 vmicshutdown - ok
20:29:44.0849 0x2f04 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\Windows\System32\icsvc.dll
20:29:44.0877 0x2f04 vmictimesync - ok
20:29:44.0889 0x2f04 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\Windows\System32\icsvc.dll
20:29:44.0917 0x2f04 vmicvmsession - ok
20:29:44.0932 0x2f04 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss C:\Windows\System32\icsvcext.dll
20:29:44.0962 0x2f04 vmicvss - ok
20:29:44.0968 0x2f04 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:29:44.0985 0x2f04 volmgr - ok
20:29:44.0998 0x2f04 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:29:45.0027 0x2f04 volmgrx - ok
20:29:45.0042 0x2f04 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:29:45.0070 0x2f04 volsnap - ok
20:29:45.0075 0x2f04 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\Windows\system32\drivers\volume.sys
20:29:45.0089 0x2f04 volume - ok
20:29:45.0096 0x2f04 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\Windows\System32\drivers\vpci.sys
20:29:45.0112 0x2f04 vpci - ok
20:29:45.0121 0x2f04 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:29:45.0142 0x2f04 vsmraid - ok
20:29:45.0187 0x2f04 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\Windows\system32\vssvc.exe
20:29:45.0275 0x2f04 VSS - ok
20:29:45.0289 0x2f04 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:29:45.0314 0x2f04 VSTXRAID - ok
20:29:45.0320 0x2f04 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:29:45.0338 0x2f04 vwifibus - ok
20:29:45.0344 0x2f04 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\Windows\system32\drivers\vwififlt.sys
20:29:45.0364 0x2f04 vwififlt - ok
20:29:45.0369 0x2f04 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\Windows\System32\drivers\vwifimp.sys
20:29:45.0385 0x2f04 vwifimp - ok
20:29:45.0404 0x2f04 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\Windows\system32\w32time.dll
20:29:45.0451 0x2f04 W32Time - ok
20:29:45.0461 0x2f04 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:29:45.0478 0x2f04 WacomPen - ok
20:29:45.0494 0x2f04 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\Windows\system32\WalletService.dll
20:29:45.0531 0x2f04 WalletService - ok
20:29:45.0539 0x2f04 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:29:45.0565 0x2f04 wanarp - ok
20:29:45.0571 0x2f04 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:29:45.0595 0x2f04 wanarpv6 - ok
20:29:45.0645 0x2f04 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\Windows\system32\wbengine.exe
20:29:45.0737 0x2f04 wbengine - ok
20:29:45.0766 0x2f04 [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:29:45.0826 0x2f04 WbioSrvc - ok
20:29:45.0835 0x2f04 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\Windows\system32\drivers\wcifs.sys
20:29:45.0852 0x2f04 wcifs - ok
20:29:45.0876 0x2f04 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:29:45.0933 0x2f04 Wcmsvc - ok
20:29:45.0951 0x2f04 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:29:45.0990 0x2f04 wcncsvc - ok
20:29:45.0997 0x2f04 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\Windows\system32\drivers\wcnfs.sys
20:29:46.0017 0x2f04 wcnfs - ok
20:29:46.0022 0x2f04 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:29:46.0038 0x2f04 WdBoot - ok
20:29:46.0044 0x2f04 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
20:29:46.0062 0x2f04 WDC_SAM - ok
20:29:46.0089 0x2f04 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:29:46.0131 0x2f04 Wdf01000 - ok
20:29:46.0144 0x2f04 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:29:46.0168 0x2f04 WdFilter - ok
20:29:46.0174 0x2f04 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:29:46.0200 0x2f04 WdiServiceHost - ok
20:29:46.0206 0x2f04 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:29:46.0232 0x2f04 WdiSystemHost - ok
20:29:46.0258 0x2f04 [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys
20:29:46.0331 0x2f04 wdiwifi - ok
20:29:46.0340 0x2f04 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
20:29:46.0358 0x2f04 WdNisDrv - ok
20:29:46.0363 0x2f04 WdNisSvc - ok
20:29:46.0375 0x2f04 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\Windows\System32\webclnt.dll
20:29:46.0406 0x2f04 WebClient - ok
20:29:46.0416 0x2f04 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:29:46.0448 0x2f04 Wecsvc - ok
20:29:46.0453 0x2f04 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
20:29:46.0475 0x2f04 WEPHOSTSVC - ok
20:29:46.0482 0x2f04 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:29:46.0511 0x2f04 wercplsupport - ok
20:29:46.0520 0x2f04 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\Windows\System32\WerSvc.dll
20:29:46.0545 0x2f04 WerSvc - ok
20:29:46.0554 0x2f04 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys
20:29:46.0573 0x2f04 WFPLWFS - ok
20:29:46.0580 0x2f04 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\Windows\System32\wiarpc.dll
20:29:46.0601 0x2f04 WiaRpc - ok
20:29:46.0606 0x2f04 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:29:46.0622 0x2f04 WIMMount - ok
20:29:46.0626 0x2f04 WinDefend - ok
20:29:46.0640 0x2f04 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
20:29:46.0657 0x2f04 WindowsTrustedRT - ok
20:29:46.0662 0x2f04 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
20:29:46.0676 0x2f04 WindowsTrustedRTProxy - ok
20:29:46.0703 0x2f04 [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:29:46.0759 0x2f04 WinHttpAutoProxySvc - ok
20:29:46.0765 0x2f04 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\Windows\System32\drivers\winmad.sys
20:29:46.0780 0x2f04 WinMad - ok
20:29:46.0796 0x2f04 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:29:46.0825 0x2f04 Winmgmt - ok
20:29:46.0904 0x2f04 [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\Windows\system32\WsmSvc.dll
20:29:47.0056 0x2f04 WinRM - ok
20:29:47.0070 0x2f04 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS
20:29:47.0103 0x2f04 WINUSB - ok
20:29:47.0109 0x2f04 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\Windows\System32\drivers\winverbs.sys
20:29:47.0125 0x2f04 WinVerbs - ok
20:29:47.0148 0x2f04 [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc C:\Windows\system32\flightsettings.dll
20:29:47.0198 0x2f04 wisvc - ok
20:29:47.0270 0x2f04 [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\Windows\System32\wlansvc.dll
20:29:47.0398 0x2f04 WlanSvc - ok
20:29:47.0464 0x2f04 [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:29:47.0583 0x2f04 wlidsvc - ok
20:29:47.0590 0x2f04 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:29:47.0607 0x2f04 WmiAcpi - ok
20:29:47.0619 0x2f04 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:29:47.0645 0x2f04 wmiApSrv - ok
20:29:47.0648 0x2f04 WMPNetworkSvc - ok
20:29:47.0660 0x2f04 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\Windows\system32\drivers\Wof.sys
20:29:47.0678 0x2f04 Wof - ok
20:29:47.0737 0x2f04 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
20:29:47.0842 0x2f04 workfolderssvc - ok
20:29:47.0851 0x2f04 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:29:47.0873 0x2f04 WPDBusEnum - ok
20:29:47.0878 0x2f04 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:29:47.0893 0x2f04 WpdUpFltr - ok
20:29:47.0904 0x2f04 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\Windows\system32\WpnService.dll
20:29:47.0932 0x2f04 WpnService - ok
20:29:47.0938 0x2f04 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\Windows\System32\WpnUserService.dll
20:29:47.0960 0x2f04 WpnUserService - ok
20:29:47.0967 0x2f04 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:29:47.0985 0x2f04 ws2ifsl - ok
20:29:47.0995 0x2f04 [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\Windows\System32\wscsvc.dll
20:29:48.0027 0x2f04 wscsvc - ok
20:29:48.0031 0x2f04 [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
20:29:48.0049 0x2f04 WSDPrintDevice - ok
20:29:48.0054 0x2f04 [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
20:29:48.0071 0x2f04 WSDScan - ok
20:29:48.0075 0x2f04 WSearch - ok
20:29:48.0145 0x2f04 [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv C:\Windows\system32\wuaueng.dll
20:29:48.0274 0x2f04 wuauserv - ok
20:29:48.0284 0x2f04 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:29:48.0306 0x2f04 WudfPf - ok
20:29:48.0316 0x2f04 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\Windows\system32\drivers\WudfRd.sys
20:29:48.0344 0x2f04 WUDFRd - ok
20:29:48.0351 0x2f04 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:29:48.0374 0x2f04 wudfsvc - ok
20:29:48.0384 0x2f04 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:48.0408 0x2f04 WUDFWpdFs - ok
20:29:48.0418 0x2f04 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:48.0444 0x2f04 WUDFWpdMtp - ok
20:29:48.0484 0x2f04 [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:29:48.0566 0x2f04 WwanSvc - ok
20:29:48.0601 0x2f04 [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager C:\Windows\System32\XblAuthManager.dll
20:29:48.0669 0x2f04 XblAuthManager - ok
20:29:48.0708 0x2f04 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\Windows\System32\XblGameSave.dll
20:29:48.0817 0x2f04 XblGameSave - ok
20:29:48.0830 0x2f04 [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip C:\Windows\System32\drivers\xboxgip.sys
20:29:48.0882 0x2f04 xboxgip - ok
20:29:48.0916 0x2f04 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll
20:29:48.0989 0x2f04 XboxNetApiSvc - ok
20:29:48.0996 0x2f04 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\Windows\System32\drivers\xinputhid.sys
20:29:49.0029 0x2f04 xinputhid - ok
20:29:49.0032 0x2f04 ================ Scan global ===============================
20:29:49.0037 0x2f04 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
20:29:49.0046 0x2f04 [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\Windows\system32\winsrv.dll
20:29:49.0057 0x2f04 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
20:29:49.0074 0x2f04 [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\Windows\system32\services.exe
20:29:49.0086 0x2f04 [ Global ] - ok
20:29:49.0087 0x2f04 ================ Scan MBR ==================================
20:29:49.0090 0x2f04 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:29:49.0542 0x2f04 \Device\Harddisk0\DR0 - ok
20:29:49.0544 0x2f04 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:29:49.0731 0x2f04 \Device\Harddisk1\DR1 - ok
20:29:49.0732 0x2f04 ================ Scan VBR ==================================
20:29:49.0734 0x2f04 [ B9D42396F0482A2F773CEA3382098C0F ] \Device\Harddisk0\DR0\Partition1
20:29:49.0736 0x2f04 \Device\Harddisk0\DR0\Partition1 - ok
20:29:49.0740 0x2f04 [ A388C5BF3EFB7CE41BFA0310E07B8A3A ] \Device\Harddisk0\DR0\Partition2
20:29:49.0742 0x2f04 \Device\Harddisk0\DR0\Partition2 - ok
20:29:49.0745 0x2f04 [ AEE8DDD2AB6D786F5C59556FC00A4055 ] \Device\Harddisk1\DR1\Partition1
20:29:49.0746 0x2f04 \Device\Harddisk1\DR1\Partition1 - ok
20:29:49.0749 0x2f04 [ 2584DA317D12776FA37A90AD8A22011E ] \Device\Harddisk1\DR1\Partition2
20:29:49.0751 0x2f04 \Device\Harddisk1\DR1\Partition2 - ok
20:29:49.0752 0x2f04 ================ Scan generic autorun ======================
20:29:50.0192 0x2f04 [ 701646DF00C80E3DB7ABBE111C2213F7, C75FABE4716D43C212935E6DC095AAF3D46DEDE6323978763B3CA213FB70579B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:29:50.0641 0x2f04 RtHDVCpl - ok
20:29:50.0657 0x2f04 SynTPEnh - ok
20:29:51.0102 0x2f04 [ 5D36AEE2E912402F4ABAB2C55182E3E1, 791D2562776C8E9F309990F1DDA96D51FA9E562EBC1158930C1B9D190EE54FEB ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:29:51.0540 0x2f04 Launch LCore - ok
20:29:51.0563 0x2f04 [ 57D87F3F731632E706F203023C3C9CD8, 5B7131EB940D3A043C33E75C0F06CECEA3FB235677F45F143F2E67E84AB4673D ] C:\Program Files\iTunes\iTunesHelper.exe
20:29:51.0575 0x2f04 iTunesHelper - ok
20:29:51.0576 0x2f04 WindowsDefender - ok
20:29:51.0609 0x2f04 [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:29:51.0639 0x2f04 StartCCC - ok
20:29:51.0648 0x2f04 [ 799312CDAA79E65DB21AA9F56D0BE1C7, FCB2D5F213F82BAB4C320EFF3BF988B7609A7E8EBAF85DAAF63F1A92826323CA ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
20:29:51.0660 0x2f04 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
20:29:51.0777 0x2f04 Detect skipped due to KSN trusted
20:29:51.0777 0x2f04 ControlCenter4 - ok
20:29:51.0909 0x2f04 [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
20:29:52.0112 0x2f04 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
20:29:52.0218 0x2f04 Detect skipped due to KSN trusted
20:29:52.0218 0x2f04 BrStsMon00 - ok
20:29:52.0274 0x2f04 [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
20:29:52.0366 0x2f04 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
20:29:52.0459 0x2f04 Detect skipped due to KSN trusted
20:29:52.0459 0x2f04 BrHelp - ok
20:29:52.0648 0x2f04 [ A092258F26296C791D982E83814685BD, C66F8D8A6C0049BC5ED60198C8B9AE2B7F74B901C1D780E294ECF3D6599EAA50 ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
20:29:52.0837 0x2f04 ATKOSD2 - ok
20:29:52.0852 0x2f04 [ D98BC64645C2DAEDC1E79B4CCCCBBC8E, BB3090F5EF68F1F786D37675CF42DA8363762FEF958F88ECFF82FDB183842A5E ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
20:29:52.0861 0x2f04 ATKMEDIA - ok
20:29:52.0868 0x2f04 [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
20:29:52.0876 0x2f04 HControlUser - ok
20:29:52.0881 0x2f04 Dropbox - ok
20:29:52.0901 0x2f04 [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:52.0924 0x2f04 SunJavaUpdateSched - ok
20:29:53.0199 0x2f04 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:53.0481 0x2f04 OneDriveSetup - ok
20:29:53.0732 0x2f04 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:53.0983 0x2f04 OneDriveSetup - ok
20:29:54.0235 0x2f04 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:54.0489 0x2f04 OneDriveSetup - ok
20:29:54.0547 0x2f04 [ 3CB5F3430BFE5E0C89A0803EF32C8DD4, 9E8247BC7933C2F6F451D756D79CB37A3FB027F7A48DF0511FC56CA368C4B662 ] C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:29:54.0601 0x2f04 OneDrive - ok
20:29:54.0650 0x2f04 [ 39F07FEA9532CD88F388ECABEFE37CD2, 59A73628DE72CAFA0B8A3E22054EEEF85820AD012BC68E279A4B5E0B728E9621 ] C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:29:54.0698 0x2f04 Spotify Web Helper - ok
20:29:54.0897 0x2f04 [ DC1C4722F9414B9D3858A6BAB0E234D6, 7EFBCCC6AA69ABF2FA41D6EBEC523EBE8B72B4FF20F05C266D2A54F74ED03C8B ] C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe
20:29:55.0101 0x2f04 Spotify - ok
20:29:55.0141 0x2f04 [ 642D464F0EDE1B3C81BC20C3E3A3ECC6, C8B01DD0153BBE4527630FB002F9EF8B4E04127BDFF212831FF67BD6AB0EA265 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:29:55.0184 0x2f04 GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10 - ok
20:29:55.0188 0x2f04 Skype - ok
20:29:55.0190 0x2f04 Waiting for KSN requests completion. In queue: 243
20:29:56.0205 0x2f04 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
20:29:56.0209 0x2f04 Win FW state via NFP2: enabled ( trusted )
20:29:56.0308 0x2f04 ============================================================
20:29:56.0308 0x2f04 Scan finished
20:29:56.0308 0x2f04 ============================================================
20:29:56.0315 0x0bac Detected object count: 0
20:29:56.0315 0x0bac Actual detected object count: 0
|
|
16.02.2017, 22:25
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast - svchost geblockt Malware Link geht doch!  Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2017, 22:53
| #12 |
| | Avast - svchost geblockt Malware Link adwCleaner: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 22:41:55
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : danie - DESKTOP-9T9O37C
# Gestartet von : C:\Users\danie\Desktop\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\danie\AppData\Local\PackageAware
Ordner Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgmiemnjjchgkmgbeljfocdjjnpjnmcg
***** [ Dateien ] *****
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage-journal
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage
Datei Gefunden: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage-journal
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [2282 Bytes] - [16/02/2017 22:41:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2355 Bytes] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 22:43:05
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : danie - DESKTOP-9T9O37C
# Gestartet von : C:\Users\danie\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\danie\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgmiemnjjchgkmgbeljfocdjjnpjnmcg
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihbiedpeaicgipncdnnkikeehnjiddck_0.localstorage-journal
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage
[-] Datei gelöscht: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgmiemnjjchgkmgbeljfocdjjnpjnmcg_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2169 Bytes] - [16/02/2017 22:43:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [2434 Bytes] - [16/02/2017 22:41:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2315 Bytes] ##########
JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by danie (Administrator) on 16.02.2017 at 22:47:31,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10 (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2017 at 22:49:17,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
19.02.2017, 13:41
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast - svchost geblockt Malware Link Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.02.2017, 14:10
| #14 |
| | Avast - svchost geblockt Malware Link FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (19-02-2017 13:43:38)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-19]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (uMatrix) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2017-02-15]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [51104 2016-08-02] (USBPcap)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-18 13:29 - 2017-02-18 13:29 - 00000000 ____D C:\Users\danie\AppData\Local\ElevatedDiagnostics
2017-02-17 01:10 - 2017-02-17 01:10 - 00000000 ____D C:\Users\danie\Documents\lisa_Versicherung
2017-02-16 22:49 - 2017-02-16 22:49 - 00000696 _____ C:\Users\danie\Desktop\JRT.txt
2017-02-16 22:37 - 2017-02-16 22:43 - 00000000 ____D C:\AdwCleaner
2017-02-16 22:27 - 2017-02-16 22:47 - 01663040 _____ (Malwarebytes) C:\Users\danie\Desktop\JRT.exe
2017-02-16 22:27 - 2017-02-16 22:28 - 04015056 _____ C:\Users\danie\Desktop\AdwCleaner_6.043.exe
2017-02-16 20:46 - 2017-02-16 20:46 - 00060873 _____ C:\Users\danie\Desktop\TDSSKiller_log.zip
2017-02-16 20:45 - 2017-02-16 20:45 - 00270262 _____ C:\Users\danie\Desktop\TDSSKiller_log.txt
2017-02-16 20:28 - 2017-02-16 20:45 - 00270354 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_20.28.53_log.txt
2017-02-16 20:27 - 2017-02-16 20:28 - 00005760 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_20.27.27_log.txt
2017-02-16 20:23 - 2017-02-16 20:27 - 04747704 _____ (AO Kaspersky Lab) C:\Users\danie\Desktop\tdsskiller.exe
2017-02-16 20:00 - 2017-02-16 20:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-16 20:00 - 2017-02-16 20:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-16 20:00 - 2017-02-16 20:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-16 19:58 - 2017-02-16 20:20 - 00000000 ____D C:\Users\danie\Desktop\mbar
2017-02-16 19:58 - 2017-02-16 19:58 - 16563352 _____ (Malwarebytes Corp.) C:\Users\danie\Desktop\mbar-1.09.3.1001.exe
2017-02-16 19:58 - 2017-02-16 19:58 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-16 19:09 - 2017-02-16 19:09 - 00000000 ___HD C:\OneDriveTemp
2017-02-16 16:48 - 2017-02-16 16:49 - 00049302 _____ C:\Users\danie\Desktop\Addition.txt
2017-02-16 16:47 - 2017-02-19 13:43 - 00022777 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-16 16:47 - 2017-02-19 13:42 - 00000000 ____D C:\Users\danie\Desktop\FRST-OlderVersion
2017-02-16 16:31 - 2017-02-16 16:31 - 00000000 ____D C:\Users\danie\AppData\Local\{FE8BEBBE-9A66-4252-9271-3B862ED0CA94}
2017-02-15 19:20 - 2017-02-15 19:20 - 00000000 ____D C:\Users\danie\AppData\Roaming\Wireshark
2017-02-15 18:13 - 2017-02-15 18:13 - 00001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00001569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\USBPcap
2017-02-15 18:13 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-02-15 18:12 - 2017-02-15 18:13 - 00000000 ____D C:\Program Files\Wireshark
2017-02-15 18:08 - 2017-02-15 18:11 - 49360976 _____ (Wireshark development team) C:\Users\danie\Desktop\Wireshark-win64-2.2.4.exe
2017-02-15 16:05 - 2017-02-19 13:43 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-19 13:42 - 02422784 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_************.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-19 13:41 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-19 13:36 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-19 12:42 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-19 05:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-18 18:05 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-18 18:00 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-18 16:44 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-18 03:55 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-16 22:50 - 2016-08-04 20:24 - 01160194 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-16 22:50 - 2016-07-16 23:51 - 00635004 _____ C:\Windows\system32\perfh007.dat
2017-02-16 22:50 - 2016-07-16 23:51 - 00180588 _____ C:\Windows\system32\perfc007.dat
2017-02-16 22:49 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-16 22:47 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-16 22:44 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-16 22:44 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-02-16 19:09 - 2016-08-06 17:56 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-16 16:42 - 2016-08-04 20:16 - 05002832 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-16 16:41 - 2016-08-05 17:25 - 00000000 ____D C:\Program Files\Adobe
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\Embarcadero
2017-02-16 16:26 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-16 16:15 - 2016-08-05 17:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-16 16:14 - 2016-08-04 22:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-02-16 16:09 - 2016-08-04 22:18 - 00000000 ____D C:\ProgramData\Adobe
2017-02-16 15:51 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-16 15:51 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-02-16 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-16 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-15 18:13 - 2016-08-04 20:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log
Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-19 13:43 - 2017-02-19 13:43 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole4307819756868102623.dll
2017-02-19 13:43 - 2017-02-19 13:43 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole564696079977486359.dll
2017-02-19 13:42 - 2017-02-19 13:42 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole8957034634630705554.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 22:03
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von danie (19-02-2017 13:44:38)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version: - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version: - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
USBPcap 1.1.0.0-g794bf26-5 (HKLM\...\USBPcap) (Version: 1.1.0.0-g794bf26-5 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Wireshark 2.2.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {33E73081-717D-48AC-9FE4-D126E55A4431} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7136E34E-8CFD-4EEB-A47C-2221B55774CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C52BC44A-09E4-4F94-AAD5-965EFF8915ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {DD017D0F-4CB4-44C9-8DB1-CA13F34F5A70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-02-10 05:19 - 2017-02-10 05:19 - 13170368 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-02-10 05:19 - 2017-02-10 05:19 - 01200840 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-18 03:55 - 2017-02-18 03:55 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-18 03:55 - 2017-02-18 03:55 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-18 03:55 - 2017-02-18 03:55 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-18 03:55 - 2017-02-18 03:55 - 00132608 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:42 - 2016-11-23 08:42 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-04 20:47 - 2016-08-04 20:47 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-07-17 00:01 - 2016-07-17 00:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-14 22:04 - 2017-02-14 22:04 - 31178840 _____ () C:\Users\danie\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2017-02-16 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Wiederherstellungspunkte =========================
02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch
15-02-2017 18:12:46 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
16-02-2017 22:47:32 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/19/2017 10:28:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/19/2017 10:28:08 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0006; CorrelationId: {C3BA97CF-2C95-4978-A98C-7C1F4E61FE74}
Error: (02/18/2017 04:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2953
Error: (02/18/2017 04:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2953
Error: (02/18/2017 04:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/18/2017 04:45:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1422
Error: (02/18/2017 04:45:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1422
Error: (02/18/2017 04:45:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/18/2017 02:30:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7078
Error: (02/18/2017 02:30:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7078
Systemfehler:
=============
Error: (02/19/2017 01:43:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/19/2017 01:43:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/19/2017 01:41:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/19/2017 10:45:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/19/2017 10:43:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/19/2017 10:43:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/19/2017 10:41:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/19/2017 04:11:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/19/2017 04:09:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/19/2017 04:09:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-02-16 20:29:22.371
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-16 20:29:22.369
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-16 20:27:56.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-16 20:27:56.763
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-07 16:02:25.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-07 16:02:25.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.930
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 4233.66 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 4712.08 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:209.11 GB) (Free:96.19 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:44.16 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
19.02.2017, 15:14
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast - svchost geblockt Malware Link Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avast - svchost geblockt Malware Link |
| adobe, antivirus, bonjour, converter, defender, device driver, downloader, google, home, installation, launch, malware, monitor, mozilla, office 365, popup, proxy, prozesse, realtek, rundll, security, software, svchost, svchost.exe, system, udp, warnung, windows, windowsapps |
Linear-Darstellung
