| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Malwarebytes findet Pup.Optional.GamehackWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.05.2017, 21:43
| #1 |
 |  Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Moin  ,ich weiß ich schon wieder. ^^ Diesmal gehts aber um meinen Hauptrechner, der schon einige Zeit relativ langsam ist. Aus diesem Grund hab ich mal Malwarebytes Anti-Malware laufen lassen und wurde auch fündig (s. Log). Auf jeden Fall sagt mir mein Gefühl, dass es das noch nicht unbedingt war und irgendwo sich vielleicht noch was rumtreiben könnte. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.05.2017 Suchlaufzeit: 22:09 Protokolldatei: MBAM.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.05.02.07 Rootkit-Datenbank: v2017.04.02.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Denise Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 288818 Abgelaufene Zeit: 17 Min., 31 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.GameHack, C:\Program Files (x86)\Cheat Engine 6.5\standalonephase1.dat, , [d58aa86bf5b4f244529062eec53c6f91], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017 durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (02-05-2017 22:28:31) Gestartet von C:\Users\Denise\Downloads Geladene Profile: Denise (Verfügbare Profile: Denise) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344536 2017-04-26] (Dropbox, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-18] () HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-02] (Spotify Ltd) HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd) HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.) HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-02] (Spotify Ltd) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-02] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation) BHO: Kein Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Keine Datei BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-02] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () Chrome: ======= CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-05-02] CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04] CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04] CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04] CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04] CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24] CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04] CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17] CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04] CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17] CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04] CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-07] () S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-04-26] (Dropbox, Inc.) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-29] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-29] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-18] (Overwolf LTD) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation) R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation) R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-05-02] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) U0 aswVmm; kein ImagePath S3 dbx; system32\DRIVERS\dbx.sys [X] U3 DfSdkS; kein ImagePath U0 msahci; system32\drivers\msahci.sys [X] S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X] S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-05-02 22:28 - 2017-05-02 22:29 - 00026132 _____ C:\Users\Denise\Downloads\FRST.txt 2017-05-02 22:27 - 2017-05-02 22:27 - 02428416 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe 2017-05-02 22:27 - 2017-05-02 22:27 - 00001286 _____ C:\Users\Denise\Downloads\MBAM.txt 2017-05-02 15:21 - 2017-05-02 15:21 - 00000000 ____D C:\Users\Denise\Documents\League of Legends 2017-05-02 15:15 - 2017-05-02 15:15 - 00000000 ____D C:\ProgramData\Riot Games 2017-05-02 15:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2017-05-02 15:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2017-05-02 15:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2017-05-02 15:13 - 2017-05-02 15:22 - 00001722 _____ C:\Users\Public\Desktop\League of Legends.lnk 2017-05-02 15:13 - 2017-05-02 15:13 - 00000000 ____D C:\Riot Games 2017-05-02 15:11 - 2017-05-02 15:14 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Riot Games 2017-05-02 15:11 - 2017-05-02 15:11 - 31876824 _____ (Riot Games) C:\Users\Denise\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe 2017-04-28 15:26 - 2017-04-29 14:00 - 00010972 _____ C:\Users\Denise\Desktop\Car Mechanic Fahrzeuge.xlsx 2017-04-27 01:42 - 2017-04-27 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-04-26 20:02 - 2017-04-26 20:02 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-04-13 15:29 - 2017-04-13 15:29 - 00437477 _____ C:\Users\Denise\Downloads\SX8Q4C.pdf 2017-04-12 10:44 - 2017-04-12 10:44 - 38952320 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe 2017-04-12 10:44 - 2017-04-12 10:44 - 00000220 _____ C:\Users\Denise\Downloads\updateLog.txt 2017-04-12 10:44 - 2017-04-12 10:44 - 00000000 ____D C:\Users\Denise\Downloads\game 2017-04-11 23:01 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-04-11 23:01 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-04-11 23:01 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-04-11 23:01 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-04-11 23:01 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-04-11 23:01 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-04-11 23:01 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-04-11 23:01 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-04-11 23:01 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-04-11 23:01 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-04-11 23:01 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-04-11 23:01 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-04-11 23:01 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-04-11 23:01 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-04-11 23:01 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-04-11 23:01 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-04-11 23:01 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-04-11 23:01 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2017-04-11 23:01 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-04-11 23:01 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-04-11 23:01 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys 2017-04-11 23:01 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2017-04-11 23:01 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2017-04-11 23:01 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-04-11 23:01 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-04-11 23:01 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-04-11 23:01 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-04-11 23:01 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-04-11 23:01 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-04-11 23:01 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2017-04-11 23:01 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2017-04-11 23:01 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-04-11 23:01 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-04-11 23:01 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2017-04-11 23:01 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-04-11 23:01 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2017-04-11 23:01 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2017-04-11 23:01 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-04-11 23:01 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2017-04-11 23:01 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2017-04-11 23:01 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2017-04-11 23:01 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2017-04-11 23:01 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-04-11 23:01 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-04-11 23:01 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2017-04-11 23:01 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-04-11 23:01 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-04-11 23:01 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2017-04-11 23:01 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2017-04-11 23:01 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2017-04-11 23:01 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2017-04-11 23:01 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2017-04-11 23:01 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2017-04-11 23:01 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2017-04-11 23:01 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2017-04-11 23:01 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2017-04-11 23:01 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2017-04-11 23:01 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2017-04-11 23:01 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2017-04-11 23:01 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2017-04-11 23:01 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2017-04-11 23:01 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2017-04-11 23:01 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2017-04-11 23:01 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2017-04-11 23:01 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2017-04-11 23:01 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll 2017-04-11 23:01 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-04-11 23:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-04-11 23:00 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-04-11 23:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-04-11 23:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-04-11 23:00 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-04-11 23:00 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-04-11 23:00 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-04-11 23:00 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-04-11 23:00 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-04-11 23:00 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-04-11 23:00 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-04-11 23:00 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-04-11 23:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-04-11 23:00 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-04-11 23:00 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-04-11 23:00 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2017-04-11 23:00 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2017-04-11 23:00 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2017-04-11 23:00 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2017-04-11 23:00 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2017-04-11 23:00 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-04-11 23:00 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-04-11 23:00 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-04-11 23:00 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-04-11 23:00 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-04-11 23:00 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-04-11 23:00 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2017-04-11 23:00 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2017-04-11 23:00 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2017-04-11 23:00 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2017-04-11 23:00 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml 2017-04-11 23:00 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys 2017-04-07 21:49 - 2017-04-07 21:50 - 07662317 _____ C:\Users\Denise\Downloads\FTB_Launcher.exe 2017-04-05 14:56 - 2017-04-05 14:56 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Si7 studio ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-05-02 22:28 - 2017-02-22 11:37 - 00000000 ____D C:\FRST 2017-05-02 22:28 - 2016-09-10 13:49 - 02639360 ___SH C:\Users\Denise\Downloads\Thumbs.db 2017-05-02 22:09 - 2017-02-22 12:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-02 22:08 - 2015-11-04 19:24 - 00000000 ____D C:\Program Files (x86)\Steam 2017-05-02 22:05 - 2015-11-04 17:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify 2017-05-02 22:02 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat 2017-05-02 22:02 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat 2017-05-02 22:02 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-02 22:02 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-05-02 22:00 - 2015-11-04 17:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify 2017-05-02 21:40 - 2015-11-04 16:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-05-02 20:09 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client 2017-05-02 19:40 - 2015-11-04 16:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-05-02 17:12 - 2015-11-04 16:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys 2017-05-02 16:07 - 2016-03-01 00:33 - 00007606 _____ C:\Users\Denise\AppData\Local\Resmon.ResmonCfg 2017-05-02 12:00 - 2016-08-01 12:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2017-05-02 12:00 - 2015-11-04 16:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2017-05-02 03:31 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-02 03:29 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-04-30 16:13 - 2016-11-04 13:42 - 00000000 ____D C:\Users\Denise\Documents\Viscera 2017-04-30 11:51 - 2017-03-16 15:19 - 00001220 _____ C:\Users\Denise\Downloads\nativelog.txt 2017-04-30 11:51 - 2016-12-19 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft 2017-04-29 15:58 - 2015-11-04 16:18 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-29 15:58 - 2015-11-04 16:18 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-27 04:15 - 2015-11-04 16:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001 2017-04-27 01:42 - 2015-11-04 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-04-25 00:26 - 2015-12-27 23:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps 2017-04-24 04:28 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files (x86)\Overwolf 2017-04-23 17:21 - 2017-02-23 12:40 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk 2017-04-23 17:21 - 2015-11-04 16:13 - 00000000 ____D C:\Users\Denise\OneDrive 2017-04-23 11:36 - 2015-11-04 16:05 - 00000000 ____D C:\Users\Denise 2017-04-17 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-04-17 10:48 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-17 10:39 - 2016-05-12 19:58 - 00001062 _____ C:\Users\Denise\Desktop\Neues Textdokument (3).txt 2017-04-17 10:32 - 2016-02-04 23:06 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.technic 2017-04-17 10:32 - 2016-02-04 23:05 - 04734784 _____ () C:\Users\Denise\Downloads\TechnicLauncher.exe 2017-04-14 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-04-14 18:06 - 2013-08-22 16:44 - 00479584 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-14 12:00 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-12 10:44 - 2017-03-16 15:19 - 00000000 ____D C:\Users\Denise\Downloads\tmp 2017-04-12 04:25 - 2015-11-06 16:01 - 00000000 ____D C:\Windows\system32\MRT 2017-04-12 04:23 - 2015-11-06 16:01 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-04-12 04:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2017-04-08 00:06 - 2016-08-11 12:13 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-04-07 23:21 - 2016-08-30 15:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp 2017-04-07 22:31 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Local\ftblauncher 2017-04-07 21:59 - 2015-11-18 19:17 - 00000000 ____D C:\ftb 2017-04-07 21:50 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Roaming\ftblauncher 2017-04-05 14:58 - 2015-12-01 23:06 - 00000000 ____D C:\Users\Denise\Documents\My Games 2017-04-05 03:01 - 2016-12-09 20:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2017-04-05 03:01 - 2016-12-06 03:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-05 03:01 - 2016-02-21 14:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001 2017-04-03 14:43 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Local\Overwolf ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-04 16:11 - 2017-05-02 17:12 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys 2016-07-12 23:15 - 2016-07-12 23:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel 2016-03-01 00:33 - 2017-05-02 16:07 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg 2015-03-18 14:53 - 2015-03-18 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Einige Dateien in TEMP: ==================== 2017-04-09 01:17 - 2017-04-09 01:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1040318976079216718.dll 2017-04-10 17:11 - 2017-04-10 17:11 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-107992347504823130.dll 2017-04-09 01:22 - 2017-04-09 01:22 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1393927604816923217.dll 2017-04-17 10:36 - 2017-04-17 10:36 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1605890471314782318.dll 2017-04-17 20:28 - 2017-04-17 20:28 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2195549389685782762.dll 2017-04-12 16:12 - 2017-04-12 16:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2278816693079296955.dll 2017-04-29 10:40 - 2017-04-29 10:40 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2289259205964025034.dll 2017-04-12 11:52 - 2017-04-12 11:52 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2293235393832101607.dll 2017-04-17 20:37 - 2017-04-17 20:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2717276439790702517.dll 2017-04-26 12:12 - 2017-04-26 12:12 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2812241115399243833.dll 2017-04-09 01:37 - 2017-04-09 01:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2886755838872423022.dll 2017-04-10 13:57 - 2017-04-10 13:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2947519856391172585.dll 2017-04-11 12:50 - 2017-04-11 12:50 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3006947278836389063.dll 2017-04-09 01:33 - 2017-04-09 01:33 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3275234403545714624.dll 2017-04-10 16:51 - 2017-04-10 16:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-363026189231537429.dll 2017-04-09 11:51 - 2017-04-09 11:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-382171821654916660.dll 2017-04-24 23:10 - 2017-04-24 23:10 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-38851600159007909.dll 2017-04-10 22:54 - 2017-04-10 22:54 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4624524647489449371.dll 2017-04-27 21:45 - 2017-04-27 21:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4671433893680303623.dll 2017-04-17 21:46 - 2017-04-17 21:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5245631579023480511.dll 2017-04-17 10:40 - 2017-04-17 10:40 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5651678435619837219.dll 2017-04-25 13:28 - 2017-04-25 13:28 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5839221738519008296.dll 2017-04-24 12:00 - 2017-04-24 12:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-6858090211071687154.dll 2017-04-24 13:21 - 2017-04-24 13:21 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-782039470112850992.dll 2017-04-16 21:21 - 2017-04-16 21:21 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-811926212269422760.dll 2017-04-27 12:37 - 2017-04-27 12:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-851885707297706314.dll 2017-04-13 17:18 - 2017-04-13 17:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8695384281373204455.dll 2017-04-09 01:30 - 2017-04-09 01:30 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8793313027965502837.dll 2017-04-12 18:08 - 2017-04-12 18:08 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8855172364835676341.dll 2017-04-09 22:03 - 2017-04-09 22:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8958763056661960550.dll 2017-04-12 10:44 - 2017-04-12 10:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-911095625501500122.dll 2017-04-11 14:06 - 2017-04-11 14:06 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-984113642458192691.dll 2017-04-21 02:28 - 2017-04-21 02:28 - 0739904 _____ (Oracle Corporation) C:\Users\Denise\AppData\Local\Temp\jre-8u131-windows-au.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-04-29 13:47 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-05-2017
durchgeführt von Denise (02-05-2017 22:29:35)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version: - SCS Software)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestar Galactica Online (HKLM-x32\...\Battlestar Galactica Online_is1) (Version: 1.0 - Bigpoint GmbH)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version: - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version: - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 24.4.17 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version: - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version: - Bloober Team SA)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
My Secret Pets! (HKLM\...\Steam App 447180) (Version: - Dogenzaka Lab)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.233.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version: - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version: - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version: - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version: - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version: - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version: - Telltale Games)
Time Mysteries: Inheritance - Remastered (HKLM\...\Steam App 350010) (Version: - Artifex Mundi)
Train Mechanic Simulator 2017 (HKLM\...\Steam App 538810) (Version: - Si7 Studio)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version: - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version: - RuneStorm)
Viscera Cleanup Detail: Santa's Rampage (HKLM\...\Steam App 265210) (Version: - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {883A3F07-BB44-43B8-96A9-E39E723C41EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-18] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {C6A6D6F9-E4A8-410D-B15E-56851DA6CCAD} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E4B15ED4-FEFA-47BB-8ECC-7E9A9CCD4457} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-02] (Microsoft Corporation)
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {FAFE6503-554E-4E50-AF09-7B4E289E14C2} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-02-14 17:14 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2015-03-18 14:49 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-16 12:17 - 2016-03-16 12:17 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2017-02-14 17:14 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-11-05 18:23 - 2015-11-05 18:23 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-07 14:31 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 17:02 - 2017-01-25 17:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 17:02 - 2017-01-25 17:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-11 23:22 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-04-23 17:20 - 2017-04-23 17:20 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\B1FE.tmp.node
2017-01-25 17:02 - 2017-01-25 17:02 - 02658304 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 17:03 - 2017-03-24 05:24 - 02665976 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-11-04 17:10 - 2017-05-02 22:00 - 67725936 _____ () C:\Users\Denise\AppData\Roaming\Spotify\libcef.dll
2015-11-04 17:10 - 2017-05-02 22:00 - 01929840 _____ () C:\Users\Denise\AppData\Roaming\Spotify\libglesv2.dll
2015-11-04 17:10 - 2017-05-02 22:00 - 00087152 _____ () C:\Users\Denise\AppData\Roaming\Spotify\libegl.dll
2015-11-04 19:26 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 21:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 22:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-11-04 19:26 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "BlueStacks Agent"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C852CC74-3AB4-4C98-941B-BE20D823E1A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EA8F599-958B-4D85-A13E-12C272DD6E06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{692D9FC0-DB01-4E87-B382-E26EF1BC663B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F62AF29-AE03-4711-B9C8-962924E57F03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFCD695A-B70B-4899-88EB-6D98EEDFDB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{76DCA23A-E0EE-4AA5-A85C-4818EBD2E7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{50F34949-4DD3-4672-9DE9-83CE38D0B294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8FEAF39F-D717-4E2F-A0E3-FC65F540E1C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B36FE30-2449-46D2-B4FA-4785C2ACF641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FD1B3530-E5D5-4CAA-9697-80927BF9D090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E76FD92-8B5C-4994-9F60-4C88D5550984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90E74E70-64DE-48C4-BE2B-959AC2D01AB5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CE2C69F0-5BFA-4864-9383-A69102073E9A}] => (Allow) LPort=2869
FirewallRules: [{A9573006-EB2F-4A65-BC7D-3B02D79A1BF6}] => (Allow) LPort=1900
FirewallRules: [{A578AC21-C9B0-471D-BE1D-BBF5724C4243}] => (Allow) C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{410E767A-7BF5-479C-B8A5-A844F49BD32F}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2FB2C07B-FB74-4F3B-8F9C-CB9AADD39FB5}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{44825738-657D-4781-AF8B-B5C7CC9381E6}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FF89640C-415A-44C1-AADB-70BE7BC0ED32}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{077305C1-6CA4-4440-91E3-91796E37AB6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{6E3F84AE-0C97-46DF-AE27-1352183502C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{B5D1D315-B367-43CE-ABAA-F2D8C74A0E9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{D512DE21-B79F-4BFC-9DA1-E3C9DA92231B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{ACFCD07C-A033-433D-9F94-3B083F2EB158}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{26C769EE-C490-41E2-8E33-F982AED27D12}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8C024486-2A32-43B1-A337-FBED48E33D47}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D930DBF9-1A2C-44E4-853F-65D36BE9DE58}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5950631D-9FD3-4C0F-ABEE-5E0DE5246796}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E750D3D9-3B8D-49EF-B230-62ACFF1F2E48}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7BC0AB2F-3B7B-494E-8688-3E7D21578809}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{28E642CB-E2A6-4754-98C7-7EB68F2C0B33}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B4F9A977-F23C-43E4-B86C-6B8C91C6E9C7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0EE0F3F7-8294-4435-BCC2-1FFF90E6E88E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FBE8FE5-0ADC-400E-BA2D-D2ED09058820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{92E232EB-4B0E-4347-A41E-E460E26E85F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06892A54-0D32-485D-A00D-49ABC63F7332}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC610AF3-702C-433E-A1CA-736B1B623405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{D812B741-A175-44EE-A9C6-76EA5E676A00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [TCP Query User{C4FA9BF0-5E5C-4E45-B8E9-4F6B5120A016}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{98CEC8B7-2C3C-4E2C-8987-FCB57ECD6178}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{C11653EC-C768-44C7-8A23-BD0C119B6B6A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{156FAF76-F16C-4092-81E3-09DC85623F9E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{AD9A4297-C8E7-4AF0-9498-F0622D07BBD3}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82E23260-2925-4537-A54B-EBF1A3C5271B}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4A029489-CDBE-468C-902E-F602E935DF52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{7CBCDFD0-1264-4F98-8308-810F0C77898D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{4DB9C503-2104-4B3B-B489-AA87B971EC78}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{09B490A0-33CD-408E-8DAA-85107302ED4E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{82CBB81C-28C5-46B4-80D0-293ABC1A243F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7AFB2B2F-5EBE-4C43-AE3F-022ABD259DAE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{264DE989-FF16-44C1-91E9-B3909E7FDA3C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{AEF8F3B9-A84E-4102-9236-9A734296C033}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{46CE26BD-3ABB-4695-BD53-437ABD8EA23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{CEF7B75C-B74A-4217-A65D-4E5C0563D67C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{260EDB40-7783-4AB7-B696-F33C1D7AE530}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{6EC3281C-C5FE-4622-81BB-04393E9B100E}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{C0254287-BA1C-46AC-82B5-BCD9421E7610}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{ED5F17EC-ED5B-4B5C-8683-163C1FF19047}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1D309B50-8114-4341-8204-B0F6D792DBCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{8F8C8879-A857-4F5B-86EE-52C7D4BE036A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{E1236C48-44F5-4D86-A2FB-DFC66F6BD649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{CB2E6E50-E365-4C56-9065-08484F7395F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{17EC79A6-35B4-4E06-BEB0-D88B3265C76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CFE9155A-1F52-4E45-B10B-3926AACE054A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{15CD06B2-9A60-4B00-A53B-A8F5480AEC00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{311613AD-925A-4187-BEBF-1BDB64EE445F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{263035E6-FB7E-4700-B650-C3D91BADD530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{C05A21D5-F7D4-4AA7-9F56-111F832E4527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{3D6ED0DB-18CF-47B6-B94C-0E3A5543B52D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9A5FE8C4-E35A-42D6-A362-9BCF984CBC52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FEB60B57-D58C-4EFA-9A65-C2BC94A20E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{2964DDF6-846B-4405-A169-7C8BBF4643DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{23FF6FA8-2E72-4881-921E-9F020FC9A397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{51CA4EE6-B381-400B-A3D6-AAAAA3F11B91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{F39F3E71-32A1-42C1-9FCC-DAF01388E44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{88BE5797-3782-4A5F-B95D-7D27DB95CD9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{C69DE373-590B-4BA2-B555-7715B351C8E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{68CA7CDD-47A2-434C-9220-57AEC86DDCE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{E8AA1BEE-10F5-4240-A606-6BD3BBB6B026}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{897DA43B-3B01-4A5E-876F-837F3A379D1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{3238C134-3485-4894-8933-6745E9B17A9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{8286DB86-74C8-4889-B5A1-9FB8FF6F319F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{F11AEBF6-A5C7-4DD8-A5D7-621BE26D3ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1C0CE1ED-483C-48C8-9D91-3186D683C8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ECC94EDD-9B5C-4923-852A-F97357194624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{C040E497-9E19-48D6-8EFB-0E67C12B1EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{136E67A8-0F02-4F6A-8EA4-0D3B81AE393D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{9C89A31A-2BD6-4A17-BC71-B40BCF51E384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{E48C3944-8B3B-466C-8E18-B305E06B2C15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{63A64D62-5CBB-499A-B241-0D22634CE5C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [TCP Query User{0D400897-B446-4BF1-AA38-2C0FF4758B6A}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe
FirewallRules: [UDP Query User{8BC76652-19FD-4C10-9C7F-A7ECA9E4A2E8}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe
FirewallRules: [{73FDAF87-493D-4BDD-AA39-D908A7378C39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Secret Pets!\My Secret Pets!.exe
FirewallRules: [{9EC02E6B-9746-4178-8243-4196AF1DD64C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Secret Pets!\My Secret Pets!.exe
FirewallRules: [{3BBE75B1-FAF2-4614-82BF-2BB99A88A617}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Time Mysteries Inheritance Remastered\TimeMysteries_Inheritance.exe
FirewallRules: [{9DCAEEF9-CC72-45DD-BD35-B5032569BCBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Time Mysteries Inheritance Remastered\TimeMysteries_Inheritance.exe
FirewallRules: [{3E241EAA-0027-45EE-A5CE-23AA859B4F58}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F4C0B238-D7A7-40A1-AB91-E9F4DD0A6374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Mechanic Simulator 2017\tms.exe
FirewallRules: [{588801CD-9B3E-4671-B802-5E4DCFED41BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Mechanic Simulator 2017\tms.exe
FirewallRules: [{33E16F0F-D4D2-4CFF-8B5D-D777D07F1AA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{65F82802-B7F0-4909-BF9B-C0146A5EC075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{2255EBB4-60A7-458B-8EBE-6667149ABB7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CDC00CD1-BEB2-40D8-BCC1-8F3AC78BB209}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{767781E8-A5A9-4673-91E6-86318487A20D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{842EB312-4B4A-4998-9866-8FE73166DCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{66398C04-A3D6-46FD-829A-23AFF154D10B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B78095FB-6AC2-4911-81CA-9F749B703C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8005229D-DC8B-4113-9B3B-9A10A2C52708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C921035B-5131-4E35-9E32-11FD6814A709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C74C4B10-1987-4A79-83E7-9CB6D3C09390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FA2E2993-F187-4A82-825C-9043654973A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{57F95B4F-700C-437D-98E4-E774108750AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{478BB1EF-937B-4BDA-BADB-6AC7B98C1C43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{0CACF6F7-EFE4-4D7D-AE33-1199A3A43EFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{89F3FA57-18FE-4329-91AB-A42AE9A6FD1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C4FB3067-B43F-4DC1-9E8C-7BF38A263878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4F10A1A1-6921-4E89-9507-005715D31253}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{91C22983-2BCD-4A29-B8C4-F706CB6858A9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2EF9F7BC-C691-45D8-92A8-970E7173B01F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{5BCF3425-C812-4BEF-9AAE-610366086EDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{23CAE663-8E55-44ED-8AAF-17CA7BE72D2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{B89427D6-8813-45FC-9633-3A0DD84CE475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{C3CE2525-1656-4E62-9D3B-C0BEEA97AE55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{C63635A6-098E-4D91-A893-D9BC47958787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
==================== Wiederherstellungspunkte =========================
20-04-2017 05:14:30 Geplanter Prüfpunkt
29-04-2017 13:55:02 Geplanter Prüfpunkt
02-05-2017 15:12:15 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/02/2017 03:28:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d3c
Startzeit: 01d2c3472a3a3e9e
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 1ec4ca4f-2f3b-11e7-8290-1cb72c068d56
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/02/2017 03:30:13 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (05/02/2017 03:28:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DENISE-NOTEBOOK)
Description: Die Anwendung oder der Dienst "Microsoft Office Document Cache Sync Client Interface" konnte nicht heruntergefahren werden.
Error: (04/29/2017 12:29:06 PM) (Source: Microsoft Office) (EventID: 2011) (User: )
Description: Event-ID 2011
Error: (04/29/2017 12:29:06 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {11BBF64C-8B01-43FB-A3A3-122340BA6335}
Error: (04/28/2017 12:37:38 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {A3229088-E1A0-4C06-A4FD-E29154FA12B8}
Error: (04/28/2017 06:05:04 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/27/2017 06:05:04 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/26/2017 06:05:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/25/2017 06:05:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (05/02/2017 09:11:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/02/2017 09:11:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (04/23/2017 05:18:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2147952449 = Die angeforderte Adresse ist in diesem Kontext ungültig.
Error: (04/23/2017 05:18:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%2147952449 = Die angeforderte Adresse ist in diesem Kontext ungültig.
Error: (04/23/2017 05:18:24 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.101 mit dem Computer mit der
Netzwerkhardwareadresse 58-48-22-A7-B3-98 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (04/23/2017 11:36:05 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/23/2017 11:36:05 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/23/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/23/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/23/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-04-17 11:03:43.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-11 16:55:29.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-24 13:07:19.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-18 14:59:19.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-25 21:55:36.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-22 17:22:33.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 15:35:14.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 2416.37 MB
Summe virtueller Speicher: 13456.41 MB
Verfügbarer virtueller Speicher: 5634.84 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:451.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
03.05.2017, 16:35
| #2 |
| /// TB-Ausbilder   | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
03.05.2017, 18:42
| #3 |
| | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Nichts gefunden
__________________Code:
ATTFilter 19:39:30.0769 0x1f70 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:39:30.0769 0x1f70 UEFI system
19:39:34.0145 0x1f70 ============================================================
19:39:34.0145 0x1f70 Current date / time: 2017/05/03 19:39:34.0145
19:39:34.0145 0x1f70 SystemInfo:
19:39:34.0145 0x1f70
19:39:34.0145 0x1f70 OS Version: 6.3.9600 ServicePack: 0.0
19:39:34.0145 0x1f70 Product type: Workstation
19:39:34.0145 0x1f70 ComputerName: DENISE-NOTEBOOK
19:39:34.0145 0x1f70 UserName: Denise
19:39:34.0145 0x1f70 Windows directory: C:\Windows
19:39:34.0145 0x1f70 System windows directory: C:\Windows
19:39:34.0145 0x1f70 Running under WOW64
19:39:34.0145 0x1f70 Processor architecture: Intel x64
19:39:34.0145 0x1f70 Number of processors: 4
19:39:34.0145 0x1f70 Page size: 0x1000
19:39:34.0145 0x1f70 Boot type: Normal boot
19:39:34.0145 0x1f70 CodeIntegrityOptions = 0x00000001
19:39:34.0145 0x1f70 ============================================================
19:39:34.0719 0x1f70 KLMD registered as C:\Windows\system32\drivers\57294390.sys
19:39:34.0719 0x1f70 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18589, osProperties = 0x19
19:39:37.0998 0x1f70 System UUID: {87C47AFB-BC0C-FD50-874D-AAADF320F6F8}
19:39:38.0824 0x1f70 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:39:38.0840 0x1f70 ============================================================
19:39:38.0840 0x1f70 \Device\Harddisk0\DR0:
19:39:38.0840 0x1f70 GPT partitions:
19:39:38.0841 0x1f70 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {97B903BD-5F53-4E7A-9FA1-606DDCA081C8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:39:38.0841 0x1f70 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2ABB7EE7-7C9E-4FA2-9183-5C83C802894B}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
19:39:38.0841 0x1f70 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A65EDFED-FE47-470C-B9BB-8A24FB1995A2}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
19:39:38.0841 0x1f70 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B86E7570-AABD-4474-82AE-DDED9B0E406A}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x5D269000
19:39:38.0841 0x1f70 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AA171FE6-1FD0-4E2E-A595-907A18DE113D}, Name: Basic data partition, StartLBA 0x5D49D800, BlocksNum 0x89B66000
19:39:38.0841 0x1f70 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7945A28C-2B26-4FE8-90D6-0ADF54A33D82}, Name: Basic data partition, StartLBA 0xE7003800, BlocksNum 0x1E05000
19:39:38.0841 0x1f70 MBR partitions:
19:39:38.0841 0x1f70 ============================================================
19:39:38.0842 0x1f70 C: <-> \Device\Harddisk0\DR0\Partition4
19:39:38.0877 0x1f70 D: <-> \Device\Harddisk0\DR0\Partition5
19:39:38.0877 0x1f70 ============================================================
19:39:38.0877 0x1f70 Initialize success
19:39:38.0877 0x1f70 ============================================================
19:40:04.0086 0x1d38 ============================================================
19:40:04.0086 0x1d38 Scan started
19:40:04.0086 0x1d38 Mode: Manual; SigCheck; TDLFS;
19:40:04.0086 0x1d38 ============================================================
19:40:04.0086 0x1d38 KSN ping started
19:40:04.0196 0x1d38 KSN ping finished: true
19:40:05.0905 0x1d38 ================ Scan system memory ========================
19:40:05.0906 0x1d38 System memory - ok
19:40:05.0906 0x1d38 ================ Scan services =============================
19:40:06.0030 0x1d38 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
19:40:06.0165 0x1d38 1394ohci - ok
19:40:06.0220 0x1d38 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
19:40:06.0231 0x1d38 3ware - ok
19:40:06.0264 0x1d38 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:40:06.0289 0x1d38 ACPI - ok
19:40:06.0300 0x1d38 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
19:40:06.0309 0x1d38 acpiex - ok
19:40:06.0319 0x1d38 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
19:40:06.0339 0x1d38 acpipagr - ok
19:40:06.0343 0x1d38 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
19:40:06.0416 0x1d38 AcpiPmi - ok
19:40:06.0419 0x1d38 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
19:40:06.0444 0x1d38 acpitime - ok
19:40:06.0472 0x1d38 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
19:40:06.0498 0x1d38 ADP80XX - ok
19:40:06.0541 0x1d38 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:40:06.0625 0x1d38 AeLookupSvc - ok
19:40:06.0661 0x1d38 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
19:40:06.0784 0x1d38 AFD - ok
19:40:06.0836 0x1d38 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
19:40:06.0911 0x1d38 AgereSoftModem - ok
19:40:06.0926 0x1d38 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:40:06.0935 0x1d38 agp440 - ok
19:40:06.0959 0x1d38 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
19:40:07.0001 0x1d38 ahcache - ok
19:40:07.0024 0x1d38 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
19:40:07.0068 0x1d38 AiCharger - ok
19:40:07.0106 0x1d38 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
19:40:07.0180 0x1d38 ALG - ok
19:40:07.0214 0x1d38 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
19:40:07.0262 0x1d38 AmdK8 - ok
19:40:07.0287 0x1d38 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
19:40:07.0310 0x1d38 AmdPPM - ok
19:40:07.0324 0x1d38 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:40:07.0333 0x1d38 amdsata - ok
19:40:07.0342 0x1d38 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:40:07.0356 0x1d38 amdsbs - ok
19:40:07.0384 0x1d38 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:40:07.0393 0x1d38 amdxata - ok
19:40:07.0419 0x1d38 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
19:40:07.0487 0x1d38 AppID - ok
19:40:07.0498 0x1d38 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:40:07.0522 0x1d38 AppIDSvc - ok
19:40:07.0542 0x1d38 [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\Windows\System32\appinfo.dll
19:40:07.0701 0x1d38 Appinfo - ok
19:40:07.0748 0x1d38 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
19:40:07.0833 0x1d38 AppReadiness - ok
19:40:07.0875 0x1d38 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
19:40:08.0002 0x1d38 AppXSvc - ok
19:40:08.0014 0x1d38 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:40:08.0025 0x1d38 arcsas - ok
19:40:08.0102 0x1d38 [ 564CB886D1A968B9798C1AB03F4EB54F, F7F73E5C17C0848462860E367215F5D9D4C52E1AA26B3154EC60BA14CBD56556 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
19:40:08.0111 0x1d38 ASLDRService - ok
19:40:08.0133 0x1d38 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:40:08.0150 0x1d38 ASMMAP64 - ok
19:40:08.0184 0x1d38 [ DB5610839DBEBE48AA963DFA96FD7103, AADB0D5BFE8C28E31266FA48FEE41B82DC8B5D6F3E12238AD3E06C800F2D72A8 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
19:40:08.0206 0x1d38 Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
19:40:08.0267 0x1d38 Detect skipped due to KSN trusted
19:40:08.0267 0x1d38 Asus WebStorage Windows Service - ok
19:40:08.0286 0x1d38 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
19:40:08.0294 0x1d38 atapi - ok
19:40:08.0412 0x1d38 [ D9627C9671ECC9F808503102CA7AD6C9, 42E93B12367313A1847FAEFDE51B60AFC282309111B77167D7D5E6F1D8FA4A25 ] athr C:\Windows\system32\DRIVERS\athwbx.sys
19:40:08.0560 0x1d38 athr - ok
19:40:08.0577 0x1d38 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
19:40:08.0584 0x1d38 ATKGFNEXSrv - ok
19:40:08.0610 0x1d38 [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:40:08.0665 0x1d38 ATKWMIACPIIO - ok
19:40:08.0693 0x1d38 [ 356DF170C97E3E52D027CFF5812CBFD4, 02AB1861FFEC4EB1971E77C7677C7947C9C8D4CD192A8CBB5C99E3FDDD57EEA5 ] ATP C:\Windows\System32\drivers\AsusTP.sys
19:40:08.0730 0x1d38 ATP - ok
19:40:08.0764 0x1d38 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:40:08.0812 0x1d38 AudioEndpointBuilder - ok
19:40:08.0846 0x1d38 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:40:08.0882 0x1d38 Audiosrv - ok
19:40:08.0920 0x1d38 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:40:08.0963 0x1d38 AxInstSV - ok
19:40:09.0003 0x1d38 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:40:09.0024 0x1d38 b06bdrv - ok
19:40:09.0040 0x1d38 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
19:40:09.0113 0x1d38 BasicDisplay - ok
19:40:09.0163 0x1d38 [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
19:40:09.0232 0x1d38 BasicRender - ok
19:40:09.0252 0x1d38 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
19:40:09.0272 0x1d38 bcmfn2 - ok
19:40:09.0310 0x1d38 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
19:40:09.0389 0x1d38 BDESVC - ok
19:40:09.0408 0x1d38 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
19:40:09.0475 0x1d38 Beep - ok
19:40:09.0559 0x1d38 [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:40:09.0747 0x1d38 BEService - ok
19:40:09.0796 0x1d38 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\Windows\System32\bfe.dll
19:40:09.0897 0x1d38 BFE - ok
19:40:09.0943 0x1d38 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
19:40:10.0063 0x1d38 BITS - ok
19:40:10.0115 0x1d38 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:40:10.0129 0x1d38 Bonjour Service - ok
19:40:10.0156 0x1d38 [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:40:10.0343 0x1d38 bowser - ok
19:40:10.0387 0x1d38 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:40:10.0486 0x1d38 BrokerInfrastructure - ok
19:40:10.0512 0x1d38 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
19:40:10.0590 0x1d38 Browser - ok
19:40:10.0645 0x1d38 [ 6BCB49FC7819FD27FF1D58DC501B3AFF, 67D75A259B1246B2D03036919279386CBC10A4781CDE32DD0C52F013CF0F4E31 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
19:40:10.0660 0x1d38 BstHdAndroidSvc - ok
19:40:10.0692 0x1d38 [ 165CE3A95700E82E68C008386A485737, 9926F260E3F8589A38E65ED474A347FB59A5256F2B84B61612A13165E2E96152 ] BstHdDrv C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
19:40:10.0701 0x1d38 BstHdDrv - ok
19:40:10.0732 0x1d38 [ 8E82A346573847BB2EE786AEE01A7059, 3C870FF83F1EF5F13C8257422EC8DE5ABDE7C0CDFFBE3AA8E1995F9824E29AA6 ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
19:40:10.0747 0x1d38 BstHdLogRotatorSvc - ok
19:40:10.0776 0x1d38 [ AC50E24F12AE6E26F2262BFEEBFAB7F6, 9E52A2AE91093104E76189B3336047CBAD4C3A4AAE10B83B991EE01A01275AD5 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
19:40:10.0791 0x1d38 BstHdPlusAndroidSvc - ok
19:40:10.0815 0x1d38 [ 2C6666644FD22060F6B887C70C3F1D6C, 625E7BF27487564BBBB5F08DBE78D282D026F22C97F7B0E4A2FF8DF3F58ECA99 ] BstkDrv C:\Program Files (x86)\Bluestacks\BstkDrv.sys
19:40:10.0827 0x1d38 BstkDrv - ok
19:40:10.0864 0x1d38 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
19:40:10.0938 0x1d38 BthAvrcpTg - ok
19:40:10.0974 0x1d38 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
19:40:11.0093 0x1d38 BthEnum - ok
19:40:11.0119 0x1d38 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
19:40:11.0166 0x1d38 BthHFEnum - ok
19:40:11.0171 0x1d38 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
19:40:11.0196 0x1d38 bthhfhid - ok
19:40:11.0233 0x1d38 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
19:40:11.0267 0x1d38 BthHFSrv - ok
19:40:11.0290 0x1d38 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
19:40:11.0361 0x1d38 BTHMODEM - ok
19:40:11.0398 0x1d38 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
19:40:11.0451 0x1d38 BthPan - ok
19:40:11.0497 0x1d38 [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:40:11.0568 0x1d38 BTHPORT - ok
19:40:11.0601 0x1d38 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
19:40:11.0690 0x1d38 bthserv - ok
19:40:11.0734 0x1d38 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:40:11.0790 0x1d38 BTHUSB - ok
19:40:11.0820 0x1d38 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:40:11.0889 0x1d38 cdfs - ok
19:40:11.0906 0x1d38 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
19:40:11.0931 0x1d38 cdrom - ok
19:40:11.0967 0x1d38 [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc C:\Windows\System32\certprop.dll
19:40:12.0022 0x1d38 CertPropSvc - ok
19:40:12.0041 0x1d38 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
19:40:12.0066 0x1d38 circlass - ok
19:40:12.0104 0x1d38 [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\Windows\system32\drivers\CLFS.sys
19:40:12.0121 0x1d38 CLFS - ok
19:40:12.0791 0x1d38 [ 11D080DAE23758FF6AC272ADC4C89339, BE6329D6110A8F49A178A5FF3BFFE0AA3BE648B67FC14DBF02E094D2D629D748 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:40:12.0880 0x1d38 ClickToRunSvc - ok
19:40:12.0943 0x1d38 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
19:40:13.0006 0x1d38 CmBatt - ok
19:40:13.0057 0x1d38 [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG C:\Windows\system32\Drivers\cng.sys
19:40:13.0079 0x1d38 CNG - ok
19:40:13.0112 0x1d38 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
19:40:13.0136 0x1d38 CompositeBus - ok
19:40:13.0139 0x1d38 COMSysApp - ok
19:40:13.0159 0x1d38 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
19:40:13.0224 0x1d38 condrv - ok
19:40:13.0294 0x1d38 [ 914FF716A3F667CD10B7C35630C3DF94, 6BFBFEDF85AA2ADD6C6C77F8D5C54EE1FC85516349763059082CDF840E990BC6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:40:13.0552 0x1d38 cphs - ok
19:40:13.0588 0x1d38 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:40:13.0696 0x1d38 CryptSvc - ok
19:40:13.0715 0x1d38 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
19:40:13.0724 0x1d38 dam - ok
19:40:13.0828 0x1d38 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:40:13.0836 0x1d38 dbupdate - ok
19:40:13.0841 0x1d38 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:40:13.0850 0x1d38 dbupdatem - ok
19:40:13.0853 0x1d38 dbx - ok
19:40:13.0877 0x1d38 [ B8F34CB79DF33C1A613709D99F4BFE77, 686E4E071EA43C122B0BE41C471220DE9BB31A3D5FEB30079C058FCA02FF3A59 ] DbxSvc C:\Windows\system32\DbxSvc.exe
19:40:13.0918 0x1d38 DbxSvc - ok
19:40:13.0961 0x1d38 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:40:14.0066 0x1d38 DcomLaunch - ok
19:40:14.0117 0x1d38 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
19:40:14.0210 0x1d38 defragsvc - ok
19:40:14.0253 0x1d38 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
19:40:14.0298 0x1d38 DeviceAssociationService - ok
19:40:14.0339 0x1d38 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
19:40:14.0380 0x1d38 DeviceInstall - ok
19:40:14.0413 0x1d38 [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
19:40:14.0454 0x1d38 Dfsc - ok
19:40:14.0483 0x1d38 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:40:14.0494 0x1d38 dg_ssudbus - ok
19:40:14.0513 0x1d38 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
19:40:14.0597 0x1d38 Dhcp - ok
19:40:14.0670 0x1d38 [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll
19:40:14.0781 0x1d38 DiagTrack - ok
19:40:14.0805 0x1d38 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\Windows\system32\drivers\disk.sys
19:40:14.0816 0x1d38 disk - ok
19:40:14.0845 0x1d38 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
19:40:14.0907 0x1d38 dmvsc - ok
19:40:14.0957 0x1d38 [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:40:15.0114 0x1d38 Dnscache - ok
19:40:15.0151 0x1d38 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
19:40:15.0217 0x1d38 dot3svc - ok
19:40:15.0249 0x1d38 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
19:40:15.0281 0x1d38 DPS - ok
19:40:15.0304 0x1d38 [ 4C1DDFC71179C642E86DB4A321724797, 7B57E45C4301F546CB1194FC028BA091D8495B98B5CB0E12F1819371774AF628 ] dptf_cpu C:\Windows\System32\drivers\dptf_cpu.sys
19:40:15.0326 0x1d38 dptf_cpu - ok
19:40:15.0341 0x1d38 [ E3F0EE3422AE6448982C4AEB725A09E2, 00A22AA06D6F1BB21F4A7E170604D3FD72E5CDF1B570301454837CC578A1C769 ] dptf_pch C:\Windows\System32\drivers\dptf_pch.sys
19:40:15.0361 0x1d38 dptf_pch - ok
19:40:15.0404 0x1d38 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:40:15.0411 0x1d38 drmkaud - ok
19:40:15.0448 0x1d38 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
19:40:15.0462 0x1d38 DsmSvc - ok
19:40:15.0522 0x1d38 [ E7100B511A7AC0422C3E5CC4D1DDC0A5, 7C4166096B824168FADD4B7222E25104DE9B81E2549B6F96F91340BD42AE7D74 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:40:15.0567 0x1d38 DXGKrnl - ok
19:40:15.0607 0x1d38 [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\Windows\system32\DRIVERS\e1i63x64.sys
19:40:15.0633 0x1d38 e1iexpress - ok
19:40:15.0661 0x1d38 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
19:40:15.0710 0x1d38 Eaphost - ok
19:40:15.0814 0x1d38 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:40:15.0902 0x1d38 ebdrv - ok
19:40:15.0933 0x1d38 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
19:40:15.0942 0x1d38 EFS - ok
19:40:15.0954 0x1d38 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
19:40:15.0965 0x1d38 EhStorClass - ok
19:40:15.0983 0x1d38 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:40:15.0994 0x1d38 EhStorTcgDrv - ok
19:40:15.0999 0x1d38 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
19:40:16.0021 0x1d38 ErrDev - ok
19:40:16.0106 0x1d38 [ 127C81F616E8CB699CFC16B0A2AF412C, 62C450228BFD0B1C6EB286230E13192F682F9738F8E668E1A390B1A250281FA1 ] esifsvc C:\Windows\SysWOW64\esif_uf.exe
19:40:16.0225 0x1d38 esifsvc - ok
19:40:16.0245 0x1d38 [ C7BB8A4F62C7B23D4548B465688A1CCF, FC824630149593FE9D469D5D7536B277EC0138F8B52980822488F9B43DFFFD32 ] esif_lf C:\Windows\System32\drivers\esif_lf.sys
19:40:16.0288 0x1d38 esif_lf - ok
19:40:16.0353 0x1d38 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
19:40:16.0441 0x1d38 EventSystem - ok
19:40:16.0459 0x1d38 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
19:40:16.0561 0x1d38 exfat - ok
19:40:16.0590 0x1d38 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:40:16.0604 0x1d38 fastfat - ok
19:40:16.0652 0x1d38 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
19:40:16.0745 0x1d38 Fax - ok
19:40:16.0758 0x1d38 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
19:40:16.0776 0x1d38 fdc - ok
19:40:16.0799 0x1d38 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
19:40:16.0860 0x1d38 fdPHost - ok
19:40:16.0882 0x1d38 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
19:40:16.0905 0x1d38 FDResPub - ok
19:40:16.0934 0x1d38 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
19:40:16.0995 0x1d38 fhsvc - ok
19:40:17.0000 0x1d38 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:40:17.0009 0x1d38 FileInfo - ok
19:40:17.0025 0x1d38 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:40:17.0039 0x1d38 Filetrace - ok
19:40:17.0043 0x1d38 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
19:40:17.0070 0x1d38 flpydisk - ok
19:40:17.0107 0x1d38 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:40:17.0123 0x1d38 FltMgr - ok
19:40:17.0197 0x1d38 [ 359A7382DB639FE051455D868DEFF1A0, 1FFB6D8C96D9559081092F4BCA221AF993E40388D4951F72FFE6389894465A97 ] FontCache C:\Windows\system32\FntCache.dll
19:40:17.0321 0x1d38 FontCache - ok
19:40:17.0401 0x1d38 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:40:17.0409 0x1d38 FontCache3.0.0.0 - ok
19:40:17.0444 0x1d38 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:40:17.0453 0x1d38 FsDepends - ok
19:40:17.0468 0x1d38 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:40:17.0476 0x1d38 Fs_Rec - ok
19:40:17.0522 0x1d38 [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:40:17.0545 0x1d38 fvevol - ok
19:40:17.0556 0x1d38 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
19:40:17.0582 0x1d38 FxPPM - ok
19:40:17.0587 0x1d38 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:40:17.0597 0x1d38 gagp30kx - ok
19:40:17.0677 0x1d38 [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
19:40:17.0687 0x1d38 GamesAppIntegrationService - ok
19:40:17.0709 0x1d38 [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:40:17.0788 0x1d38 GamesAppService - ok
19:40:17.0815 0x1d38 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
19:40:17.0833 0x1d38 gencounter - ok
19:40:17.0973 0x1d38 [ C6E1E9A45C8BCFD073148B6A6B038C69, EB421C687BC3A3CF97685AA598EF0C671AA74DC801185D4E3C197C1B5B24EE02 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:40:18.0005 0x1d38 GfExperienceService - ok
19:40:18.0061 0x1d38 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
19:40:18.0072 0x1d38 GPIOClx0101 - ok
19:40:18.0140 0x1d38 [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll
19:40:18.0239 0x1d38 gpsvc - ok
19:40:18.0291 0x1d38 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:18.0299 0x1d38 gupdate - ok
19:40:18.0304 0x1d38 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:18.0311 0x1d38 gupdatem - ok
19:40:18.0344 0x1d38 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:40:18.0374 0x1d38 HdAudAddService - ok
19:40:18.0387 0x1d38 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
19:40:18.0481 0x1d38 HDAudBus - ok
19:40:18.0497 0x1d38 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
19:40:18.0523 0x1d38 HidBatt - ok
19:40:18.0551 0x1d38 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
19:40:18.0570 0x1d38 HidBth - ok
19:40:18.0574 0x1d38 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
19:40:18.0596 0x1d38 hidi2c - ok
19:40:18.0600 0x1d38 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
19:40:18.0623 0x1d38 HidIr - ok
19:40:18.0654 0x1d38 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
19:40:18.0717 0x1d38 hidserv - ok
19:40:18.0742 0x1d38 [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch C:\Windows\System32\drivers\AsHIDSwitch64.sys
19:40:18.0758 0x1d38 HIDSwitch - ok
19:40:18.0798 0x1d38 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
19:40:18.0913 0x1d38 HidUsb - ok
19:40:18.0941 0x1d38 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
19:40:18.0987 0x1d38 hkmsvc - ok
19:40:19.0016 0x1d38 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:40:19.0067 0x1d38 HomeGroupListener - ok
19:40:19.0107 0x1d38 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:40:19.0136 0x1d38 HomeGroupProvider - ok
19:40:19.0166 0x1d38 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:40:19.0175 0x1d38 HpSAMD - ok
19:40:19.0221 0x1d38 [ 030DD4F01AF3C32BA1AD00B549156F99, 5FDF4B199FDE1110CBC9DB164001A971057C982EB6AD5542BCD74AB3446E2D70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:40:19.0253 0x1d38 HTTP - ok
19:40:19.0258 0x1d38 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:40:19.0266 0x1d38 hwpolicy - ok
19:40:19.0280 0x1d38 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
19:40:19.0292 0x1d38 hyperkbd - ok
19:40:19.0306 0x1d38 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
19:40:19.0333 0x1d38 HyperVideo - ok
19:40:19.0362 0x1d38 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
19:40:19.0450 0x1d38 i8042prt - ok
19:40:19.0465 0x1d38 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:40:19.0472 0x1d38 iaLPSSi_GPIO - ok
19:40:19.0488 0x1d38 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:40:19.0496 0x1d38 iaLPSSi_I2C - ok
19:40:19.0522 0x1d38 [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
19:40:19.0541 0x1d38 iaStorA - ok
19:40:19.0583 0x1d38 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
19:40:19.0603 0x1d38 iaStorAV - ok
19:40:19.0624 0x1d38 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:40:19.0642 0x1d38 iaStorV - ok
19:40:19.0693 0x1d38 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
19:40:19.0767 0x1d38 ICCS - ok
19:40:19.0770 0x1d38 IEEtwCollectorService - ok
19:40:19.0905 0x1d38 [ ECB36AF6AD46914933CA3F0FBA8937C1, 865204BABD6C9715C80B97E86BC93F86FEE0F16E145A1F652CAA7632FDCD424E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:40:20.0090 0x1d38 igfx - ok
19:40:20.0119 0x1d38 [ 302725501C5A7C788BDDF13E123E02F0, 8B3994A2F9C032080E9A7A5D3478F2FBDAC55E1D5817AF2A891C0E1947EFBDAB ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:40:20.0196 0x1d38 igfxCUIService1.0.0.0 - ok
19:40:20.0256 0x1d38 [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\Windows\System32\ikeext.dll
19:40:20.0310 0x1d38 IKEEXT - ok
19:40:20.0342 0x1d38 [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:40:20.0393 0x1d38 intaud_WaveExtensible - ok
19:40:20.0518 0x1d38 [ 32ECEDDBE016E7131124559A7D461054, 08E865788DAF10D055DBDE3A701F8C0DD92A7B4A2803D4B5C48D44B682C9C66E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:40:20.0685 0x1d38 IntcAzAudAddService - ok
19:40:20.0724 0x1d38 [ EA26AE512C63026756D2ACA0711BA7E5, EF77823BE2B7ED8276D04D9427354512B162D907DE68327AEC0E7208B64A61E3 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:40:20.0742 0x1d38 IntcDAud - ok
19:40:20.0815 0x1d38 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:40:21.0423 0x1d38 Intel(R) Capability Licensing Service TCP IP Interface - ok
19:40:21.0456 0x1d38 [ 02555C6B4BFC2934E9C7E5B83E4C62CF, 8E6AC57322A5B6DB38009A811702C19C2DF621A5519D0D2EB8B264A9A8F1147B ] IntelHSWPcc C:\Windows\system32\drivers\IntelPcc.sys
19:40:21.0478 0x1d38 IntelHSWPcc - ok
19:40:21.0497 0x1d38 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
19:40:21.0504 0x1d38 intelide - ok
19:40:21.0526 0x1d38 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
19:40:21.0536 0x1d38 intelpep - ok
19:40:21.0546 0x1d38 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
19:40:21.0567 0x1d38 intelppm - ok
19:40:21.0588 0x1d38 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:40:21.0649 0x1d38 IpFilterDriver - ok
19:40:21.0695 0x1d38 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:40:21.0795 0x1d38 iphlpsvc - ok
19:40:21.0830 0x1d38 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
19:40:21.0905 0x1d38 IPMIDRV - ok
19:40:21.0919 0x1d38 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:40:21.0963 0x1d38 IPNAT - ok
19:40:21.0982 0x1d38 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:40:22.0017 0x1d38 IRENUM - ok
19:40:22.0020 0x1d38 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:40:22.0029 0x1d38 isapnp - ok
19:40:22.0072 0x1d38 [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
19:40:22.0088 0x1d38 iScsiPrt - ok
19:40:22.0102 0x1d38 [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
19:40:22.0121 0x1d38 iwdbus - ok
19:40:22.0173 0x1d38 [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:40:22.0183 0x1d38 jhi_service - ok
19:40:22.0204 0x1d38 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
19:40:22.0214 0x1d38 kbdclass - ok
19:40:22.0222 0x1d38 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
19:40:22.0245 0x1d38 kbdhid - ok
19:40:22.0270 0x1d38 [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr C:\Windows\System32\drivers\kbfiltr.sys
19:40:22.0321 0x1d38 kbfiltr - ok
19:40:22.0345 0x1d38 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
19:40:22.0441 0x1d38 kdnic - ok
19:40:22.0478 0x1d38 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
19:40:22.0487 0x1d38 KeyIso - ok
19:40:22.0524 0x1d38 [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:40:22.0534 0x1d38 KSecDD - ok
19:40:22.0572 0x1d38 [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:40:22.0585 0x1d38 KSecPkg - ok
19:40:22.0592 0x1d38 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:40:22.0602 0x1d38 ksthunk - ok
19:40:22.0641 0x1d38 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:40:22.0676 0x1d38 KtmRm - ok
19:40:22.0712 0x1d38 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
19:40:22.0751 0x1d38 LanmanServer - ok
19:40:22.0795 0x1d38 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:40:22.0821 0x1d38 LanmanWorkstation - ok
19:40:22.0868 0x1d38 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
19:40:22.0953 0x1d38 lfsvc - ok
19:40:23.0015 0x1d38 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:40:23.0041 0x1d38 lltdio - ok
19:40:23.0117 0x1d38 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:40:23.0148 0x1d38 lltdsvc - ok
19:40:23.0173 0x1d38 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:40:23.0223 0x1d38 lmhosts - ok
19:40:23.0273 0x1d38 [ DBA3BC9C377A867350099D693E8A3413, F3BDF96C8A3749DDD24FB60F3220A404450C043154F49AB64B3A433EED2906FE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:40:23.0289 0x1d38 LMS - ok
19:40:23.0320 0x1d38 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:40:23.0331 0x1d38 LSI_SAS - ok
19:40:23.0335 0x1d38 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:40:23.0346 0x1d38 LSI_SAS2 - ok
19:40:23.0350 0x1d38 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
19:40:23.0360 0x1d38 LSI_SAS3 - ok
19:40:23.0365 0x1d38 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
19:40:23.0375 0x1d38 LSI_SSS - ok
19:40:23.0421 0x1d38 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
19:40:23.0520 0x1d38 LSM - ok
19:40:23.0536 0x1d38 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
19:40:23.0600 0x1d38 luafv - ok
19:40:23.0622 0x1d38 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:40:23.0629 0x1d38 MBAMProtector - ok
19:40:23.0716 0x1d38 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:40:23.0746 0x1d38 MBAMService - ok
19:40:23.0815 0x1d38 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:40:23.0824 0x1d38 MBAMSwissArmy - ok
19:40:23.0846 0x1d38 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:40:23.0852 0x1d38 MBAMWebAccessControl - ok
19:40:23.0861 0x1d38 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
19:40:23.0869 0x1d38 megasas - ok
19:40:23.0895 0x1d38 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
19:40:23.0917 0x1d38 megasr - ok
19:40:23.0947 0x1d38 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:40:23.0971 0x1d38 MEIx64 - ok
19:40:23.0999 0x1d38 [ 24AEBF843F88CF0A5B455F483F8F0100, 5E29549F6074997910271B838A77EDF2878D2D3B4B751813592F1C6EEA8112E7 ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
19:40:24.0010 0x1d38 mfeelamk - ok
19:40:24.0038 0x1d38 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
19:40:24.0110 0x1d38 MMCSS - ok
19:40:24.0114 0x1d38 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
19:40:24.0126 0x1d38 Modem - ok
19:40:24.0143 0x1d38 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
19:40:24.0229 0x1d38 monitor - ok
19:40:24.0240 0x1d38 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
19:40:24.0249 0x1d38 mouclass - ok
19:40:24.0276 0x1d38 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
19:40:24.0314 0x1d38 mouhid - ok
19:40:24.0355 0x1d38 [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:40:24.0365 0x1d38 mountmgr - ok
19:40:24.0398 0x1d38 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:40:24.0440 0x1d38 mpsdrv - ok
19:40:24.0491 0x1d38 [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:40:24.0545 0x1d38 MpsSvc - ok
19:40:24.0571 0x1d38 [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:40:24.0693 0x1d38 MRxDAV - ok
19:40:24.0727 0x1d38 [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:40:24.0761 0x1d38 mrxsmb - ok
19:40:24.0787 0x1d38 [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:40:24.0895 0x1d38 mrxsmb10 - ok
19:40:24.0914 0x1d38 [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:40:24.0938 0x1d38 mrxsmb20 - ok
19:40:24.0970 0x1d38 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
19:40:24.0981 0x1d38 MsBridge - ok
19:40:25.0018 0x1d38 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
19:40:25.0031 0x1d38 MSDTC - ok
19:40:25.0045 0x1d38 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:40:25.0066 0x1d38 Msfs - ok
19:40:25.0092 0x1d38 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
19:40:25.0101 0x1d38 msgpiowin32 - ok
19:40:25.0114 0x1d38 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:40:25.0123 0x1d38 mshidkmdf - ok
19:40:25.0140 0x1d38 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
19:40:25.0161 0x1d38 mshidumdf - ok
19:40:25.0175 0x1d38 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:40:25.0183 0x1d38 msisadrv - ok
19:40:25.0212 0x1d38 [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:40:25.0354 0x1d38 MSiSCSI - ok
19:40:25.0357 0x1d38 msiserver - ok
19:40:25.0372 0x1d38 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:40:25.0382 0x1d38 MSKSSRV - ok
19:40:25.0417 0x1d38 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
19:40:25.0479 0x1d38 MsLldp - ok
19:40:25.0498 0x1d38 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:40:25.0522 0x1d38 MSPCLOCK - ok
19:40:25.0525 0x1d38 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:40:25.0541 0x1d38 MSPQM - ok
19:40:25.0562 0x1d38 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:40:25.0579 0x1d38 MsRPC - ok
19:40:25.0596 0x1d38 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
19:40:25.0606 0x1d38 mssmbios - ok
19:40:25.0620 0x1d38 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:40:25.0658 0x1d38 MSTEE - ok
19:40:25.0670 0x1d38 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
19:40:25.0679 0x1d38 MTConfig - ok
19:40:25.0705 0x1d38 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
19:40:25.0715 0x1d38 Mup - ok
19:40:25.0725 0x1d38 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
19:40:25.0734 0x1d38 mvumis - ok
19:40:25.0770 0x1d38 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
19:40:25.0796 0x1d38 napagent - ok
19:40:25.0840 0x1d38 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:40:25.0890 0x1d38 NativeWifiP - ok
19:40:25.0920 0x1d38 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
19:40:25.0959 0x1d38 NcaSvc - ok
19:40:25.0986 0x1d38 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
19:40:26.0125 0x1d38 NcbService - ok
19:40:26.0149 0x1d38 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
19:40:26.0206 0x1d38 NcdAutoSetup - ok
19:40:26.0259 0x1d38 [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:40:26.0294 0x1d38 NDIS - ok
19:40:26.0323 0x1d38 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:40:26.0350 0x1d38 NdisCap - ok
19:40:26.0376 0x1d38 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
19:40:26.0423 0x1d38 NdisImPlatform - ok
19:40:26.0439 0x1d38 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:40:26.0474 0x1d38 NdisTapi - ok
19:40:26.0502 0x1d38 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:40:26.0590 0x1d38 Ndisuio - ok
19:40:26.0604 0x1d38 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
19:40:26.0623 0x1d38 NdisVirtualBus - ok
19:40:26.0655 0x1d38 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:40:26.0700 0x1d38 NdisWan - ok
19:40:26.0706 0x1d38 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
19:40:26.0718 0x1d38 NdisWanLegacy - ok
19:40:26.0750 0x1d38 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:40:26.0777 0x1d38 NDProxy - ok
19:40:26.0794 0x1d38 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
19:40:26.0869 0x1d38 Ndu - ok
19:40:26.0894 0x1d38 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:40:26.0920 0x1d38 NetBIOS - ok
19:40:26.0954 0x1d38 [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:40:27.0007 0x1d38 NetBT - ok
19:40:27.0026 0x1d38 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
19:40:27.0035 0x1d38 Netlogon - ok
19:40:27.0071 0x1d38 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
19:40:27.0086 0x1d38 Netman - ok
19:40:27.0135 0x1d38 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
19:40:27.0167 0x1d38 netprofm - ok
19:40:27.0215 0x1d38 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:40:27.0271 0x1d38 NetTcpPortSharing - ok
19:40:27.0302 0x1d38 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
19:40:27.0381 0x1d38 netvsc - ok
19:40:27.0661 0x1d38 [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
19:40:27.0940 0x1d38 NETwNs64 - ok
19:40:27.0983 0x1d38 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
19:40:28.0058 0x1d38 NlaSvc - ok
19:40:28.0086 0x1d38 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:40:28.0105 0x1d38 Npfs - ok
19:40:28.0107 0x1d38 npggsvc - ok
19:40:28.0121 0x1d38 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
19:40:28.0186 0x1d38 npsvctrig - ok
19:40:28.0218 0x1d38 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
19:40:28.0356 0x1d38 nsi - ok
19:40:28.0384 0x1d38 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:40:28.0394 0x1d38 nsiproxy - ok
19:40:28.0476 0x1d38 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:40:28.0535 0x1d38 Ntfs - ok
19:40:28.0556 0x1d38 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
19:40:28.0579 0x1d38 Null - ok
19:40:28.0879 0x1d38 [ DA35308DEDB50C91EFD46B42F991DE26, 86E72D446014ED655E3DD2BB85A1A21BF0BF3C0EE5266E8E3D893FCDE25F9BE4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:40:29.0201 0x1d38 nvlddmkm - ok
19:40:29.0307 0x1d38 [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:40:29.0357 0x1d38 NvNetworkService - ok
19:40:29.0385 0x1d38 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:40:29.0396 0x1d38 nvraid - ok
19:40:29.0402 0x1d38 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:40:29.0415 0x1d38 nvstor - ok
19:40:29.0446 0x1d38 [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:40:29.0452 0x1d38 NvStreamKms - ok
19:40:29.0558 0x1d38 [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:40:29.0641 0x1d38 NvStreamNetworkSvc - ok
19:40:29.0692 0x1d38 [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:40:29.0751 0x1d38 NvStreamSvc - ok
19:40:29.0804 0x1d38 [ A9FE27CA00E66C455520E8B75883B630, D2FEFC75C0881ECC0A80EA2DD92DD9D2A28EB26F81085F8C17DCEA3F717D86E9 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:40:29.0838 0x1d38 nvsvc - ok
19:40:29.0868 0x1d38 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:40:29.0877 0x1d38 nvvad_WaveExtensible - ok
19:40:29.0882 0x1d38 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:40:29.0893 0x1d38 nv_agp - ok
19:40:29.0989 0x1d38 [ 42467D28DCFAEDBA6DC0EE30017DDECE, C77430D4AE994E526B293957303AB725E09C3D3712562E3FA1B0EA68CFEE6C34 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:40:30.0206 0x1d38 Origin Client Service - ok
19:40:30.0274 0x1d38 [ CD8AC370189D6B4A899D9E9C011D58AC, 158757A34AC35BCFDA6ECE5D2C8E695A26DA864E15D855938FE6B6EB7416CEE9 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
19:40:30.0398 0x1d38 Origin Web Helper Service - ok
19:40:30.0480 0x1d38 [ F0DFE1E16F11D18898610A28F9AC3EB7, 658D1084F2328B87ACBFF490657A6C8630BCBFC47D303FDC60AC3E186FE0FE4B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:40:30.0491 0x1d38 ose - ok
19:40:30.0634 0x1d38 [ 931511E896BFD07E7AF9E8D986CAAB02, C22CDCB1B42AFC20D474F5FD32EB7F3FD7DC15C9C7C1ACB2E9C312CE7BB84C66 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
19:40:30.0673 0x1d38 OverwolfUpdater - ok
19:40:30.0715 0x1d38 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:40:30.0775 0x1d38 p2pimsvc - ok
19:40:30.0810 0x1d38 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
19:40:30.0852 0x1d38 p2psvc - ok
19:40:30.0889 0x1d38 [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys
19:40:31.0081 0x1d38 Parport - ok
19:40:31.0118 0x1d38 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:40:31.0128 0x1d38 partmgr - ok
19:40:31.0169 0x1d38 [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:40:31.0229 0x1d38 PcaSvc - ok
19:40:31.0257 0x1d38 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
19:40:31.0273 0x1d38 pci - ok
19:40:31.0303 0x1d38 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
19:40:31.0311 0x1d38 pciide - ok
19:40:31.0326 0x1d38 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:40:31.0336 0x1d38 pcmcia - ok
19:40:31.0358 0x1d38 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
19:40:31.0367 0x1d38 pcw - ok
19:40:31.0396 0x1d38 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
19:40:31.0406 0x1d38 pdc - ok
19:40:31.0422 0x1d38 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:40:31.0488 0x1d38 PEAUTH - ok
19:40:31.0547 0x1d38 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:40:31.0643 0x1d38 PerfHost - ok
19:40:31.0719 0x1d38 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
19:40:31.0770 0x1d38 pla - ok
19:40:31.0840 0x1d38 [ 91B93EF867E5A0D782BEB7C31F29598D, 16E1F87233164E2D3CF24D17F383C96E57A95B215EC46880EF2CD4F139103B1C ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
19:40:31.0959 0x1d38 PlaysService - ok
19:40:31.0999 0x1d38 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:40:32.0010 0x1d38 PlugPlay - ok
19:40:32.0057 0x1d38 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:40:32.0066 0x1d38 PNRPAutoReg - ok
19:40:32.0113 0x1d38 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:40:32.0129 0x1d38 PNRPsvc - ok
19:40:32.0176 0x1d38 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:40:32.0239 0x1d38 PolicyAgent - ok
19:40:32.0273 0x1d38 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
19:40:32.0384 0x1d38 Power - ok
19:40:32.0500 0x1d38 [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:40:32.0769 0x1d38 PrintNotify - ok
19:40:32.0824 0x1d38 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
19:40:32.0894 0x1d38 Processor - ok
19:40:32.0921 0x1d38 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
19:40:32.0992 0x1d38 ProfSvc - ok
19:40:33.0022 0x1d38 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:40:33.0044 0x1d38 Psched - ok
19:40:33.0071 0x1d38 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
19:40:33.0118 0x1d38 QWAVE - ok
19:40:33.0152 0x1d38 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:40:33.0178 0x1d38 QWAVEdrv - ok
19:40:33.0203 0x1d38 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:40:33.0223 0x1d38 RasAcd - ok
19:40:33.0253 0x1d38 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
19:40:33.0280 0x1d38 RasAuto - ok
19:40:33.0319 0x1d38 [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\Windows\System32\rasmans.dll
19:40:33.0385 0x1d38 RasMan - ok
19:40:33.0404 0x1d38 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:40:33.0429 0x1d38 RasPppoe - ok
19:40:33.0468 0x1d38 [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:40:33.0599 0x1d38 rdbss - ok
19:40:33.0612 0x1d38 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
19:40:33.0669 0x1d38 rdpbus - ok
19:40:33.0683 0x1d38 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:40:33.0788 0x1d38 RDPDR - ok
19:40:33.0819 0x1d38 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:40:33.0827 0x1d38 RdpVideoMiniport - ok
19:40:33.0845 0x1d38 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:40:33.0859 0x1d38 rdyboost - ok
19:40:33.0906 0x1d38 [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
19:40:33.0937 0x1d38 ReFS - ok
19:40:33.0975 0x1d38 [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:40:33.0998 0x1d38 RemoteAccess - ok
19:40:34.0029 0x1d38 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:40:34.0087 0x1d38 RemoteRegistry - ok
19:40:34.0117 0x1d38 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
19:40:34.0140 0x1d38 RFCOMM - ok
19:40:34.0178 0x1d38 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:40:34.0199 0x1d38 RpcEptMapper - ok
19:40:34.0227 0x1d38 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
19:40:34.0282 0x1d38 RpcLocator - ok
19:40:34.0328 0x1d38 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\Windows\system32\rpcss.dll
19:40:34.0354 0x1d38 RpcSs - ok
19:40:34.0359 0x1d38 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:40:34.0382 0x1d38 rspndr - ok
19:40:34.0416 0x1d38 [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
19:40:34.0442 0x1d38 RSUSBVSTOR - ok
19:40:34.0479 0x1d38 [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
19:40:34.0516 0x1d38 RTL8168 - ok
19:40:34.0546 0x1d38 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
19:40:34.0554 0x1d38 s3cap - ok
19:40:34.0580 0x1d38 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
19:40:34.0589 0x1d38 SamSs - ok
19:40:34.0610 0x1d38 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:40:34.0621 0x1d38 sbp2port - ok
19:40:34.0654 0x1d38 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:40:34.0692 0x1d38 SCardSvr - ok
19:40:34.0721 0x1d38 [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
19:40:34.0733 0x1d38 ScDeviceEnum - ok
19:40:34.0763 0x1d38 [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:40:34.0790 0x1d38 scfilter - ok
19:40:34.0844 0x1d38 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
19:40:34.0930 0x1d38 Schedule - ok
19:40:34.0952 0x1d38 [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:40:34.0962 0x1d38 SCPolicySvc - ok
19:40:35.0000 0x1d38 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
19:40:35.0015 0x1d38 sdbus - ok
19:40:35.0020 0x1d38 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
19:40:35.0030 0x1d38 sdstor - ok
19:40:35.0061 0x1d38 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:40:35.0117 0x1d38 secdrv - ok
19:40:35.0152 0x1d38 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
19:40:35.0211 0x1d38 seclogon - ok
19:40:35.0239 0x1d38 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
19:40:35.0279 0x1d38 SENS - ok
19:40:35.0311 0x1d38 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:40:35.0381 0x1d38 SensrSvc - ok
19:40:35.0394 0x1d38 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
19:40:35.0403 0x1d38 SerCx - ok
19:40:35.0409 0x1d38 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
19:40:35.0420 0x1d38 SerCx2 - ok
19:40:35.0453 0x1d38 [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys
19:40:35.0476 0x1d38 Serenum - ok
19:40:35.0493 0x1d38 [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys
19:40:35.0518 0x1d38 Serial - ok
19:40:35.0540 0x1d38 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
19:40:35.0560 0x1d38 sermouse - ok
19:40:35.0621 0x1d38 [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv C:\Windows\system32\sessenv.dll
19:40:35.0663 0x1d38 SessionEnv - ok
19:40:35.0667 0x1d38 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
19:40:35.0694 0x1d38 sfloppy - ok
19:40:35.0731 0x1d38 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:40:35.0760 0x1d38 SharedAccess - ok
19:40:35.0832 0x1d38 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:40:35.0909 0x1d38 ShellHWDetection - ok
19:40:35.0914 0x1d38 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:40:35.0923 0x1d38 SiSRaid2 - ok
19:40:35.0945 0x1d38 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:40:35.0954 0x1d38 SiSRaid4 - ok
19:40:35.0983 0x1d38 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
19:40:36.0166 0x1d38 smphost - ok
19:40:36.0201 0x1d38 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:40:36.0223 0x1d38 SNMPTRAP - ok
19:40:36.0263 0x1d38 [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport C:\Windows\system32\drivers\spaceport.sys
19:40:36.0283 0x1d38 spaceport - ok
19:40:36.0288 0x1d38 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
19:40:36.0297 0x1d38 SpbCx - ok
19:40:36.0348 0x1d38 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
19:40:36.0439 0x1d38 Spooler - ok
19:40:36.0612 0x1d38 [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
19:40:36.0785 0x1d38 sppsvc - ok
19:40:36.0827 0x1d38 [ D10F18E3287374D3B40D41C1651355DE, 6DF4A00FAB90EBA65B2D3008103960EA9E9308DADB1F3E9B3D4CB3F812FBF1D2 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:40:36.0889 0x1d38 srv - ok
19:40:36.0918 0x1d38 [ E6520A3B215FAFBF23E24AB22C44F973, 2D3B771CA20B77D31DFE211EC999B27F6D17A07B7C767F265A4FDFBF1AE17D1D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:40:37.0025 0x1d38 srv2 - ok
19:40:37.0060 0x1d38 [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:40:37.0147 0x1d38 srvnet - ok
19:40:37.0188 0x1d38 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:40:37.0213 0x1d38 SSDPSRV - ok
19:40:37.0242 0x1d38 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:40:37.0268 0x1d38 SstpSvc - ok
19:40:37.0300 0x1d38 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:40:37.0313 0x1d38 ssudmdm - ok
19:40:37.0412 0x1d38 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:40:37.0760 0x1d38 Steam Client Service - ok
19:40:37.0799 0x1d38 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:40:37.0808 0x1d38 stexstor - ok
19:40:37.0850 0x1d38 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
19:40:37.0936 0x1d38 stisvc - ok
19:40:37.0953 0x1d38 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
19:40:37.0963 0x1d38 storahci - ok
19:40:37.0992 0x1d38 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:40:38.0001 0x1d38 storflt - ok
19:40:38.0033 0x1d38 [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\Windows\system32\drivers\stornvme.sys
19:40:38.0042 0x1d38 stornvme - ok
19:40:38.0076 0x1d38 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
19:40:38.0143 0x1d38 StorSvc - ok
19:40:38.0147 0x1d38 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:40:38.0156 0x1d38 storvsc - ok
19:40:38.0186 0x1d38 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
19:40:38.0227 0x1d38 svsvc - ok
19:40:38.0257 0x1d38 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
19:40:38.0265 0x1d38 swenum - ok
19:40:38.0308 0x1d38 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
19:40:38.0351 0x1d38 swprv - ok
19:40:38.0410 0x1d38 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
19:40:38.0487 0x1d38 SysMain - ok
19:40:38.0519 0x1d38 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:40:38.0559 0x1d38 SystemEventsBroker - ok
19:40:38.0599 0x1d38 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:40:38.0671 0x1d38 TabletInputService - ok
19:40:38.0702 0x1d38 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
19:40:38.0738 0x1d38 TapiSrv - ok
19:40:38.0826 0x1d38 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:40:38.0894 0x1d38 Tcpip - ok
19:40:38.0944 0x1d38 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:40:39.0006 0x1d38 TCPIP6 - ok
19:40:39.0041 0x1d38 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:40:39.0072 0x1d38 tcpipreg - ok
19:40:39.0096 0x1d38 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:40:39.0117 0x1d38 tdx - ok
19:40:39.0138 0x1d38 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
19:40:39.0146 0x1d38 terminpt - ok
19:40:39.0198 0x1d38 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
19:40:39.0318 0x1d38 TermService - ok
19:40:39.0359 0x1d38 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
19:40:39.0383 0x1d38 Themes - ok
19:40:39.0414 0x1d38 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
19:40:39.0424 0x1d38 THREADORDER - ok
19:40:39.0464 0x1d38 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
19:40:39.0494 0x1d38 TimeBroker - ok
19:40:39.0515 0x1d38 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
19:40:39.0529 0x1d38 TPM - ok
19:40:39.0564 0x1d38 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
19:40:39.0591 0x1d38 TrkWks - ok
19:40:39.0639 0x1d38 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:40:39.0691 0x1d38 TrustedInstaller - ok
19:40:39.0719 0x1d38 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:40:39.0776 0x1d38 TsUsbFlt - ok
19:40:39.0804 0x1d38 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
19:40:39.0852 0x1d38 TsUsbGD - ok
19:40:39.0882 0x1d38 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:40:39.0924 0x1d38 tunnel - ok
19:40:39.0947 0x1d38 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:40:39.0956 0x1d38 uagp35 - ok
19:40:39.0976 0x1d38 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
19:40:39.0987 0x1d38 UASPStor - ok
19:40:40.0021 0x1d38 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
19:40:40.0034 0x1d38 UCX01000 - ok
19:40:40.0056 0x1d38 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:40:40.0155 0x1d38 udfs - ok
19:40:40.0180 0x1d38 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
19:40:40.0188 0x1d38 UEFI - ok
19:40:40.0221 0x1d38 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:40:40.0250 0x1d38 UI0Detect - ok
19:40:40.0254 0x1d38 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:40:40.0263 0x1d38 uliagpkx - ok
19:40:40.0279 0x1d38 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
19:40:40.0289 0x1d38 umbus - ok
19:40:40.0292 0x1d38 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
19:40:40.0309 0x1d38 UmPass - ok
19:40:40.0344 0x1d38 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
19:40:40.0422 0x1d38 UmRdpService - ok
19:40:40.0464 0x1d38 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
19:40:40.0499 0x1d38 upnphost - ok
19:40:40.0522 0x1d38 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:40:40.0582 0x1d38 usbaudio - ok
19:40:40.0589 0x1d38 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
19:40:40.0601 0x1d38 usbccgp - ok
19:40:40.0640 0x1d38 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
19:40:40.0665 0x1d38 usbcir - ok
19:40:40.0702 0x1d38 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
19:40:40.0713 0x1d38 usbehci - ok
19:40:40.0758 0x1d38 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
19:40:40.0780 0x1d38 usbhub - ok
19:40:40.0842 0x1d38 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
19:40:40.0863 0x1d38 USBHUB3 - ok
19:40:40.0881 0x1d38 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
19:40:40.0996 0x1d38 usbohci - ok
19:40:41.0015 0x1d38 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
19:40:41.0083 0x1d38 usbprint - ok
19:40:41.0112 0x1d38 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
19:40:41.0125 0x1d38 USBSTOR - ok
19:40:41.0139 0x1d38 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
19:40:41.0160 0x1d38 usbuhci - ok
19:40:41.0188 0x1d38 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:40:41.0217 0x1d38 usbvideo - ok
19:40:41.0253 0x1d38 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
19:40:41.0270 0x1d38 USBXHCI - ok
19:40:41.0281 0x1d38 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
19:40:41.0290 0x1d38 VaultSvc - ok
19:40:41.0302 0x1d38 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:40:41.0311 0x1d38 vdrvroot - ok
19:40:41.0370 0x1d38 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
19:40:41.0417 0x1d38 vds - ok
19:40:41.0425 0x1d38 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
19:40:41.0437 0x1d38 VerifierExt - ok
19:40:41.0490 0x1d38 [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
19:40:41.0515 0x1d38 vhdmp - ok
19:40:41.0535 0x1d38 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
19:40:41.0543 0x1d38 viaide - ok
19:40:41.0569 0x1d38 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:40:41.0578 0x1d38 vmbus - ok
19:40:41.0597 0x1d38 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
19:40:41.0606 0x1d38 VMBusHID - ok
19:40:41.0609 0x1d38 vmci - ok
19:40:41.0647 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
19:40:41.0683 0x1d38 vmicguestinterface - ok
19:40:41.0694 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
19:40:41.0712 0x1d38 vmicheartbeat - ok
19:40:41.0725 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:40:41.0743 0x1d38 vmickvpexchange - ok
19:40:41.0755 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
19:40:41.0773 0x1d38 vmicrdv - ok
19:40:41.0785 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
19:40:41.0803 0x1d38 vmicshutdown - ok
19:40:41.0815 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
19:40:41.0833 0x1d38 vmictimesync - ok
19:40:41.0845 0x1d38 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
19:40:41.0863 0x1d38 vmicvss - ok
19:40:41.0867 0x1d38 VMnetAdapter - ok
19:40:41.0907 0x1d38 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:40:41.0917 0x1d38 volmgr - ok
19:40:41.0927 0x1d38 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:40:41.0944 0x1d38 volmgrx - ok
19:40:41.0988 0x1d38 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:40:42.0005 0x1d38 volsnap - ok
19:40:42.0029 0x1d38 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
19:40:42.0038 0x1d38 vpci - ok
19:40:42.0053 0x1d38 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:40:42.0065 0x1d38 vsmraid - ok
19:40:42.0127 0x1d38 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
19:40:42.0222 0x1d38 VSS - ok
19:40:42.0232 0x1d38 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
19:40:42.0247 0x1d38 VSTXRAID - ok
19:40:42.0272 0x1d38 [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:40:42.0536 0x1d38 vwifibus - ok
19:40:42.0563 0x1d38 [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:40:42.0604 0x1d38 vwififlt - ok
19:40:42.0616 0x1d38 [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:40:42.0641 0x1d38 vwifimp - ok
19:40:42.0682 0x1d38 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
19:40:42.0748 0x1d38 W32Time - ok
19:40:42.0774 0x1d38 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
19:40:42.0792 0x1d38 WacomPen - ok
19:40:42.0852 0x1d38 [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe
19:40:42.0923 0x1d38 wbengine - ok
19:40:42.0950 0x1d38 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:40:43.0043 0x1d38 WbioSrvc - ok
19:40:43.0067 0x1d38 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
19:40:43.0099 0x1d38 Wcmsvc - ok
19:40:43.0150 0x1d38 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:40:43.0184 0x1d38 wcncsvc - ok
19:40:43.0212 0x1d38 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:40:43.0312 0x1d38 WcsPlugInService - ok
19:40:43.0348 0x1d38 [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
19:40:43.0357 0x1d38 WdBoot - ok
19:40:43.0409 0x1d38 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:40:43.0440 0x1d38 Wdf01000 - ok
19:40:43.0470 0x1d38 [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
19:40:43.0484 0x1d38 WdFilter - ok
19:40:43.0513 0x1d38 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:40:43.0543 0x1d38 WdiServiceHost - ok
19:40:43.0546 0x1d38 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:40:43.0558 0x1d38 WdiSystemHost - ok
19:40:43.0581 0x1d38 [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
19:40:43.0592 0x1d38 WdNisDrv - ok
19:40:43.0624 0x1d38 WdNisSvc - ok
19:40:43.0662 0x1d38 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
19:40:43.0725 0x1d38 WebClient - ok
19:40:43.0749 0x1d38 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:40:43.0770 0x1d38 Wecsvc - ok
19:40:43.0796 0x1d38 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
19:40:43.0818 0x1d38 WEPHOSTSVC - ok
19:40:43.0845 0x1d38 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:40:43.0922 0x1d38 wercplsupport - ok
19:40:43.0953 0x1d38 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
19:40:43.0975 0x1d38 WerSvc - ok
19:40:44.0010 0x1d38 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
19:40:44.0021 0x1d38 WFPLWFS - ok
19:40:44.0051 0x1d38 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
19:40:44.0075 0x1d38 WiaRpc - ok
19:40:44.0089 0x1d38 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:40:44.0098 0x1d38 WIMMount - ok
19:40:44.0100 0x1d38 WinDefend - ok
19:40:44.0187 0x1d38 [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:40:44.0284 0x1d38 WinHttpAutoProxySvc - ok
19:40:44.0337 0x1d38 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:40:44.0408 0x1d38 Winmgmt - ok
19:40:44.0493 0x1d38 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\Windows\system32\WsmSvc.dll
19:40:44.0590 0x1d38 WinRM - ok
19:40:44.0606 0x1d38 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\System32\drivers\WinUSB.sys
19:40:44.0680 0x1d38 WinUsb - ok
19:40:44.0750 0x1d38 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
19:40:44.0790 0x1d38 WlanSvc - ok
19:40:44.0878 0x1d38 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
19:40:44.0931 0x1d38 wlidsvc - ok
19:40:44.0961 0x1d38 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
19:40:44.0986 0x1d38 WmiAcpi - ok
19:40:45.0016 0x1d38 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:40:45.0028 0x1d38 wmiApSrv - ok
19:40:45.0052 0x1d38 WMPNetworkSvc - ok
19:40:45.0066 0x1d38 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
19:40:45.0077 0x1d38 Wof - ok
19:40:45.0145 0x1d38 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
19:40:45.0216 0x1d38 workfolderssvc - ok
19:40:45.0251 0x1d38 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
19:40:45.0260 0x1d38 wpcfltr - ok
19:40:45.0288 0x1d38 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:40:45.0343 0x1d38 WPCSvc - ok
19:40:45.0384 0x1d38 [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:40:45.0472 0x1d38 WPDBusEnum - ok
19:40:45.0488 0x1d38 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
19:40:45.0496 0x1d38 WpdUpFltr - ok
19:40:45.0505 0x1d38 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:40:45.0528 0x1d38 ws2ifsl - ok
19:40:45.0557 0x1d38 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
19:40:45.0615 0x1d38 wscsvc - ok
19:40:45.0619 0x1d38 WSearch - ok
19:40:45.0724 0x1d38 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
19:40:45.0818 0x1d38 WSService - ok
19:40:45.0931 0x1d38 [ 970B6A52041C641E47D6A31288C08716, B40A2FE234C1E3E1F05BBF9656B46C97188C4589E2471DE15FF3C621063FE815 ] wuauserv C:\Windows\system32\wuaueng.dll
19:40:46.0067 0x1d38 wuauserv - ok
19:40:46.0096 0x1d38 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:40:46.0151 0x1d38 WudfPf - ok
19:40:46.0185 0x1d38 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
19:40:46.0215 0x1d38 WUDFRd - ok
19:40:46.0249 0x1d38 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:40:46.0270 0x1d38 wudfsvc - ok
19:40:46.0277 0x1d38 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
19:40:46.0289 0x1d38 WUDFWpdFs - ok
19:40:46.0295 0x1d38 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
19:40:46.0308 0x1d38 WUDFWpdMtp - ok
19:40:46.0352 0x1d38 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:40:46.0390 0x1d38 WwanSvc - ok
19:40:46.0398 0x1d38 ================ Scan global ===============================
19:40:46.0443 0x1d38 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
19:40:46.0484 0x1d38 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
19:40:46.0520 0x1d38 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
19:40:46.0575 0x1d38 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
19:40:46.0583 0x1d38 [ Global ] - ok
19:40:46.0583 0x1d38 ================ Scan MBR ==================================
19:40:46.0593 0x1d38 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:40:46.0649 0x1d38 \Device\Harddisk0\DR0 - ok
19:40:46.0649 0x1d38 ================ Scan VBR ==================================
19:40:46.0651 0x1d38 [ 4EB636ECD8AA1E6658885A7ACDD7C807 ] \Device\Harddisk0\DR0\Partition1
19:40:46.0652 0x1d38 \Device\Harddisk0\DR0\Partition1 - ok
19:40:46.0679 0x1d38 [ 1C7B055E353E842CA9B251286EE8D9D2 ] \Device\Harddisk0\DR0\Partition2
19:40:46.0681 0x1d38 \Device\Harddisk0\DR0\Partition2 - ok
19:40:46.0694 0x1d38 [ 36D560A2D5168277E361A1148ED8EFBB ] \Device\Harddisk0\DR0\Partition3
19:40:46.0694 0x1d38 \Device\Harddisk0\DR0\Partition3 - ok
19:40:46.0706 0x1d38 [ 960536C4936A319A647FB69E1BDA7609 ] \Device\Harddisk0\DR0\Partition4
19:40:46.0707 0x1d38 \Device\Harddisk0\DR0\Partition4 - ok
19:40:46.0725 0x1d38 [ 9831D49DD78F57ABA66C9B5A9DD13704 ] \Device\Harddisk0\DR0\Partition5
19:40:46.0726 0x1d38 \Device\Harddisk0\DR0\Partition5 - ok
19:40:46.0755 0x1d38 [ AAC270992AB24A547CA6B70F69477475 ] \Device\Harddisk0\DR0\Partition6
19:40:46.0756 0x1d38 \Device\Harddisk0\DR0\Partition6 - ok
19:40:46.0756 0x1d38 ================ Scan generic autorun ======================
19:40:46.0882 0x1d38 [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:40:46.0936 0x1d38 NvBackend - ok
19:40:46.0968 0x1d38 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
19:40:47.0045 0x1d38 ShadowPlay - ok
19:40:47.0045 0x1d38 WindowsDefender - ok
19:40:47.0100 0x1d38 [ EC160CC63955C4C4845C056962F9987F, 99AC2E788982742B9539C519F2E779C78C34CDF8CACBB4D34FF20F3E47981F5D ] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
19:40:47.0174 0x1d38 WebStorage - ok
19:40:47.0273 0x1d38 Dropbox - ok
19:40:47.0340 0x1d38 [ 39969FBA06DC0C0E12EFAAE0BBE6E699, 07241AD7CA2DC89BAF380291D3C29A8DA498E313466EA5DB0198D746EC8A5DAE ] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
19:40:47.0391 0x1d38 PlaysTV - ok
19:40:47.0446 0x1d38 [ 89E2275225B59A7C7F9F27B9ACF97EAA, E91056142E439F594D5929FC3710C88AE2B1FE5CE1FDD29A64C615741BFE89F8 ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
19:40:47.0482 0x1d38 Raptr - ok
19:40:47.0531 0x1d38 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:40:47.0549 0x1d38 SunJavaUpdateSched - ok
19:40:47.0667 0x1d38 [ 54C4D03796D44AA8A0BABE7B1B66DC30, C22DDD28A0F838E9025F9212339B4377D2A9269D781D64727ADD365A62773E83 ] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
19:40:47.0868 0x1d38 Overwolf - ok
19:40:48.0168 0x1d38 [ 5AC56F5BEBC027169A1588142A8F125A, 293D1A22B8D7645101AF4773479F8C6F3E920BF85A348253F6AB3FC8BB5CD36B ] C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
19:40:48.0314 0x1d38 Spotify - ok
19:40:48.0452 0x1d38 [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] C:\Program Files (x86)\Steam\steam.exe
19:40:48.0521 0x1d38 Steam - ok
19:40:48.0769 0x1d38 [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
19:40:49.0105 0x1d38 CCleaner Monitoring - ok
19:40:49.0192 0x1d38 [ B98CC48EA3265B55E98686F740CE6EB7, DF3544EF61C28F63EB6FA7D44221814C7CA05EDE31226E9D5BAFAB6E14D7465F ] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
19:40:49.0228 0x1d38 BlueStacks Agent - ok
19:40:49.0322 0x1d38 Discord - ok
19:40:49.0397 0x1d38 [ 243F49E6B1AA97E01876020E17BDB4A9, 97E9CE8E9F1A77599B85B5952520B7D8BDDCE215F7EADAA884BA9F7E0D5BE568 ] C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
19:40:49.0431 0x1d38 Spotify Web Helper - ok
19:40:49.0434 0x1d38 Waiting for KSN requests completion. In queue: 161
19:40:49.0569 0x1fdc Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
19:40:49.0765 0x1fdc Object send P2P result: true
19:40:50.0484 0x1d38 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x61100 ( enabled : updated )
19:40:50.0486 0x1d38 Win FW state via NFP2: enabled ( trusted )
19:40:50.0590 0x1d38 ============================================================
19:40:50.0590 0x1d38 Scan finished
19:40:50.0590 0x1d38 ============================================================
19:40:50.0596 0x08ac Detected object count: 0
19:40:50.0596 0x08ac Actual detected object count: 0
|
|
03.05.2017, 20:29
| #4 |
| /// TB-Ausbilder | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
03.05.2017, 21:29
| #5 |
| | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Nabend So dann wollen wir mal: AdwCleaner: Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 03/05/2017 um 21:35:05
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-03.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Denise - DENISE-NOTEBOOK
# Gestartet von : C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Web data] - vlc.de
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1373 Bytes] - [22/02/2017 13:19:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [1369 Bytes] - [22/02/2017 13:16:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1441 Bytes] - [22/02/2017 13:18:45]
C:\AdwCleaner\AdwCleaner[S2].txt - [1450 Bytes] - [03/05/2017 21:35:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1523 Bytes] ##########
MBAM: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 03.05.17
Scan-Zeit: 22:04
Protokolldatei: MBAM.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1863
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: DENISE-NOTEBOOK\Denise
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 359550
Abgelaufene Zeit: 13 Min., 19 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (03-05-2017 22:19:03)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-30] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: Kein Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
Chrome:
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-05-03]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]
CHR HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-30] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-03] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-03 22:19 - 2017-05-03 22:19 - 00026522 _____ C:\Users\Denise\Downloads\FRST.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00001243 _____ C:\Users\Denise\Desktop\MBAM.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00000000 ____D C:\Users\Denise\Downloads\FRST-OlderVersion
2017-05-03 22:03 - 2017-05-03 22:03 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:03 - 2017-05-03 22:03 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-03 22:03 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-03 22:02 - 2017-05-03 22:02 - 60107896 _____ (Malwarebytes ) C:\Users\Denise\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00566128 _____ (Malwarebytes) C:\Users\Denise\Desktop\mbam-clean-2.3.0.1001.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00001514 _____ C:\Users\Denise\Downloads\mbam-clean-2.3.0.1001 (1).exe
2017-05-03 21:33 - 2017-05-03 21:33 - 04102600 _____ C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
2017-05-03 20:16 - 2017-05-03 20:16 - 00001759 _____ C:\Users\Denise\Desktop\Google Drive.lnk
2017-05-03 20:15 - 2017-05-03 22:00 - 00000000 ___RD C:\Users\Denise\Google Drive
2017-05-03 20:15 - 2017-05-03 20:15 - 00002060 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002048 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-05-03 20:14 - 2017-05-03 20:14 - 01130328 _____ (Google Inc.) C:\Users\Denise\Downloads\googledrivesync.exe
2017-05-03 20:06 - 2017-05-03 20:06 - 00002259 _____ C:\Windows\epplauncher.mif
2017-05-03 19:39 - 2017-05-03 19:42 - 00233642 _____ C:\TDSSKiller.3.1.0.15_03.05.2017_19.39.30_log.txt
2017-05-03 19:39 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Desktop\tdsskiller.exe
2017-05-03 19:38 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Downloads\tdsskiller.exe
2017-05-03 02:42 - 2017-05-03 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-02 22:27 - 2017-05-03 22:18 - 02428928 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-05-02 15:21 - 2017-05-02 15:21 - 00000000 ____D C:\Users\Denise\Documents\League of Legends
2017-05-02 15:15 - 2017-05-02 15:15 - 00000000 ____D C:\ProgramData\Riot Games
2017-05-02 15:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-05-02 15:13 - 2017-05-02 15:22 - 00001722 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-02 15:13 - 2017-05-02 15:13 - 00000000 ____D C:\Riot Games
2017-05-02 15:11 - 2017-05-02 15:14 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Riot Games
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-28 15:26 - 2017-04-29 14:00 - 00010972 _____ C:\Users\Denise\Desktop\Car Mechanic Fahrzeuge.xlsx
2017-04-12 10:44 - 2017-04-12 10:44 - 38952320 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-04-11 23:01 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 23:01 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-11 23:01 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 23:01 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 23:01 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 23:01 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 23:01 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 23:01 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 23:01 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 23:01 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 23:01 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 23:01 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 23:01 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-11 23:01 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-11 23:01 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 23:01 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-11 23:01 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 23:01 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 23:01 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 23:01 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 23:01 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 23:01 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 23:01 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-11 23:01 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 23:01 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 23:01 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 23:01 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 23:01 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 23:01 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 23:01 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 23:01 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-11 23:01 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-11 23:01 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-11 23:01 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-11 23:01 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-11 23:01 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-11 23:01 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-11 23:01 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-11 23:01 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 23:01 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-11 23:01 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-11 23:01 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-11 23:01 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-11 23:01 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-11 23:01 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-11 23:01 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-11 23:01 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-11 23:01 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-11 23:01 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-11 23:01 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-11 23:01 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-11 23:01 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-11 23:01 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-11 23:01 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-11 23:01 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-11 23:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-11 23:00 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-11 23:00 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-11 23:00 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-11 23:00 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 23:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 23:00 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 23:00 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-11 23:00 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-11 23:00 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-11 23:00 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-11 23:00 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 23:00 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 23:00 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 23:00 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 23:00 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 23:00 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 23:00 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 23:00 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-11 23:00 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-07 21:49 - 2017-04-07 21:50 - 07662317 _____ C:\Users\Denise\Downloads\FTB_Launcher.exe
2017-04-05 14:56 - 2017-04-05 14:56 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Si7 studio
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-03 22:19 - 2017-02-22 11:37 - 00000000 ____D C:\FRST
2017-05-03 22:05 - 2015-11-04 19:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-03 22:03 - 2015-11-04 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-05-03 22:02 - 2017-02-23 12:40 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-05-03 22:00 - 2015-11-04 16:13 - 00000000 ___RD C:\Users\Denise\OneDrive
2017-05-03 21:58 - 2015-11-04 16:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-03 21:58 - 2015-11-04 16:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-05-03 21:58 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-03 21:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-03 21:52 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-03 21:40 - 2015-11-04 16:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-03 21:36 - 2017-02-22 13:15 - 00000000 ____D C:\AdwCleaner
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Users\Denise\AppData\Local\Google
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-03 20:15 - 2015-11-04 16:05 - 00000000 ____D C:\Users\Denise
2017-05-03 19:35 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-05-03 16:49 - 2016-01-08 17:39 - 00000000 ____D C:\Users\Denise\Documents\Euro Truck Simulator 2
2017-05-03 16:37 - 2016-02-16 02:18 - 00000000 ____D C:\Users\Denise\Documents\American Truck Simulator
2017-05-03 16:28 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-03 14:34 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-03 14:14 - 2016-09-10 13:49 - 02652160 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-05-03 14:11 - 2016-11-16 15:27 - 00000000 ____D C:\Users\Denise\Documents\Texte
2017-05-03 14:10 - 2016-08-30 15:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-05-03 13:31 - 2015-11-04 17:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-05-03 12:21 - 2015-11-04 17:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-03 12:00 - 2016-08-01 12:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-05-03 12:00 - 2015-11-04 16:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-05-03 02:42 - 2015-11-04 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-02 22:41 - 2016-02-21 19:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2017-05-02 22:02 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-05-02 22:02 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-05-02 22:02 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 16:07 - 2016-03-01 00:33 - 00007606 _____ C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2017-05-02 03:31 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-02 03:29 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-30 16:13 - 2016-11-04 13:42 - 00000000 ____D C:\Users\Denise\Documents\Viscera
2017-04-30 11:51 - 2016-12-19 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-04-29 15:58 - 2015-11-04 16:18 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 15:58 - 2015-11-04 16:18 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 00:26 - 2015-12-27 23:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-04-17 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-17 10:39 - 2016-05-12 19:58 - 00001062 _____ C:\Users\Denise\Desktop\Neues Textdokument (3).txt
2017-04-17 10:32 - 2016-02-04 23:06 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.technic
2017-04-17 10:32 - 2016-02-04 23:05 - 04734784 _____ () C:\Users\Denise\Downloads\TechnicLauncher.exe
2017-04-14 18:06 - 2013-08-22 16:44 - 00479584 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 04:25 - 2015-11-06 16:01 - 00000000 ____D C:\Windows\system32\MRT
2017-04-12 04:23 - 2015-11-06 16:01 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 04:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-08 00:06 - 2016-08-11 12:13 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:31 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Local\ftblauncher
2017-04-07 21:59 - 2015-11-18 19:17 - 00000000 ____D C:\ftb
2017-04-07 21:50 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Roaming\ftblauncher
2017-04-05 14:58 - 2015-12-01 23:06 - 00000000 ____D C:\Users\Denise\Documents\My Games
2017-04-05 03:01 - 2016-12-09 20:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-05 03:01 - 2016-12-06 03:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-05 03:01 - 2016-02-21 14:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001
2017-04-03 14:43 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Local\Overwolf
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-04 16:11 - 2017-05-03 21:58 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 23:15 - 2016-07-12 23:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-03-01 00:33 - 2017-05-02 16:07 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 14:53 - 2015-03-18 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Einige Dateien in TEMP:
====================
2017-05-03 14:07 - 2014-08-03 12:33 - 6726720 _____ (Foxit Corporation) C:\Users\Denise\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
2017-04-09 01:17 - 2017-04-09 01:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1040318976079216718.dll
2017-04-10 17:11 - 2017-04-10 17:11 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-107992347504823130.dll
2017-04-09 01:22 - 2017-04-09 01:22 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1393927604816923217.dll
2017-04-17 10:36 - 2017-04-17 10:36 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1605890471314782318.dll
2017-04-17 20:28 - 2017-04-17 20:28 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2195549389685782762.dll
2017-04-12 16:12 - 2017-04-12 16:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2278816693079296955.dll
2017-04-29 10:40 - 2017-04-29 10:40 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2289259205964025034.dll
2017-04-12 11:52 - 2017-04-12 11:52 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2293235393832101607.dll
2017-04-17 20:37 - 2017-04-17 20:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2717276439790702517.dll
2017-04-26 12:12 - 2017-04-26 12:12 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2812241115399243833.dll
2017-04-09 01:37 - 2017-04-09 01:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2886755838872423022.dll
2017-04-10 13:57 - 2017-04-10 13:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2947519856391172585.dll
2017-04-11 12:50 - 2017-04-11 12:50 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3006947278836389063.dll
2017-04-09 01:33 - 2017-04-09 01:33 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3275234403545714624.dll
2017-04-10 16:51 - 2017-04-10 16:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-363026189231537429.dll
2017-04-09 11:51 - 2017-04-09 11:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-382171821654916660.dll
2017-04-24 23:10 - 2017-04-24 23:10 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-38851600159007909.dll
2017-04-10 22:54 - 2017-04-10 22:54 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4624524647489449371.dll
2017-04-27 21:45 - 2017-04-27 21:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4671433893680303623.dll
2017-04-17 21:46 - 2017-04-17 21:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5245631579023480511.dll
2017-04-17 10:40 - 2017-04-17 10:40 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5651678435619837219.dll
2017-04-25 13:28 - 2017-04-25 13:28 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5839221738519008296.dll
2017-04-24 12:00 - 2017-04-24 12:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-6858090211071687154.dll
2017-04-24 13:21 - 2017-04-24 13:21 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-782039470112850992.dll
2017-04-16 21:21 - 2017-04-16 21:21 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-811926212269422760.dll
2017-04-27 12:37 - 2017-04-27 12:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-851885707297706314.dll
2017-04-13 17:18 - 2017-04-13 17:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8695384281373204455.dll
2017-04-09 01:30 - 2017-04-09 01:30 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8793313027965502837.dll
2017-04-12 18:08 - 2017-04-12 18:08 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8855172364835676341.dll
2017-04-09 22:03 - 2017-04-09 22:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8958763056661960550.dll
2017-04-12 10:44 - 2017-04-12 10:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-911095625501500122.dll
2017-04-11 14:06 - 2017-04-11 14:06 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-984113642458192691.dll
2017-04-21 02:28 - 2017-04-21 02:28 - 0739904 _____ (Oracle Corporation) C:\Users\Denise\AppData\Local\Temp\jre-8u131-windows-au.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-04-29 13:47
==================== Ende von FRST.txt ============================
Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von Denise (03-05-2017 22:20:50)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
(HKLM\...\UDK-69f36ffc-40bd-40ec-849e-13683db6c5b3) (Version: - RuneStorm
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version: - SCS Software)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestar Galactica Online (HKLM-x32\...\Battlestar Galactica Online_is1) (Version: 1.0 - Bigpoint GmbH)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version: - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version: - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version: - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version: - Bloober Team SA)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
My Secret Pets! (HKLM\...\Steam App 447180) (Version: - Dogenzaka Lab)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.234.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version: - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version: - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version: - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version: - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version: - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version: - Telltale Games)
Time Mysteries: Inheritance - Remastered (HKLM\...\Steam App 350010) (Version: - Artifex Mundi)
Train Mechanic Simulator 2017 (HKLM\...\Steam App 538810) (Version: - Si7 Studio)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version: - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version: - RuneStorm)
Viscera Cleanup Detail: Santas Rampage
Viscera Cleanup Detail: Santa's Rampage (HKLM\...\Steam App 265210) (Version: - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {8462300A-6056-404C-B8DB-BBAE66C20831} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {883A3F07-BB44-43B8-96A9-E39E723C41EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-30] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E4B15ED4-FEFA-47BB-8ECC-7E9A9CCD4457} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-02] (Microsoft Corporation)
Task: {F06024EE-88FE-4C41-8BA6-1393AB6721CF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-18 14:49 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2017-05-03 22:03 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-07 14:31 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-11-04 19:26 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 21:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 17:02 - 2017-01-25 17:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 17:02 - 2017-01-25 17:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-05-03 21:59 - 2017-05-03 21:59 - 00098816 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32api.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00110080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pywintypes27.dll
2017-05-03 21:59 - 2017-05-03 21:59 - 00364544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pythoncom27.dll
2017-05-03 21:59 - 2017-05-03 21:59 - 00320512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32com.shell.shell.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00914432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_hashlib.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 01176576 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._core_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00806400 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._gdi_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00816128 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._windows_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 01067008 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._controls_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00733184 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._misc_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00682496 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pysqlite2._sqlite.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_ctypes.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00686080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\unicodedata.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00119808 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32file.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00108544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32security.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00007168 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\hashobjs_ext.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00017920 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\thumbnails_ext.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\usb_ext.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00012800 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\common.time34.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00018432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32event.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00167936 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32gui.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00046080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_socket.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 01303552 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_ssl.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00128512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_elementtree.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00127488 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pyexpat.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00038912 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32inet.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00036864 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_psutil_windows.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00524248 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\windows._lib_cacheinvalidation.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00011264 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32crypt.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00123392 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._wizard.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00077312 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._html2.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00027648 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_multiprocessing.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00020480 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_yappi.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00035840 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32process.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00078848 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._animate.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00024064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32pipe.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00010240 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\select.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00025600 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32pdh.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00017408 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32profile.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00022528 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32ts.pyd
2016-12-13 22:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-03 22:01 - 2017-05-03 22:01 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\B3F4.tmp.node
2017-01-25 17:02 - 2017-05-02 22:48 - 02658296 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 17:03 - 2017-03-24 05:24 - 02665976 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "BlueStacks Agent"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7A6F54C6-0CBE-49D6-AEF9-484B93C44FFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84D56BD8-2192-499A-B071-F19532159EBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{059074FB-CF16-4C85-9510-B576B2C91E5E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21A95AF2-BF14-4471-88DA-0CEBCFB44E13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{5B15E0EC-833D-4499-8F24-A778C36CAF81}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D0A49A24-A871-43D5-AF9C-F559E03989B3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FD7E0985-A45A-4202-BC41-FEAB87765304}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{F9B1A7A3-8D66-4491-AEA2-8188D3FA2B46}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
==================== Wiederherstellungspunkte =========================
20-04-2017 05:14:30 Geplanter Prüfpunkt
29-04-2017 13:55:02 Geplanter Prüfpunkt
02-05-2017 15:12:15 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Denise-Notebook.local already in use; will try Denise-Notebook-2.local instead
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Denise-Notebook.local. Addr 192.168.2.102
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.102:5353 16 Denise-Notebook.local. AAAA 2003:00DA:1BCB:CE38:B97C:C96D:0680:420C
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Denise-Notebook.local. AAAA FE80:0000:0000:0000:B97C:C96D:0680:420C
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.102:5353 16 Denise-Notebook.local. AAAA 2003:00DA:1BCB:CE38:B97C:C96D:0680:420C
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Denise-Notebook.local. Addr 192.168.2.102
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.102:5353 16 Denise-Notebook.local. AAAA 2003:00DA:1BCB:CE38:B97C:C96D:0680:420C
Error: (05/03/2017 08:06:45 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENISE-NOTEBOOK)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (05/02/2017 03:28:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d3c
Startzeit: 01d2c3472a3a3e9e
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 1ec4ca4f-2f3b-11e7-8290-1cb72c068d56
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/02/2017 03:30:13 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Systemfehler:
=============
Error: (05/03/2017 09:59:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/03/2017 09:59:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (05/03/2017 09:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/03/2017 09:54:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (05/03/2017 09:38:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/03/2017 09:38:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (05/03/2017 09:36:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (05/03/2017 09:35:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/03/2017 09:35:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DbxSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/03/2017 09:35:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-05-03 12:12:28.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-17 11:03:43.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-11 16:55:29.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-24 13:07:19.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-18 14:59:19.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-25 21:55:36.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-22 17:22:33.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 15:35:14.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 5222.91 MB
Summe virtueller Speicher: 9630.8 MB
Verfügbarer virtueller Speicher: 6774.98 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:453.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
04.05.2017, 19:35
| #6 |
| /// TB-Ausbilder | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Servus, du hast die falsche Logdatei von AdwCleaner gepostet. ich benötige die Logdatei des Löschvorgangs, nicht des Suchlaufs. Bitte nachreichen. |
|
04.05.2017, 19:46
| #7 |
| | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Ups sorry, das hier müsste die Richtige sein: Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 03/05/2017 um 21:36:08
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-03.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Denise - DENISE-NOTEBOOK
# Gestartet von : C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
[-] [C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: vlc.de
*************************
:: "Tracing" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1373 Bytes] - [22/02/2017 13:19:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [1154 Bytes] - [03/05/2017 21:36:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [1369 Bytes] - [22/02/2017 13:16:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1441 Bytes] - [22/02/2017 13:18:45]
C:\AdwCleaner\AdwCleaner[S2].txt - [1602 Bytes] - [03/05/2017 21:35:05]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1446 Bytes] ##########
|
|
04.05.2017, 20:00
| #8 |
| /// TB-Ausbilder | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Servus, wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
05.05.2017, 13:08
| #9 |
| | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack So, da wären wir wieder ^^ Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von Denise (04-05-2017 21:04:54) Run:1
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 153914341 B
Java, Flash, Steam htmlcache => 739964292 B
Windows/system/drivers => 56903308 B
Edge => 0 B
Chrome => 766840351 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 286244 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 22178 B
Denise => 215054955 B
RecycleBin => 1617099966 B
EmptyTemp: => 3.3 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:05:42 ====
HitmanPro: Code:
ATTFilter HitmanPro 3.7.18.284
www.hitmanpro.com
Computer name . . . . : DENISE-NOTEBOOK
Windows . . . . . . . : 6.3.0.9600.X64/4
User name . . . . . . : DENISE-NOTEBOOK\Denise
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-05-04 21:11:57
Scan mode . . . . . . : Normal
Scan duration . . . . : 14m 8s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 2
Objects scanned . . . : 2.250.835
Files scanned . . . . : 107.850
Remnants scanned . . : 747.893 files / 1.395.092 keys
Suspicious files ____________________________________________________________
C:\Users\Denise\Downloads\FRST-OlderVersion\FRST64.exe
Size . . . . . . . : 2.428.416 bytes
Age . . . . . . . : 1.9 days (2017-05-02 22:27:51)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 107C4946A928FC921A678DD867CF562951ED76599078CC8E9A5440A7972B0BE2
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\Denise\Downloads\FRST-OlderVersion\FRST64.exe
3.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\46\994A7F39F0978B6E.dat
C:\Users\Denise\Downloads\FRST64.exe
Size . . . . . . . : 2.428.928 bytes
Age . . . . . . . : 1.0 days (2017-05-03 22:18:57)
Entropy . . . . . : 7.6
SHA-256 . . . . . : C0E221A65FA757DDC714FA6EF38443EC87A17B7E8AAE23EF6555E859D3105B26
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-27.8s C:\Windows\Prefetch\SCHTASKS.EXE-BA1E321E.pf
-26.8s C:\Users\Denise\Desktop\MBAM.txt
-0.2s C:\Users\Denise\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
-0.2s C:\Users\Denise\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
0.0s C:\Users\Denise\Downloads\FRST64.exe
0.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\81\0F3FEF7829261E19.dat
1.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\22\42C76E2A4A0E3982.dat
1.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\85\EF7E2EB4E060A351.dat
1.5s C:\Users\Denise\Downloads\FRST-OlderVersion\
2.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\55\AD9DD1B7BC735613.dat
3.9s C:\Windows\Prefetch\FRST64.EXE-9C9087FB.pf
5.4s C:\Users\Denise\Downloads\FRST.txt
ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# end=init
# utc_time=2017-05-04 07:27:04
# local_time=2017-05-04 09:27:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 33275
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# end=updated
# utc_time=2017-05-04 07:32:52
# local_time=2017-05-04 09:32:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# engine=33275
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-04 10:36:55
# local_time=2017-05-05 12:36:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 26562 9701138 0 0
# scanned=447807
# found=0
# cleaned=0
# scan_time=11042
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (05-05-2017 12:59:16)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-30] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: Kein Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
Chrome:
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-05-05]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]
CHR HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-30] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-04] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-04 21:27 - 2017-05-04 21:27 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-04 21:26 - 2017-05-04 21:26 - 02870984 _____ (ESET) C:\Users\Denise\Downloads\esetsmartinstaller_deu.exe
2017-05-04 21:11 - 2017-05-04 21:26 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-04 21:11 - 2017-05-04 21:11 - 11583584 _____ (SurfRight B.V.) C:\Users\Denise\Downloads\HitmanPro_x64.exe
2017-05-03 22:19 - 2017-05-05 13:00 - 00026493 _____ C:\Users\Denise\Downloads\FRST.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00001243 _____ C:\Users\Denise\Desktop\MBAM.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00000000 ____D C:\Users\Denise\Downloads\FRST-OlderVersion
2017-05-03 22:03 - 2017-05-04 21:07 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:03 - 2017-05-03 22:03 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-03 22:03 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-03 22:02 - 2017-05-03 22:02 - 60107896 _____ (Malwarebytes ) C:\Users\Denise\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00566128 _____ (Malwarebytes) C:\Users\Denise\Desktop\mbam-clean-2.3.0.1001.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00001514 _____ C:\Users\Denise\Downloads\mbam-clean-2.3.0.1001 (1).exe
2017-05-03 21:33 - 2017-05-03 21:33 - 04102600 _____ C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
2017-05-03 20:16 - 2017-05-03 20:16 - 00001759 _____ C:\Users\Denise\Desktop\Google Drive.lnk
2017-05-03 20:15 - 2017-05-04 21:08 - 00000000 ___RD C:\Users\Denise\Google Drive
2017-05-03 20:15 - 2017-05-03 20:15 - 00002060 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002048 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-05-03 20:14 - 2017-05-03 20:14 - 01130328 _____ (Google Inc.) C:\Users\Denise\Downloads\googledrivesync.exe
2017-05-03 20:06 - 2017-05-03 20:06 - 00002259 _____ C:\Windows\epplauncher.mif
2017-05-03 19:39 - 2017-05-03 19:42 - 00233642 _____ C:\TDSSKiller.3.1.0.15_03.05.2017_19.39.30_log.txt
2017-05-03 19:39 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Desktop\tdsskiller.exe
2017-05-03 19:38 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Downloads\tdsskiller.exe
2017-05-03 02:42 - 2017-05-03 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-02 22:27 - 2017-05-03 22:18 - 02428928 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-05-02 15:21 - 2017-05-02 15:21 - 00000000 ____D C:\Users\Denise\Documents\League of Legends
2017-05-02 15:15 - 2017-05-02 15:15 - 00000000 ____D C:\ProgramData\Riot Games
2017-05-02 15:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-05-02 15:13 - 2017-05-02 15:22 - 00001722 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-02 15:13 - 2017-05-02 15:13 - 00000000 ____D C:\Riot Games
2017-05-02 15:11 - 2017-05-02 15:14 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Riot Games
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-28 15:26 - 2017-04-29 14:00 - 00010972 _____ C:\Users\Denise\Desktop\Car Mechanic Fahrzeuge.xlsx
2017-04-12 10:44 - 2017-04-12 10:44 - 38952320 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-04-11 23:01 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 23:01 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-11 23:01 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 23:01 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 23:01 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 23:01 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 23:01 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 23:01 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 23:01 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 23:01 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 23:01 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 23:01 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 23:01 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-11 23:01 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-11 23:01 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 23:01 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-11 23:01 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 23:01 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 23:01 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 23:01 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 23:01 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 23:01 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 23:01 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-11 23:01 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 23:01 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 23:01 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 23:01 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 23:01 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 23:01 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 23:01 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 23:01 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-11 23:01 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-11 23:01 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-11 23:01 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-11 23:01 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-11 23:01 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-11 23:01 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-11 23:01 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-11 23:01 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 23:01 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-11 23:01 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-11 23:01 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-11 23:01 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-11 23:01 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-11 23:01 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-11 23:01 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-11 23:01 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-11 23:01 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-11 23:01 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-11 23:01 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-11 23:01 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-11 23:01 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-11 23:01 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-11 23:01 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-11 23:01 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-11 23:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-11 23:00 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-11 23:00 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-11 23:00 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-11 23:00 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 23:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 23:00 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 23:00 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-11 23:00 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-11 23:00 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-11 23:00 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-11 23:00 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 23:00 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 23:00 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 23:00 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 23:00 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 23:00 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 23:00 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 23:00 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-11 23:00 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-07 21:49 - 2017-04-07 21:50 - 07662317 _____ C:\Users\Denise\Downloads\FTB_Launcher.exe
2017-04-05 14:56 - 2017-04-05 14:56 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Si7 studio
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-05 12:59 - 2017-02-22 11:37 - 00000000 ____D C:\FRST
2017-05-05 12:59 - 2016-09-10 13:49 - 02652160 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-05-05 12:40 - 2015-11-04 16:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-05 12:00 - 2016-08-01 12:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-05-05 12:00 - 2015-11-04 16:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-05-04 21:14 - 2015-11-04 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-05-04 21:13 - 2015-11-04 19:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-04 21:09 - 2017-02-23 12:40 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-05-04 21:07 - 2015-11-04 16:13 - 00000000 ____D C:\Users\Denise\OneDrive
2017-05-04 21:06 - 2015-11-04 16:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-04 21:06 - 2015-11-04 16:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-05-04 21:06 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-04 21:06 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-04 21:05 - 2016-08-30 15:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-05-04 19:49 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-05-03 21:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-03 21:36 - 2017-02-22 13:15 - 00000000 ____D C:\AdwCleaner
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Users\Denise\AppData\Local\Google
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-03 20:15 - 2015-11-04 16:05 - 00000000 ____D C:\Users\Denise
2017-05-03 16:49 - 2016-01-08 17:39 - 00000000 ____D C:\Users\Denise\Documents\Euro Truck Simulator 2
2017-05-03 16:37 - 2016-02-16 02:18 - 00000000 ____D C:\Users\Denise\Documents\American Truck Simulator
2017-05-03 16:28 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-03 14:34 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-03 14:11 - 2016-11-16 15:27 - 00000000 ____D C:\Users\Denise\Documents\Texte
2017-05-03 13:31 - 2015-11-04 17:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-05-03 12:21 - 2015-11-04 17:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-03 02:42 - 2015-11-04 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-02 22:41 - 2016-02-21 19:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2017-05-02 22:02 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-05-02 22:02 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-05-02 22:02 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 16:07 - 2016-03-01 00:33 - 00007606 _____ C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2017-05-02 03:31 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-02 03:29 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-30 16:13 - 2016-11-04 13:42 - 00000000 ____D C:\Users\Denise\Documents\Viscera
2017-04-30 11:51 - 2016-12-19 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-04-29 15:58 - 2015-11-04 16:18 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 15:58 - 2015-11-04 16:18 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 00:26 - 2015-12-27 23:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-04-17 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-17 10:39 - 2016-05-12 19:58 - 00001062 _____ C:\Users\Denise\Desktop\Neues Textdokument (3).txt
2017-04-17 10:32 - 2016-02-04 23:06 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.technic
2017-04-17 10:32 - 2016-02-04 23:05 - 04734784 _____ () C:\Users\Denise\Downloads\TechnicLauncher.exe
2017-04-14 18:06 - 2013-08-22 16:44 - 00479584 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 04:25 - 2015-11-06 16:01 - 00000000 ____D C:\Windows\system32\MRT
2017-04-12 04:23 - 2015-11-06 16:01 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 04:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-08 00:06 - 2016-08-11 12:13 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:31 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Local\ftblauncher
2017-04-07 21:59 - 2015-11-18 19:17 - 00000000 ____D C:\ftb
2017-04-07 21:50 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Roaming\ftblauncher
2017-04-05 14:58 - 2015-12-01 23:06 - 00000000 ____D C:\Users\Denise\Documents\My Games
2017-04-05 03:01 - 2016-12-09 20:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-05 03:01 - 2016-12-06 03:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-05 03:01 - 2016-02-21 14:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-04 16:11 - 2017-05-04 21:06 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 23:15 - 2016-07-12 23:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-03-01 00:33 - 2017-05-02 16:07 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 14:53 - 2015-03-18 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-04-29 13:47
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von Denise (05-05-2017 13:00:48)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
(HKLM\...\UDK-69f36ffc-40bd-40ec-849e-13683db6c5b3) (Version: - RuneStorm
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version: - SCS Software)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestar Galactica Online (HKLM-x32\...\Battlestar Galactica Online_is1) (Version: 1.0 - Bigpoint GmbH)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version: - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version: - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version: - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version: - Bloober Team SA)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
My Secret Pets! (HKLM\...\Steam App 447180) (Version: - Dogenzaka Lab)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.234.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version: - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version: - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version: - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version: - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version: - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version: - Telltale Games)
Time Mysteries: Inheritance - Remastered (HKLM\...\Steam App 350010) (Version: - Artifex Mundi)
Train Mechanic Simulator 2017 (HKLM\...\Steam App 538810) (Version: - Si7 Studio)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version: - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version: - RuneStorm)
Viscera Cleanup Detail: Santas Rampage
Viscera Cleanup Detail: Santa's Rampage (HKLM\...\Steam App 265210) (Version: - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {3B17F2EB-A7C2-4EDE-8EA5-3742A7B8C762} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {577D9ACE-A2EB-4AB6-B66B-F21071611867} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {883A3F07-BB44-43B8-96A9-E39E723C41EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-30] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E4B15ED4-FEFA-47BB-8ECC-7E9A9CCD4457} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-02] (Microsoft Corporation)
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-18 14:49 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-05-03 22:03 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2017-02-14 17:14 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-03-16 12:17 - 2016-03-16 12:17 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-07 14:31 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-11-04 19:26 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 21:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 17:02 - 2017-01-25 17:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 17:02 - 2017-01-25 17:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-11 23:22 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-04 21:07 - 2017-05-04 21:07 - 00098816 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32api.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00110080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pywintypes27.dll
2017-05-04 21:07 - 2017-05-04 21:07 - 00364544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pythoncom27.dll
2017-05-04 21:07 - 2017-05-04 21:07 - 00320512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32com.shell.shell.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00914432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_hashlib.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 01176576 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._core_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00806400 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._gdi_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00816128 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._windows_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 01067008 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._controls_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00733184 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._misc_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00682496 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pysqlite2._sqlite.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_ctypes.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00686080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\unicodedata.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00119808 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32file.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00108544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32security.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00007168 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\hashobjs_ext.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00017920 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\thumbnails_ext.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\usb_ext.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00012800 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\common.time34.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00018432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32event.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00167936 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32gui.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00046080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_socket.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 01303552 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_ssl.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00128512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_elementtree.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00127488 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pyexpat.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00038912 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32inet.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00036864 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_psutil_windows.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00524248 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\windows._lib_cacheinvalidation.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00011264 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32crypt.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00123392 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._wizard.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00077312 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._html2.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00027648 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_multiprocessing.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00020480 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_yappi.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00035840 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32process.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00078848 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._animate.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00024064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32pipe.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00010240 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\select.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00025600 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32pdh.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00017408 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32profile.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00022528 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32ts.pyd
2017-05-04 21:08 - 2017-05-04 21:08 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\3629.tmp.node
2017-01-25 17:02 - 2017-05-02 22:48 - 02658296 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 17:03 - 2017-03-24 05:24 - 02665976 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-12-13 22:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-11 16:10 - 2017-03-31 11:49 - 17778776 _____ () C:\Users\Denise\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.148\pepflashplayer.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "BlueStacks Agent"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7A6F54C6-0CBE-49D6-AEF9-484B93C44FFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84D56BD8-2192-499A-B071-F19532159EBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{059074FB-CF16-4C85-9510-B576B2C91E5E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21A95AF2-BF14-4471-88DA-0CEBCFB44E13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{5B15E0EC-833D-4499-8F24-A778C36CAF81}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D0A49A24-A871-43D5-AF9C-F559E03989B3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FD7E0985-A45A-4202-BC41-FEAB87765304}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{F9B1A7A3-8D66-4491-AEA2-8188D3FA2B46}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{9C2ED916-BFE7-411C-BBBE-07BD3FFDA052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A1699C5F-59DF-4A0B-BD4E-26B0364C5DE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
==================== Wiederherstellungspunkte =========================
20-04-2017 05:14:30 Geplanter Prüfpunkt
29-04-2017 13:55:02 Geplanter Prüfpunkt
02-05-2017 15:12:15 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/05/2017 12:58:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Denise\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/05/2017 12:58:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/05/2017 06:04:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/05/2017 01:31:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\denise\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/05/2017 01:31:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/05/2017 01:02:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/05/2017 12:59:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/04/2017 09:30:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/04/2017 09:27:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (05/04/2017 09:27:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Denise\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (05/04/2017 09:27:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/04/2017 09:27:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Denise\AppData\Local\Temp\ehdrv.sys
Error: (05/04/2017 09:27:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/04/2017 09:27:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Denise\AppData\Local\Temp\ehdrv.sys
Error: (05/04/2017 09:27:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/04/2017 09:27:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Denise\AppData\Local\Temp\ehdrv.sys
Error: (05/04/2017 09:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/04/2017 09:07:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (05/04/2017 09:05:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/04/2017 09:05:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-05-04 11:56:22.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-03 12:12:28.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-17 11:03:43.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-04-11 16:55:29.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-24 13:07:19.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-18 14:59:19.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-25 21:55:36.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-22 17:22:33.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-11 15:35:14.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 3724.95 MB
Summe virtueller Speicher: 9630.8 MB
Verfügbarer virtueller Speicher: 4816.63 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:455.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)
Partition: GPT.
==================== Ende von Addition.txt ============================
Und zu der Frage: Bis jetzt kann ich keine Probleme mehr feststellen. Mir ist gerade aufgefallen, dass ich Browser und Games wieder in der Firewall erlauben muss. Muss das so sein? |
|
05.05.2017, 19:35
| #10 | |
| /// TB-Ausbilder | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Servus, Zitat:
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  Vielleicht möchtest du das Forum mit einer kleinen Spende  unterstützen.  Hinweise: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen. Virenscanner + Firewall Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware. Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird) Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen. Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms. Absicherungen Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen. Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:
Optionale Browsererweiterungen
Grundsätzliches
Lesestoff:Backup-/Image-Tools Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen. Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern. Optioin 1 - Drivesnapshot Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe Screenshots: http://www.drivesnapshot.de/images/startup.png http://www.drivesnapshot.de/images/save3.png Option 2 - Seagate DiscWizard Seagate DiscWizard - Download - Filepony Screenshots: http://filepony.de/screenshot/seagate_discwizard5.jpg http://filepony.de/screenshot/seagate_discwizard4.png http://filepony.de/screenshot/seagate_discwizard3.jpg Option 3 - Acronis TrueImage WD Edition Acronis True Image WD Edition - Download - Filepony Screenshots: http://filepony.de/screenshot/acroni...d_edition1.jpg http://filepony.de/screenshot/acroni...d_edition2.jpg |
|
05.05.2017, 21:32
| #11 |
| | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Supi, ich hab dann auch keine Fragen mehr. Danke für die Hilfe |
|
05.05.2017, 21:35
| #12 |
| /// TB-Ausbilder | Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine Profilnachricht inklusive Link zum Thema. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack |
| .dll, adobe, antivirus, avast, bonjour, computer, defender, desktop, explorer, ftp, google, installation, langsam, msascuil.exe, office 365, performance, realtek, registry, rundll, scan, services.exe, software, starten, svchost.exe, temp, udp, windows, windowsapps |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
