Mehrere Funde von MBAM/Kaspersky -> EnigmaEncode.exe/Adware

darkrider78 · 03.05.2017, 04:55

Hallo,
da Kaspersky einen Fehlalarm hatte, dachte ich, dass es eigentlich mal wieder Zeit wäre, einen vollständigen Suchlauf zu machen.
Da Kaspersky dann rumzickte, scannte ich erst mit MBAM, was neben unwichtigem auch einige Adware-Funde zutage brachte.
Ich ließ die Funde in die Quarantäne verschieben und startete den PC neu.
Nun meldet Kaspersky etwas von EnigmaEncode.exe.
Da ich mit dem Fund gar nichts anfangen kann, aber es laut einiger Seiten eine gefährliche Infektion ist, möchte ich mich gerne von einem der kompetenten Teamler beraten lassen und meinen PC mal intensiv scannen und bereinigen.

Bezüglich des EnigmaEncode.exe Fundes habe ich noch nichts unternommen

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: Mi, 03.05.2017
Suchlaufzeit: 05:02
Protokolldatei: MBAM 03-05-17.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.05.03.01
Rootkit-Datenbank: v2017.04.02.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: darkrider84

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 449231
Abgelaufene Zeit: 11 Min., 29 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
Adware.ChinAd, C:\Users\Sgt Napoleon\AppData\Local\Temp\DMR, In Quarantäne, [229b130098118bab7fa2e0824ab760a0], 

Dateien: 9
PUP.Optional.GameHack, C:\Program Files (x86)\Cheat Engine 6.5\standalonephase1.dat, Keine Aktion durch Benutzer, [7e3f9e759217d3630cd5410f827f47b9], 
PUP.Optional.RelevantKnowledge, C:\Users\darkrider84\AppData\Local\Temp\CSMADE9.tmp, In Quarantäne, [a01d3bd8a1088bab989b58c1f50e867a], 
PUP.Optional.DealPly, C:\Users\darkrider84\AppData\Local\Temp\inH442017949478\EnigmaEncode.exe, In Quarantäne, [7c41d93a8b1e3303c5161b1b966a10f0], 
PUP.Optional.DealPly, C:\Users\darkrider84\AppData\Local\Temp\inH453781946744\EnigmaEncode.exe, In Quarantäne, [3d80cf44a405e155ecef90a6e51b649c], 
PUP.Optional.InstallCore, C:\Users\darkrider84\AppData\Local\Temp\ns08082391\66930B58_stp\Uninstaller.exe, In Quarantäne, [ceefc54ed8d11a1c8e0c4b827889619f], 
PUP.Optional.AshampooDriverUpdater, C:\ProgramData\Ashampoo\ico_ashampoo_deals.ico, In Quarantäne, [c0fd36ddeebba3934f9beaaa679958a8], 
PUP.Optional.AshampooRegistryCleaner, C:\ProgramData\Ashampoo\ico_ashampoo_marketplace.ico, In Quarantäne, [3588090a8227f244f8e9584335cb41bf], 
Adware.ChinAd, C:\Users\Sgt Napoleon\AppData\Local\Temp\DMR\boswweprnnewfwcs.dat, In Quarantäne, [229b130098118bab7fa2e0824ab760a0], 
Adware.ChinAd, C:\Users\Sgt Napoleon\AppData\Local\Temp\DMR\uuekkvkdtmfvqybm.dat, In Quarantäne, [229b130098118bab7fa2e0824ab760a0], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

Danke im Voraus.

Mit freundlichen Grüßen

darkrider78

M-K-D-B · 03.05.2017, 16:38

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Bitte die Logdateien von Kaspersky mit den genauen Funden nachreichen!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

darkrider78 · 04.05.2017, 01:23

Hallo.

FRST-Log:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
durchgeführt von darkrider84 (Administrator) auf DARKRIDER84-PC (04-05-2017 02:12:29)
Gestartet von D:\Users\darkrider84\Desktop
Geladene Profile: darkrider84 (Verfügbare Profile: darkrider84 & MIB & Sgt Napoleon & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
() C:\Windows\SysWOW64\ASGT.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MSI) C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
() C:\Program Files\MariaDB\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\spdsvc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\USBLogon\usblonsvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\darkrider84\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Amazon Services LLC) C:\Users\darkrider84\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Users\darkrider84\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ToggleHiddenFiles.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Open Media LLC) C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [851072 2015-01-30] (Qualcomm Atheros)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5565296 2015-12-01] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258960 2017-03-03] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132224 2015-01-30] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9161720 2016-12-23] (Binary Fortress Software)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [ArchiCrypt Shredder 6] => [X]
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [ArchiCrypt Scheduler 6] => [X]
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [ArchiCrypt SecureDZone] => [X]
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [Spotify Web Helper] => C:\Users\darkrider84\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-422 423 425 Series" /EF "HKCU"
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3155712 2017-01-03] (Unified Intents AB)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [Amazon Music] => C:\Users\darkrider84\AppData\Local\Amazon Music\Amazon Music Helper.exe [3694056 2017-04-18] (Amazon Services LLC)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [Gaijin.Net Agent] => C:\Users\darkrider84\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-04-26] (Gaijin Entertainment)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\MountPoints2: {c64fa9ce-e459-11e5-be30-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-1142517005-776776603-1134571006-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-02-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\darkrider84\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ToggleHiddenFiles.exe [2008-11-05] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{F12D27F7-AE32-4C3B-BBEA-FE92CEBEBCB6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-b8bc79ea
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-b8bc79ea
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b8bc79ea&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b8bc79ea&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1142517005-776776603-1134571006-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b8bc79ea&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1142517005-776776603-1134571006-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b8bc79ea&q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-19] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-04-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-19] (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-04-26] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default [2017-04-30]
FF NewTab: Mozilla\Firefox\Profiles\39m3udim.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\39m3udim.default -> Search Provided by Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\39m3udim.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\39m3udim.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\39m3udim.default -> type", 0
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-23]
FF Extension: (Ghostery) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\Extensions\firefox@ghostery.com.xpi [2017-02-23]
FF Extension: (Font Finder) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\Extensions\fontfinder@bendodson.com.xpi [2017-01-29]
FF Extension: (NoScript) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-27]
FF Extension: (WOT) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-03-15]
FF Extension: (Adblock Plus) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-11]
FF Extension: (Disable TLS Certificate Transparency) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\features\{0ef8a0dc-ba44-4cd5-99a6-a69fb5e5c659}\disable-cert-transparency@mozilla.org.xpi [2017-04-28]
FF Extension: (Disable Prefetch) - C:\Users\darkrider84\AppData\Roaming\Mozilla\Firefox\Profiles\39m3udim.default\features\{0ef8a0dc-ba44-4cd5-99a6-a69fb5e5c659}\disable-prefetch@mozilla.org.xpi [2017-04-28]
FF ProfilePath: C:\Users\darkrider84\AppData\Roaming\kompozer.net\KompoZer\Profiles\uhld6cno.default [2016-08-17]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-02] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1142517005-776776603-1134571006-1000: @my.com/Games -> C:\Users\darkrider84\AppData\Local\MyComGames\NPMyComDetector.dll [2016-05-24] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1142517005-776776603-1134571006-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\darkrider84\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default [2017-05-04]
CHR Extension: (Google Präsentationen) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (Google Docs) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (MEGA) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-05-03]
CHR Extension: (YouTube) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Adblock Plus) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2016-05-31]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Kaspersky Protection) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-01]
CHR Extension: (Stylish- Benutzerdef. Motive f. jede Webseite) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AutoPagerize) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp [2016-09-21]
CHR Extension: (Super Auto Refresh) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhjakkgopekjlempoplnjclgedabddk [2017-03-01]
CHR Extension: (Auto-HD für YouTube™) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2016-05-28]
CHR Extension: (Zoom) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2017-01-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-07-05]
CHR Extension: (Ashish Mishra) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2016-03-22]
CHR Extension: (Ghostery) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-04-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (uMatrix) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2017-04-11]
CHR Extension: (Google Mail) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\darkrider84\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-1142517005-776776603-1134571006-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ArchiCrypt Sichere Loeschzonen; C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [322136 2014-11-27] (Softwareentwicklung Remus - ArchiCrypt)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317056 2015-01-30] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-03-19] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-07] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5098008 2016-12-23] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [229648 2016-08-20] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-09-29] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2204768 2016-09-29] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162656 2016-09-29] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2015328 2016-09-29] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2327648 2016-09-29] (MSI)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2017-02-21] (Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-09-29] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [607160 2016-09-29] (MSI)
S2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [58296 2016-10-12] (Micro-Star INT'L CO., LTD.)
R2 MSI_Driver_Service; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe [54880 2016-10-12] (MSI)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MySQL; C:\Program Files\MariaDB\bin\mysqld.exe [13279176 2017-03-11] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-04-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-09-15] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-08-17] ()
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2017-01-11] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 USBLogonService; C:\Program Files\USBLogon\usblonsvc.exe [12288 2013-10-01] () [Datei ist nicht signiert]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-01] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84304 2015-10-01] (Asmedia Technology)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [147528 2016-01-24] (Rivet Networks, LLC.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [74368 2015-01-30] (Qualcomm Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [590464 2015-01-30] (Qualcomm Atheros) [Datei ist nicht signiert]
R3 CMfilt; C:\Windows\System32\drivers\CMfilt64.sys [23552 2014-01-27] (Creative Technology Ltd.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 cpuz140; C:\Users\darkrider84\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2017-01-11] (CPUID) <==== ACHTUNG
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [223232 2011-10-24] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-03-26] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 I2cHkBurn; C:\Windows\System32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [125488 2015-03-18] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [195296 2017-04-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [314864 2017-04-11] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1035480 2017-04-11] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
S3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-13] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-03-13] (AO Kaspersky Lab)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-05-03] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\13617676.sys [251832 2017-05-03] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 MS7926; C:\Windows\System32\DRIVERS\MS7926.SYS [608768 2014-10-06] (C-MEDIA)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_OCKit_MB; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys [13776 2016-09-08] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\System32\DRIVERS\Qcamain7x64.sys [2343064 2015-11-27] (Qualcomm Atheros, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2017-01-11] () [Datei ist nicht signiert]
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [27064 2017-01-03] (Windows (R) Win 7 DDK provider)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-18] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135824 2016-08-16] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2015-12-01] (Western Digital Technologies)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (MBB)
R3 ALSysIO; \??\C:\Users\DARKRI~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\darkrider84\AppData\Local\Temp\tmpABD8.tmp [X] <==== ACHTUNG
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-04 02:12 - 2017-05-04 02:12 - 00000000 ____D C:\FRST
2017-05-03 06:07 - 2017-05-03 06:07 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\13617676.sys
2017-05-03 06:07 - 2017-05-03 06:07 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-03 06:07 - 2017-05-03 06:07 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-03 06:07 - 2017-05-03 06:07 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-03 06:06 - 2017-05-03 06:06 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-03 06:06 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-03 05:40 - 2013-07-02 16:29 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2017-05-03 03:58 - 2017-05-03 03:58 - 00262144 _____ C:\Windows\system32\config\elam
2017-05-02 20:37 - 2017-05-02 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-27 15:30 - 2017-04-27 15:30 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\Google
2017-04-26 01:56 - 2017-04-20 02:18 - 00134776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-04-26 01:54 - 2017-04-20 03:57 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 35313600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 14659520 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-04-26 01:54 - 2017-04-20 03:57 - 11113112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 10636240 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 09316832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 08876456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 03430520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 03010680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438189.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 01589880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438189.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 01053304 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00911480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00507688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00170176 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-04-26 01:54 - 2017-04-20 03:57 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-04-26 01:51 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-04-26 01:51 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-04-26 01:51 - 2017-03-28 05:32 - 00047552 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-04-18 10:51 - 2017-04-18 10:51 - 00205952 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2017-04-18 10:51 - 2017-04-18 10:51 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2017-04-13 04:07 - 2011-08-06 23:25 - 00000000 ____D C:\Program Files (x86)\sqfeditor
2017-04-12 08:14 - 2017-03-27 20:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-12 08:14 - 2017-03-27 19:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-12 08:14 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-12 08:14 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-12 08:14 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-12 08:14 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-12 08:14 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-12 08:14 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-12 08:14 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-12 08:14 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-12 08:14 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-12 08:14 - 2017-03-25 20:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-12 08:14 - 2017-03-25 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-04-12 08:14 - 2017-03-25 20:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-04-12 08:14 - 2017-03-25 20:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-12 08:14 - 2017-03-25 20:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-04-12 08:14 - 2017-03-25 20:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-04-12 08:14 - 2017-03-25 20:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-04-12 08:14 - 2017-03-25 20:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-04-12 08:14 - 2017-03-25 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-04-12 08:14 - 2017-03-25 20:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-04-12 08:14 - 2017-03-25 20:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-12 08:14 - 2017-03-25 20:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-04-12 08:14 - 2017-03-25 20:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 08:14 - 2017-03-25 20:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-04-12 08:14 - 2017-03-25 20:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-04-12 08:14 - 2017-03-25 20:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-04-12 08:14 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-12 08:14 - 2017-03-25 20:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-04-12 08:14 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-12 08:14 - 2017-03-25 20:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-04-12 08:14 - 2017-03-25 20:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-04-12 08:14 - 2017-03-25 19:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-04-12 08:14 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-12 08:14 - 2017-03-25 19:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-04-12 08:14 - 2017-03-25 19:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-04-12 08:14 - 2017-03-25 19:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-12 08:14 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-12 08:14 - 2017-03-25 19:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 08:14 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-12 08:14 - 2017-03-25 19:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-04-12 08:14 - 2017-03-25 19:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 08:14 - 2017-03-25 19:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-04-12 08:14 - 2017-03-25 19:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-04-12 08:14 - 2017-03-25 19:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-12 08:14 - 2017-03-25 19:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-12 08:14 - 2017-03-25 19:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-04-12 08:14 - 2017-03-25 19:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-04-12 08:14 - 2017-03-25 19:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-04-12 08:14 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-12 08:14 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-12 08:14 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-12 08:14 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-12 08:14 - 2017-03-25 18:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-04-12 08:14 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-12 08:14 - 2017-03-25 18:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-04-12 08:14 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-12 08:14 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-12 08:14 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-12 08:14 - 2017-03-25 00:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-12 08:14 - 2017-03-25 00:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-12 08:14 - 2017-03-22 17:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-12 08:14 - 2017-03-22 17:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-12 08:14 - 2017-03-22 17:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-12 08:14 - 2017-03-22 17:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-12 08:14 - 2017-03-22 17:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-12 08:14 - 2017-03-22 17:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-12 08:14 - 2017-03-22 17:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-12 08:14 - 2017-03-22 17:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-12 08:14 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-12 08:14 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-12 08:14 - 2017-03-22 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-12 08:14 - 2017-03-22 17:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 08:14 - 2017-03-22 17:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-12 08:14 - 2017-03-22 17:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-12 08:14 - 2017-03-22 17:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-12 08:14 - 2017-03-22 17:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-12 08:14 - 2017-03-14 17:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-12 08:14 - 2017-03-14 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-12 08:14 - 2017-03-14 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-04-12 08:14 - 2017-03-10 18:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-12 08:14 - 2017-03-10 18:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-12 08:14 - 2017-03-10 18:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-12 08:14 - 2017-03-10 18:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-12 08:14 - 2017-03-10 18:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-12 08:14 - 2017-03-10 18:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-12 08:14 - 2017-03-10 18:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-12 08:14 - 2017-03-10 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-12 08:14 - 2017-03-10 18:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-12 08:14 - 2017-03-10 18:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-12 08:14 - 2017-03-10 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-12 08:14 - 2017-03-08 22:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-04-12 08:14 - 2017-03-08 22:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-04-12 08:14 - 2017-03-08 06:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-04-12 08:14 - 2017-03-08 06:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-12 08:14 - 2017-03-08 06:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-04-12 08:14 - 2017-03-08 06:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-04-12 08:14 - 2017-03-08 06:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-04-12 08:14 - 2017-03-08 06:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-04-12 08:14 - 2017-03-08 06:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-04-12 08:14 - 2017-03-08 06:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-04-12 08:14 - 2017-03-08 06:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 06:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 08:14 - 2017-03-08 06:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-04-12 08:14 - 2017-03-08 06:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-04-12 08:14 - 2017-03-08 06:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 08:14 - 2017-03-08 06:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-04-12 08:14 - 2017-03-08 05:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-04-12 08:14 - 2017-03-08 05:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-04-12 08:14 - 2017-03-08 05:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-12 08:14 - 2017-03-08 05:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-12 08:14 - 2017-03-08 05:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-12 08:14 - 2017-03-08 05:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-04-12 08:14 - 2017-03-08 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-04-12 08:14 - 2017-03-08 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-04-12 08:14 - 2017-03-08 05:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-04-12 08:14 - 2017-03-08 05:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-04-12 08:14 - 2017-03-08 05:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-04-12 08:14 - 2017-03-08 05:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-04-12 08:14 - 2017-03-08 05:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 05:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 05:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 08:14 - 2017-03-08 05:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 08:14 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-12 08:14 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-12 08:14 - 2017-03-07 16:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-12 08:14 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-12 08:14 - 2017-03-04 03:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-12 08:14 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-12 08:14 - 2017-03-04 03:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-12 08:14 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-12 08:14 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-12 08:14 - 2017-02-11 18:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-12 08:14 - 2017-02-11 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-12 08:14 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-12 08:14 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-12 08:14 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 08:14 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 08:14 - 2016-03-24 00:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-12 08:14 - 2016-03-24 00:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-11 05:29 - 2017-04-11 05:33 - 00000000 ____D C:\Users\darkrider84\AppData\Local\PboM
2017-04-11 05:28 - 2017-04-11 05:32 - 00000000 ____D C:\Program Files\PBO Manager v.1.4 beta
2017-04-11 05:28 - 2017-04-11 05:28 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager
2017-04-11 04:22 - 2017-04-11 04:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-04-11 04:21 - 2017-04-11 04:22 - 00000000 ____D C:\Program Files (x86)\xampp
2017-04-11 04:13 - 2017-04-11 04:13 - 00001142 _____ C:\Users\Public\Desktop\HeidiSQL.lnk
2017-04-11 04:13 - 2017-04-11 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64)
2017-04-11 04:13 - 2017-04-11 04:13 - 00000000 ____D C:\Program Files\MariaDB
2017-04-11 03:53 - 2017-04-11 03:53 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\HeidiSQL
2017-04-11 01:55 - 2017-04-28 04:12 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\FileZilla
2017-04-11 01:55 - 2017-04-11 02:04 - 00000000 ____D C:\Users\darkrider84\AppData\Local\FileZilla
2017-04-11 01:55 - 2017-04-11 01:55 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-04-07 14:20 - 2017-03-21 06:27 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-07 14:19 - 2017-04-02 18:12 - 00218040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-04-07 14:19 - 2017-04-02 18:12 - 00046008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-04-07 14:19 - 2017-04-01 05:20 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll
2017-04-07 14:19 - 2017-04-01 05:20 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll
2017-04-07 14:19 - 2017-04-01 05:20 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-04-07 14:19 - 2017-04-01 05:20 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-04-07 14:19 - 2017-04-01 02:41 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-04-04 09:21 - 2017-04-04 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-04 02:12 - 2016-03-07 14:11 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\NetSpeedMonitor
2017-05-04 02:04 - 2016-03-07 22:50 - 00000000 ____D C:\Users\darkrider84\AppData\Local\DisplayFusion
2017-05-04 02:03 - 2016-03-09 23:56 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\Skype
2017-05-04 02:03 - 2016-03-07 15:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-05-04 01:50 - 2016-03-07 14:26 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-03 22:54 - 2016-03-09 17:24 - 00000000 ____D C:\Users\darkrider84\.VirtualBox
2017-05-03 19:49 - 2016-03-07 14:26 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-03 12:25 - 2016-03-07 14:19 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-03 07:27 - 2016-03-09 17:28 - 00000000 ____D C:\Users\darkrider84\VirtualBox VMs
2017-05-03 06:08 - 2016-06-01 01:56 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-03 06:07 - 2016-06-01 01:56 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-03 06:06 - 2016-06-01 01:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-03 05:48 - 2016-06-11 01:40 - 00000000 ____D C:\Users\Administrator
2017-05-03 05:48 - 2016-03-09 11:25 - 00000000 ____D C:\Users\Sgt Napoleon
2017-05-03 05:48 - 2016-03-07 17:33 - 00000000 ____D C:\Users\MIB
2017-05-03 05:45 - 2016-03-07 14:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-03 05:41 - 2009-07-14 06:45 - 00021712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-03 05:41 - 2009-07-14 06:45 - 00021712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-03 05:40 - 2016-07-05 13:10 - 00000000 ___RD C:\Users\darkrider84\Google Drive
2017-05-03 05:40 - 2016-03-09 22:28 - 00000000 __SHD C:\Users\darkrider84\IntelGraphicsProfiles
2017-05-03 05:37 - 2011-04-12 09:43 - 00737922 _____ C:\Windows\system32\perfh007.dat
2017-05-03 05:37 - 2011-04-12 09:43 - 00166308 _____ C:\Windows\system32\perfc007.dat
2017-05-03 05:37 - 2009-07-14 07:13 - 01724604 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-03 05:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-05-03 05:32 - 2016-09-01 00:12 - 00000000 ____D C:\ProgramData\VMware
2017-05-03 05:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-03 05:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-03 05:30 - 2016-03-16 04:41 - 00000000 ____D C:\ProgramData\Ashampoo
2017-05-03 05:30 - 2016-03-07 14:39 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\KeePass
2017-05-03 03:58 - 2016-03-26 06:10 - 00000000 ____D C:\Program Files (x86)\TubeDigger
2017-05-03 03:40 - 2016-03-09 15:16 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\Spotify
2017-05-03 00:51 - 2016-03-07 14:15 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-03 00:51 - 2016-03-07 14:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-02 20:37 - 2016-03-07 14:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-02 18:50 - 2017-01-30 02:03 - 00000000 ____D C:\ProgramData\Unified Remote
2017-05-02 17:00 - 2017-02-16 15:30 - 00000000 ____D C:\Users\darkrider84\AppData\Local\Amazon Music
2017-05-01 02:49 - 2016-05-14 23:59 - 00000000 ____D C:\Users\darkrider84\AppData\Local\Arma 3 Launcher
2017-04-30 21:38 - 2016-03-09 15:16 - 00000000 ____D C:\Users\darkrider84\AppData\Local\Spotify
2017-04-30 20:46 - 2016-05-15 00:08 - 00000000 ____D C:\Users\darkrider84\AppData\Local\Arma 3
2017-04-30 20:45 - 2016-03-15 21:58 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\TS3Client
2017-04-30 01:05 - 2016-11-16 00:12 - 00000000 ____D C:\Users\darkrider84\AppData\LocalLow\Mozilla
2017-04-28 19:40 - 2016-11-16 00:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-28 13:44 - 2016-03-07 14:15 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 13:44 - 2016-03-07 14:15 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-26 23:10 - 2017-01-11 02:33 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2017-04-26 23:10 - 2016-03-19 14:08 - 00000000 ____D C:\Users\darkrider84\AppData\Local\CrashDumps
2017-04-26 23:09 - 2017-01-11 02:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2017-04-26 23:09 - 2016-09-03 17:26 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-04-26 23:09 - 2016-08-12 00:13 - 00000000 ____D C:\ProgramData\Samsung
2017-04-26 23:08 - 2016-09-03 17:26 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\Samsung
2017-04-26 21:58 - 2016-03-10 17:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-26 21:58 - 2016-03-07 17:59 - 00000000 ____D C:\ProgramData\Skype
2017-04-26 02:19 - 2016-03-08 19:44 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-26 02:19 - 2016-03-08 19:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-26 02:00 - 2016-03-07 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-26 01:56 - 2016-03-11 15:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-26 01:56 - 2016-03-07 14:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-26 01:52 - 2016-12-21 02:48 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-21 22:19 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-09 14:24 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-09 14:24 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-09 14:24 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-09 14:24 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-09 14:24 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-26 01:52 - 2016-09-09 14:24 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-26 01:52 - 2016-03-07 14:19 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-26 01:52 - 2016-03-07 14:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-25 01:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-23 05:28 - 2016-03-28 16:06 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\vlc
2017-04-22 12:02 - 2016-03-26 06:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TubeDigger
2017-04-20 03:57 - 2017-02-17 04:22 - 28558784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-04-20 03:57 - 2016-10-21 22:17 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-04-20 03:57 - 2016-09-21 22:21 - 17418792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-04-20 03:57 - 2016-03-07 14:19 - 20057176 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-04-20 03:57 - 2016-03-07 14:19 - 16431504 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-04-20 03:57 - 2016-03-07 14:19 - 13398512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-04-20 03:57 - 2016-03-07 14:19 - 04071816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-04-20 03:57 - 2016-03-07 14:19 - 03588376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-04-20 03:57 - 2016-03-07 14:19 - 00041979 _____ C:\Windows\system32\nvinfo.pb
2017-04-20 02:45 - 2016-09-09 14:24 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-04-20 02:44 - 2016-03-07 14:19 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-04-20 02:44 - 2016-03-07 14:19 - 02479736 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-04-20 02:44 - 2016-03-07 14:19 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-04-20 02:44 - 2016-03-07 14:19 - 00548472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-04-20 02:44 - 2016-03-07 14:19 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-04-20 02:44 - 2016-03-07 14:19 - 00082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-04-20 02:44 - 2016-03-07 14:19 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-04-20 00:29 - 2016-03-07 14:19 - 07915387 _____ C:\Windows\system32\nvcoproc.bin
2017-04-19 02:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-04-19 00:15 - 2016-05-27 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-04-19 00:15 - 2016-03-07 21:05 - 00000000 ____D C:\ProgramData\Oracle
2017-04-19 00:15 - 2016-03-07 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-19 00:15 - 2016-03-07 21:05 - 00000000 ____D C:\Program Files\Java
2017-04-19 00:14 - 2016-03-07 21:05 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-04-18 10:51 - 2016-03-09 17:24 - 00961768 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-04-18 10:51 - 2016-03-09 17:24 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2017-04-13 21:47 - 2016-03-09 21:21 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-04-13 21:39 - 2009-07-14 06:45 - 00511224 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-13 04:41 - 2016-03-15 20:53 - 00000000 ____D C:\Users\darkrider84\AppData\Roaming\Notepad++
2017-04-13 03:03 - 2016-04-09 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-13 03:02 - 2016-04-09 19:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-13 03:02 - 2016-04-09 19:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-13 03:00 - 2016-03-07 15:20 - 01697948 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-11 18:27 - 2017-03-15 00:27 - 06230616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-04-11 18:27 - 2016-03-26 06:20 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-11 18:27 - 2016-03-26 06:20 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-11 18:27 - 2016-03-26 06:20 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 18:27 - 2016-03-26 06:20 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-11 18:27 - 2016-03-26 06:20 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-11 05:31 - 2016-06-08 22:18 - 00000000 ____D C:\Users\darkrider84\Spielwiese
2017-04-11 00:22 - 2016-09-29 00:05 - 01035480 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-04-11 00:22 - 2016-09-29 00:05 - 00195296 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-04-11 00:22 - 2016-06-20 17:51 - 00314864 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-04-04 09:23 - 2016-03-08 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-04 09:21 - 2016-03-10 17:11 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-03-21 05:37 - 2011-07-19 03:37 - 0003262 _____ () C:\Program Files (x86)\Falco.ico
2017-03-21 05:37 - 2011-07-19 04:05 - 0000046 _____ () C:\Program Files (x86)\Falco.url
2016-09-17 17:28 - 2016-09-17 18:32 - 0000624 _____ () C:\Users\darkrider84\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-09-17 17:47 - 2016-09-29 14:48 - 0000853 _____ () C:\Users\darkrider84\AppData\Roaming\Drives Meter_Settings.ini
2016-09-17 18:13 - 2016-09-17 18:13 - 0000282 _____ () C:\Users\darkrider84\AppData\Roaming\GPU MeterV2_Settings.ini
2016-03-09 23:50 - 2016-03-09 23:50 - 157575080 _____ () C:\Users\darkrider84\AppData\Roaming\Skype.rar
2016-08-13 04:01 - 2016-08-13 04:01 - 0000000 _____ () C:\Users\darkrider84\AppData\Local\Driver_11ACPresent.flag
2016-08-13 04:01 - 2016-08-13 04:01 - 0000000 _____ () C:\Users\darkrider84\AppData\Local\Driver_LOM_8161Present.flag
2017-01-29 19:26 - 2017-01-29 19:26 - 0000876 _____ () C:\Users\darkrider84\AppData\Local\recently-used.xbel
2016-06-01 17:27 - 2016-09-19 06:21 - 0007623 _____ () C:\Users\darkrider84\AppData\Local\Resmon.ResmonCfg
2017-01-07 22:29 - 2017-01-07 22:29 - 0000000 _____ () C:\Users\darkrider84\AppData\Local\{B62D9E2D-83E4-452E-AFB1-05D14A2D952C}
2017-01-07 22:28 - 2017-01-07 22:29 - 0000000 _____ () C:\Users\darkrider84\AppData\Local\{D004F50B-84DD-4AF9-8A01-C070EC2151B8}
2016-08-19 21:28 - 2016-08-19 21:28 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-21 02:48 - 2017-01-16 06:40 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-21 02:48 - 2017-01-16 04:29 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Einige Dateien in TEMP:
====================
2016-08-07 18:15 - 2016-08-07 18:15 - 0079736 _____ (AppWork GmbH) C:\Users\darkrider84\AppData\Local\Temp\131150601392592458.exe
2016-09-21 22:42 - 2016-10-06 07:51 - 9275184 _____ (Jumping Bytes) C:\Users\darkrider84\AppData\Local\Temp\ClipboardMasterInst.exe
2016-10-06 07:50 - 2016-10-06 07:51 - 9275184 _____ (Jumping Bytes) C:\Users\darkrider84\AppData\Local\Temp\ClipboardMasterInst1.exe
2016-05-23 22:46 - 2016-08-19 05:28 - 0003584 _____ () C:\Users\darkrider84\AppData\Local\Temp\dateinj01.dll
2016-09-03 17:27 - 2016-09-03 17:27 - 0066048 _____ () C:\Users\darkrider84\AppData\Local\Temp\Execute2App.exe
2016-07-04 11:15 - 2016-10-13 20:19 - 5571272 _____ (Foxit Corporation) C:\Users\darkrider84\AppData\Local\Temp\FoxitUpdater.exe
2016-10-21 13:41 - 2016-10-21 13:41 - 4139992 _____ () C:\Users\darkrider84\AppData\Local\Temp\heidisql.exe.backup.exe
2017-04-11 03:53 - 2017-04-11 03:53 - 0041472 _____ () C:\Users\darkrider84\AppData\Local\Temp\HeidiSQL_updater.exe
2016-07-22 15:15 - 2016-07-22 15:15 - 0741440 _____ (Oracle Corporation) C:\Users\darkrider84\AppData\Local\Temp\jre-8u101-windows-au.exe
2016-11-01 05:24 - 2016-11-01 05:24 - 0737856 _____ (Oracle Corporation) C:\Users\darkrider84\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-27 01:40 - 2017-01-27 01:40 - 0739904 _____ (Oracle Corporation) C:\Users\darkrider84\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-04-19 00:14 - 2017-04-19 00:14 - 0739904 _____ (Oracle Corporation) C:\Users\darkrider84\AppData\Local\Temp\jre-8u131-windows-au.exe
2016-10-07 02:33 - 2016-10-07 02:33 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\darkrider84\AppData\Local\Temp\libeay32.dll
2016-09-03 17:27 - 2014-05-07 17:43 - 0568832 _____ (Microsoft Corporation) C:\Users\darkrider84\AppData\Local\Temp\msvcp90.dll
2016-10-07 02:33 - 2016-10-07 02:33 - 0970912 _____ (Microsoft Corporation) C:\Users\darkrider84\AppData\Local\Temp\msvcr120.dll
2016-09-03 17:27 - 2014-05-07 17:43 - 0655872 _____ (Microsoft Corporation) C:\Users\darkrider84\AppData\Local\Temp\msvcr90.dll
2016-05-19 12:51 - 2016-05-19 12:51 - 4203840 _____ () C:\Users\darkrider84\AppData\Local\Temp\npp.6.9.1.Installer.exe
2016-07-04 11:31 - 2016-07-04 11:31 - 4211112 _____ () C:\Users\darkrider84\AppData\Local\Temp\npp.6.9.2.Installer.exe
2016-11-04 10:46 - 2016-11-04 10:46 - 2842320 _____ () C:\Users\darkrider84\AppData\Local\Temp\npp.7.1.Installer.exe
2016-12-09 03:46 - 2016-12-09 03:46 - 2858376 _____ () C:\Users\darkrider84\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-03-14 01:30 - 2017-03-14 01:30 - 2903480 _____ () C:\Users\darkrider84\AppData\Local\Temp\npp.7.3.2.Installer.exe
2017-04-11 01:58 - 2017-04-11 01:58 - 2982992 _____ () C:\Users\darkrider84\AppData\Local\Temp\npp.7.3.3.Installer.exe
2016-05-13 14:00 - 2017-04-01 03:36 - 0754168 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\nvSCPAPI.dll
2016-05-13 14:00 - 2017-04-01 03:36 - 0868152 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\nvSCPAPI64.dll
2016-10-21 22:19 - 2016-10-18 21:31 - 0385928 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\nvStereoApiI.dll
2016-05-23 23:55 - 2017-04-01 03:36 - 0369208 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\nvStInst.exe
2016-09-09 14:24 - 2016-11-17 15:45 - 1135552 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\NvTelemetry.dll
2016-09-09 14:24 - 2017-01-06 03:10 - 0255032 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-09-09 14:24 - 2017-01-06 03:10 - 0335928 _____ (NVIDIA Corporation) C:\Users\darkrider84\AppData\Local\Temp\NvTelemetryAPI64.dll
2016-08-07 18:18 - 2016-08-07 18:18 - 0040448 ____N () C:\Users\darkrider84\AppData\Local\Temp\proxy_vole5003952605285576302.dll
2016-08-07 18:16 - 2016-08-07 18:16 - 0040448 ____N () C:\Users\darkrider84\AppData\Local\Temp\proxy_vole6142549320648577115.dll
2016-08-07 18:18 - 2016-08-07 18:18 - 0040448 _____ () C:\Users\darkrider84\AppData\Local\Temp\proxy_vole7076263063444579212.dll
2016-08-29 06:48 - 2016-10-01 17:58 - 8972944 _____ (Sandboxie Holdings, LLC) C:\Users\darkrider84\AppData\Local\Temp\SandboxieInstall.exe
2016-05-19 19:47 - 2017-04-26 20:56 - 57827288 _____ (Skype Technologies S.A.) C:\Users\darkrider84\AppData\Local\Temp\SkypeSetup.exe
2011-11-03 16:13 - 2011-11-03 16:13 - 1786688 _____ () C:\Users\darkrider84\AppData\Local\Temp\sonarinst.exe
2016-10-07 02:33 - 2016-10-07 02:33 - 0772672 _____ () C:\Users\darkrider84\AppData\Local\Temp\sqlite3.dll
2017-01-17 11:55 - 2017-01-17 11:55 - 14773216 _____ (Microsoft Corporation) C:\Users\darkrider84\AppData\Local\Temp\vcredist_x64.exe
2017-04-04 09:20 - 2017-04-04 09:20 - 14456872 _____ (Microsoft Corporation) C:\Users\darkrider84\AppData\Local\Temp\vc_redist.x86.exe
2016-06-08 17:43 - 2016-06-08 17:43 - 31717016 _____ () C:\Users\darkrider84\AppData\Local\Temp\vlc-2.2.4-win64.exe
2016-08-12 18:39 - 2016-10-01 17:59 - 7100088 _____ (VS Revo Group                                               ) C:\Users\darkrider84\AppData\Local\Temp\VSUSetup.exe
2015-08-03 01:58 - 2015-08-03 01:58 - 0118784 _____ () C:\Users\darkrider84\AppData\Local\Temp\xmlUpdater.exe
2016-04-03 09:03 - 2016-06-29 14:10 - 0000069 _____ () C:\Users\MIB\AppData\Local\Temp\46963e4393a6f3d92169621c3a763cb5.dll
2016-04-03 09:03 - 2016-04-03 09:03 - 0000512 _____ () C:\Users\MIB\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2016-04-27 15:58 - 2016-04-30 13:19 - 0000069 _____ () C:\Users\Sgt Napoleon\AppData\Local\Temp\716b7ab5932c67e2dce1a04db900b647.dll
2016-07-17 01:27 - 2016-07-17 01:27 - 0000069 _____ () C:\Users\Sgt Napoleon\AppData\Local\Temp\86206061a0b8900674cd2eb78d9f2678.dll
2016-07-17 01:27 - 2016-07-17 01:27 - 0000512 _____ () C:\Users\Sgt Napoleon\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2016-04-27 15:58 - 2016-04-27 15:58 - 0000512 _____ () C:\Users\Sgt Napoleon\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-03 00:12

==================== Ende von FRST.txt ============================

darkrider78 · 04.05.2017, 01:37

Addition-Log:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von darkrider84 (04-05-2017 02:12:54)
Gestartet von D:\Users\darkrider84\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-03-07 11:47:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1142517005-776776603-1134571006-500 - Administrator - Disabled) => C:\Users\Administrator
darkrider84 (S-1-5-21-1142517005-776776603-1134571006-1000 - Administrator - Enabled) => C:\Users\darkrider84
Gast (S-1-5-21-1142517005-776776603-1134571006-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1142517005-776776603-1134571006-1004 - Limited - Enabled)
MIB (S-1-5-21-1142517005-776776603-1134571006-1001 - Limited - Disabled) => C:\Users\MIB
Sgt Napoleon (S-1-5-21-1142517005-776776603-1134571006-1002 - Administrator - Disabled) => C:\Users\Sgt Napoleon

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

 (HKLM\...\UDK-6cac4299-6e8a-4f8a-b6d0-4149a93fe816) (Version:  - RuneStorm
4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.1.2185 - Open Media LLC)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.76 - Hulubulu Software)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Amazon Music (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Amazon Amazon Music) (Version: 5.4.2.1801 - Amazon Services LLC)
AMP WinOFF 5.0.1 (HKLM-x32\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Ansel (Version: 381.89 - NVIDIA Corporation) Hidden
Anti-Twin (Installation 27.04.2016) (HKLM-x32\...\Anti-Twin 2016-04-27 23.16.06) (Version:  - Joerg Rosenthal, Germany)
ArchiCrypt Shredder Version 6.93.99.6531 (HKLM-x32\...\ACRYSH6b_is1) (Version: 6.93.99.6531 - Softwareentwicklung Remus - ArchiCrypt)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Server (HKLM\...\Steam App 233780) (Version:  - Bohemia Interactive)
Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.11 - Ashampoo GmbH & Co. KG)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.8.0000 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.19.170329 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BioShock 2 Remastered (HKLM\...\Steam App 409720) (Version:  - 2K Marin)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Camtasia Studio 8 (HKLM-x32\...\{F6EC4C4E-C87B-4F50-851B-1C86E0C94F00}) (Version: 8.6.0.2055 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6452 - CDBurnerXP)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Clipboard Master (HKLM-x32\...\{3C8C8A29-3D39-4CD6-8915-1EDB6641A50E}) (Version: 4.1.1 - Jumping Bytes)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Day of Defeat: Source (HKLM\...\Steam App 300) (Version:  - Valve)
Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version:  - Binary Fortress Software)
DisplayFusion 8.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 8.1.2.0 - Binary Fortress Software)
Ditto (HKLM\...\Ditto_is1) (Version:  - Scott Brogden)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duke Nukem Forever (HKLM\...\Steam App 57900) (Version:  - Gearbox Software)
Dupli Find 6.16 (HKLM-x32\...\Dupli Find_is1) (Version:  - RL Vision)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FileBot (HKLM\...\{3C2F8747-8A77-4CF9-8751-83BEA632F148}) (Version: 4.7 - Reinhard Pointner)
FileZilla Client 3.25.1 (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.7.426 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.98.721 - Digital Wave Ltd)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
FreeFileSync 8.8 (HKLM-x32\...\FreeFileSync_is1) (Version: 8.8 - www.FreeFileSync.org)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Grand Theft Auto: Vice City (HKLM\...\Steam App 12110) (Version:  - Rockstar Games)
Handset WinDriver 1.02.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
HWiNFO64 Version 5.34 (HKLM\...\HWiNFO64_is1) (Version: 5.34 - Martin Malík - REALiX)
ICQ (Version 10.0.12156) (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\icq.desktop) (Version: 10.0.12156 - ICQ)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 3 (HKLM\...\Steam App 225540) (Version:  - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
K-Lite Mega Codec Pack 13.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.0.0 - KLCP)
KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend - Legacy Of The Dragons (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Legend - Legacy Of The Dragons (DE)) (Version: 1.15 - Mail.Ru Games GmbH)
Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
LSPD First Response (HKLM-x32\...\LSPD First Response) (Version: 0.3.1 - G17 Media)
MacroX 3.1 (HKLM-x32\...\MacroX) (Version: 3.1 - Uhrzeit.org)
Magic Duels (HKLM\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
MAGIX Music Maker 17 (HKLM-x32\...\MAGIX_{4356EDD5-144A-44F2-B352-A9232D280A0C}) (Version: 17.0.2.30 - MAGIX AG)
MAGIX Music Maker 17 (x32 Version: 17.0.2.30 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{C730B021-96D7-4F63-B52E-27F9A8155BE1}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{C7411D97-EF5E-46B2-8B49-E408A344DF82}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MakeMKV v1.10.4 (HKLM-x32\...\MakeMKV) (Version: v1.10.4 - GuinpinSoft inc)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.22.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.22.0 - MariaDB Corporation Ab) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM\...\Steam App 17410) (Version:  - DICE)
Mozilla Firefox 52.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
MS7926 USB Audio Driver (HKLM-x32\...\{126CA2C8-404B-412F-A794-A1B5186E6EEE}) (Version: 1.00.0014 - C-Media Electronics, Inc.)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.16 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.0.0.29 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.07 - MSI)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\MyComGames) (Version: 3.181 - My.com B.V.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NOX (HKLM-x32\...\{BF152F35-9708-452C-862C-F7E3B62DF732}) (Version: 2.0.0.20 - Electronic Arts, Inc.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 381.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
ONE PIECE PIRATE WARRIORS 3 (HKLM\...\Steam App 331600) (Version:  - KOEI TECMO GAMES CO., LTD.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenTTD 1.6.0 (HKLM-x32\...\OpenTTD) (Version: 1.6.0 - OpenTTD)
Oracle VM VirtualBox 5.1.20 (HKLM\...\{CD6E345E-ECBC-4F98-BB28-276ACBBCD4DE}) (Version: 5.1.20 - Oracle Corporation)
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
Prototype (HKLM\...\Steam App 10150) (Version:  - Radical Entertainment)
PROTOTYPE 2 (HKLM\...\Steam App 115320) (Version:  - Radical Entertainment)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 4.0.0.493 - Qualcomm Atheros Communications)
Rampage Knights (HKLM\...\Steam App 314410) (Version:  - Rake in Grass)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
Roguelands (HKLM\...\Steam App 364420) (Version:  - SmashGames)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
Saints Row IV (HKLM\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.17 (Di, 23.02.2016) - Samsung Electronics Co., Ltd.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (Mi, 28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.04(Mi, 29.01.2016) - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.14 (Mi, 02.08.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.26 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited)
SpeedRunners (HKLM\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
SUPERHOT (HKLM\...\Steam App 322500) (Version:  - SUPERHOT Team)
Swifty (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\Swifty) (Version: 2.1.3.5 - Sebastian)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version:  - Gameforge4d)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TubeDigger 5.6.2 (HKLM-x32\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 5.6.2 - TubeDigger)
UltraMon (HKLM\...\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}) (Version: 3.3.0 - Realtime Soft Ltd)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.5.1 - Unified Intents AB)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Unity Web Player (HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
USBLogon 1.6.2.3 (HKLM\...\{E7D9D138-7DFA-441A-B1A9-703193C5D6D3}_is1) (Version: 1.6.2.3 - Quadsoft)
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: alpha v0.25
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{DCA4824C-42E8-4911-9C10-5BB43A315625}) (Version: 12.0.0 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{B5D298A9-C55D-47F7-B608-C5BEFACCE32F}) (Version: 2.4.15.1 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (x32 Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.30-0 - Bitnami)
XMedia Recode Version 3.3.3.3 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.3.3 - XMedia Recode)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\ChromeHTML: ->  <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1142517005-776776603-1134571006-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142517005-776776603-1134571006-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\darkrider84\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1142517005-776776603-1134571006-1000_Classes\CLSID\{55839D91-467F-4be1-9DC1-8ADBBCC794F6}\InprocServer32 -> C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142517005-776776603-1134571006-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142517005-776776603-1134571006-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {14B6AF19-34B1-4A9B-8F12-4B79D3B6CE47} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation)
Task: {1B960B54-F450-4424-93B9-E7364C0A776C} - System32\Tasks\Core Temp Autostart darkrider84 => C:\Program Files\Core Temp\Core Temp.exe [2017-03-18] (ALCPU)
Task: {1F0F4C20-DED4-4399-95BA-497724719BF8} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {22390357-9A54-4913-B74A-749F659155B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation)
Task: {2961515C-7671-4C50-8B48-A27479996F5A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {38DD456E-A3E2-47BE-8F1D-A80C1374AA0B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-07] (Dropbox, Inc.)
Task: {46D3791F-AAA7-465B-BEEC-A61BCCBA60F3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {470B8611-C1FE-4CED-8833-73FA86F524B6} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {642C19D7-ADAC-4CCE-9E59-007EBE05C405} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {73A04FCE-D6BF-44F4-B58B-9B9AEC46DBA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-07] (Google Inc.)
Task: {76855E54-9F2C-48AB-A2D1-8364C9A46E7C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {774BD669-C9BC-4DB6-99F3-62DA7DFC5B69} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-26] (Microsoft Corporation)
Task: {7C8C7859-53BD-4C4C-9858-D005A92B6829} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {7CFA217D-C3D4-45C5-98BF-7D19442A5779} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [2016-08-03] (REALiX)
Task: {7F63954C-7EBC-441B-B41D-0E5F5A85F67E} - System32\Tasks\PCMeter\Startup => C:\Program Files (x86)\PCMeterV4\PCMeterV0.4.exe [2013-11-06] (AddGadgets)
Task: {A10FE259-E624-45D3-84DD-6AA20A029641} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {B5265B97-2C5D-4216-8CB2-BB4CC17AC471} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-07] (Dropbox, Inc.)
Task: {B8D6738D-84B3-4162-82CE-ADDA0F19293A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {C5EFB852-9435-4723-AF4C-9AAD6FEB49D7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-02-01] ()
Task: {D737F674-2D92-4D39-BF3F-A7D02648ED87} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {D7541E11-0A00-4427-BA49-6085426216F4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E473995F-E69C-4284-9D9D-8439CBF6F49E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {EAED7726-C8B2-423C-8DD2-1BBFB5A8659B} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {EF33946B-27B0-4B6B-976D-05A72790B818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-07] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-01-11 02:33 - 2015-04-24 15:27 - 00022528 _____ () C:\Windows\System32\sst9clm.dll
2017-01-11 02:34 - 2015-03-12 04:43 - 00022528 _____ () C:\Windows\System32\us00alm.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-03-11 20:20 - 2017-03-11 20:20 - 13279176 _____ () C:\Program Files\MariaDB\bin\mysqld.exe
2016-09-09 14:24 - 2017-03-28 05:32 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-29 23:23 - 2016-09-15 00:00 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-01-11 02:34 - 2016-08-17 14:43 - 00499000 ____N () C:\Windows\SysWOW64\spdsvc.exe
2017-01-11 02:34 - 2017-01-11 02:34 - 00143664 ____N () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2016-03-07 16:33 - 2013-10-01 18:11 - 00012288 _____ () C:\Program Files\USBLogon\usblonsvc.exe
2016-11-12 04:21 - 2016-06-14 17:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2017-03-20 17:44 - 2017-03-20 17:44 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-01-30 14:16 - 2015-01-30 14:16 - 00089728 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2015-01-30 14:14 - 2015-01-30 14:14 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2016-03-07 15:51 - 2015-05-29 18:57 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2016-03-07 15:51 - 2015-05-29 18:56 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-09-29 23:13 - 2016-09-29 23:13 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-09-08 14:39 - 2014-09-08 14:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 14:38 - 2014-09-08 14:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2016-09-17 17:27 - 2016-09-17 17:27 - 00012520 _____ () C:\Users\darkrider84\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2016-09-17 17:27 - 2016-09-17 17:27 - 00015080 _____ () C:\Users\darkrider84\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2016-09-17 17:27 - 2016-09-17 17:27 - 00014056 _____ () C:\Users\darkrider84\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2016-03-24 23:06 - 2008-11-05 00:33 - 00307673 _____ () C:\Users\darkrider84\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ToggleHiddenFiles.exe
2017-01-11 02:34 - 2013-10-04 06:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2017-01-11 02:33 - 2015-04-28 16:57 - 00087552 ____N () C:\Windows\system32\SSDEVM64.DLL
2016-03-29 14:18 - 2012-01-29 16:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2016-03-29 14:18 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2017-05-03 00:51 - 2017-05-02 03:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libglesv2.dll
2017-05-03 00:51 - 2017-05-02 03:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libegl.dll
2017-05-03 06:06 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-05-05 04:18 - 2016-07-22 08:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-05-05 04:18 - 2016-07-22 08:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-05-05 04:18 - 2016-07-22 08:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-05-05 04:18 - 2016-07-22 08:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-03-19 18:50 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-01-11 02:34 - 2016-03-24 05:56 - 02817536 ____N () C:\Windows\system32\DlgSearchEngine.dll
2015-08-14 14:03 - 2015-08-14 14:03 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-11-10 13:12 - 2014-11-10 13:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-09 14:24 - 2017-03-28 05:32 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-12-13 09:39 - 2013-12-13 09:39 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2013-11-18 09:32 - 2013-11-18 09:32 - 00053248 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2016-11-12 04:21 - 2016-06-14 17:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2017-01-26 13:35 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-01-26 13:35 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-01-26 13:35 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-01-26 13:35 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-01-26 13:35 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2017-01-26 13:35 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-01-26 13:35 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-01-26 13:35 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-01-26 13:35 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-01-26 13:35 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-01-26 13:35 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-01-26 13:35 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-02-28 10:51 - 2017-02-28 10:51 - 01937376 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-05-02 20:37 - 2017-05-01 16:44 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-03-07 14:27 - 2017-04-13 01:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-03-07 14:27 - 2017-04-13 01:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-03-07 14:27 - 2017-04-13 01:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-03-07 14:27 - 2017-05-01 16:48 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-03-07 14:27 - 2017-04-13 01:44 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-03-07 14:27 - 2017-04-13 01:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-05-02 20:37 - 2017-04-13 01:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-05-02 20:37 - 2017-04-13 01:44 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-05-02 20:37 - 2017-04-13 01:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-03-07 14:27 - 2017-04-13 01:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 22:52 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-05-02 20:37 - 2017-04-13 01:43 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-02 20:37 - 2017-04-13 01:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-03-07 14:27 - 2017-05-01 16:49 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-05 22:52 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-05 22:52 - 2017-04-13 01:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-03-07 14:27 - 2017-05-01 16:49 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-03-07 14:27 - 2017-04-13 01:44 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-24 21:54 - 2017-05-01 16:49 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-26 01:40 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-26 01:40 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-26 01:40 - 2017-05-01 16:49 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-26 01:40 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-03-07 14:27 - 2017-04-13 01:46 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-03-07 14:27 - 2017-05-01 16:49 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-05-02 20:37 - 2017-04-13 01:37 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-05-02 20:37 - 2017-05-01 16:48 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-12 08:55 - 2017-05-01 16:49 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-05-02 20:37 - 2017-04-13 01:50 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-05-02 20:37 - 2017-04-13 01:50 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-02 20:37 - 2017-05-01 16:48 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-05 22:52 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-02 20:37 - 2017-05-01 16:48 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-26 22:53 - 2017-04-13 01:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-03-07 15:51 - 2015-05-29 18:56 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2016-03-07 15:51 - 2015-05-29 18:54 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2017-05-03 05:40 - 2017-05-03 05:40 - 00098816 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32api.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00110080 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\pywintypes27.dll
2017-05-03 05:40 - 2017-05-03 05:40 - 00364544 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\pythoncom27.dll
2017-05-03 05:40 - 2017-05-03 05:40 - 00320512 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32com.shell.shell.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00914432 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_hashlib.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 01176576 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._core_.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00806400 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._gdi_.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00816128 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._windows_.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 01067008 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._controls_.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00733184 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._misc_.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00682496 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\pysqlite2._sqlite.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00088064 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_ctypes.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00686080 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\unicodedata.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00119808 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32file.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00108544 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32security.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00007168 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\hashobjs_ext.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00017920 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\thumbnails_ext.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00088064 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\usb_ext.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00012800 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\common.time34.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00018432 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32event.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00167936 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32gui.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00046080 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_socket.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 01303552 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_ssl.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00128512 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_elementtree.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00127488 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\pyexpat.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00038912 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32inet.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00036864 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_psutil_windows.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00524248 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\windows._lib_cacheinvalidation.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00011264 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32crypt.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00123392 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._wizard.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00077312 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._html2.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00027648 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_multiprocessing.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00020480 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\_yappi.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00035840 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32process.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00078848 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\wx._animate.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00024064 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32pipe.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00010240 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\select.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00025600 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32pdh.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00017408 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32profile.pyd
2017-05-03 05:40 - 2017-05-03 05:40 - 00022528 ____R () C:\Users\darkrider84\AppData\Local\Temp\_MEI78202\win32ts.pyd
2017-01-26 13:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-01-26 13:35 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-09-09 14:24 - 2017-03-28 05:32 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-09 14:24 - 2017-03-21 06:27 - 02442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-09 14:24 - 2017-03-21 06:27 - 00363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-09 14:24 - 2017-03-21 06:27 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-09 14:24 - 2017-03-21 06:27 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-09 14:24 - 2017-03-21 06:27 - 00469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-09 14:24 - 2017-03-21 06:27 - 00571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-03-20 17:44 - 2017-03-20 17:44 - 00048296 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2016-04-11 08:44 - 2017-02-03 14:44 - 00407040 _____ () C:\Program Files (x86)\4KDownload\4kvideodownloader\libmp3lame-0.dll
2016-04-11 08:44 - 2017-02-03 14:44 - 00133304 _____ () C:\Program Files (x86)\4KDownload\4kvideodownloader\libgcc_s_dw2-1.dll
2016-04-11 08:44 - 2017-02-03 14:44 - 00333456 _____ () C:\Program Files (x86)\4KDownload\4kvideodownloader\libportaudio-2.dll
2016-04-11 08:44 - 2017-02-03 14:44 - 01553592 _____ () C:\Program Files (x86)\4KDownload\4kvideodownloader\libstdc++-6.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\NeueDatenbank.kdbx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\MIB:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1142517005-776776603-1134571006-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1142517005-776776603-1134571006-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\darkrider84\AppData\Local\DisplayFusion\Wallpaper_1
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk => C:\Windows\pss\UltraMon.lnk.CommonStartup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ClipboardMaster => C:\Program Files (x86)\Jumping Bytes\Clipboard Master\ClipboardMaster.exe
MSCONFIG\startupreg: icq.desktop => "C:\Users\darkrider84\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MyComGames => "C:\Users\darkrider84\AppData\Local\MyComGames\MyComGames.exe" -autostart
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\darkrider84\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\darkrider84\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: USBLogon => C:\Program Files\USBLogon\usblondetect.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{80A34956-2EE0-44CB-BD8F-BE3CC1BC21EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF1F7062-3231-4682-94CB-AFD62CE75B2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5C6662A0-DD0E-4639-8926-96EFB96D0630}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{266CB590-4ACE-49E9-B9FE-51A9F276A238}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D7E05C92-5DE7-43B1-B8B9-685CD12940EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{0710B74A-37F4-44C2-AB38-3079E256D8BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{45E340CE-9CF6-4D31-B84B-5B7F43073DC9}] => (Allow) C:\Users\darkrider84\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{82B75D1E-EB34-471C-8F3F-7EECD88F165C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B55A98CD-10BF-445F-9717-01EB23F23B84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{98E2451A-EBC9-47CD-94B9-C895C799FA1D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA91299E-CD05-43B7-8363-1FA5CDF8565B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{0CAEBEA6-4CE0-4954-B608-15F9B9839727}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{3B02FE30-8477-4030-BF50-64D9F37E82B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{10A84E22-6BA3-477B-AB8F-0EC4D5C32944}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{234531F3-6112-4983-99EB-E208E1C538DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{AA0A9751-17BC-4F38-A1BF-62A3C2B886CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{50D2AB1D-1A43-4635-91A2-E1BA8755A0E2}] => (Allow) D:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{4E12338D-0C30-4E67-99A2-F0D46CF8A8DB}] => (Allow) D:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{CF56490A-8528-4CA5-BC14-50736AACEEF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{980977D5-E12C-4FBD-AF2A-F2E4FEAB3644}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{8AC356A5-94F0-4596-8D30-CDEAA7203A2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{43BD877E-75C5-4448-B6FF-6B5A60229B1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{72BED3DA-6DFE-4C7E-AFF5-DABB8C3AAC58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A93A0837-F0E3-437F-8E24-EFBE01643C70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A0479351-8859-4431-8777-B9F58CD5E995}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\bf4_x86.exe
FirewallRules: [{DACAF61D-586A-47A2-8CA6-B30EC5B48F0E}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\bf4_x86.exe
FirewallRules: [{4D4B7318-943F-42DA-B31F-7AC27ABD532B}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\bf4.exe
FirewallRules: [{459E363D-DFF0-4B32-9A4D-F19767C6F994}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\bf4.exe
FirewallRules: [{F25041FB-B501-4C16-955A-F2F2F190ADF9}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{0FE6F867-F6D7-41FA-AAC3-932102654D6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{9DDA01EA-200D-4058-B053-4403C46F19D4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{50D0FB32-254D-4534-99C8-1FA1E33C1128}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{64E31567-7906-4076-B614-F15B7404D855}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{F16404EB-0FF4-4788-8F76-3AAB1F861777}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{EC151D7D-0F1C-485D-A5FA-D01692E1867C}] => (Allow) D:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{E6EF0436-AFAA-4101-8839-236B707576F5}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{EB30AAA6-8D2D-4854-8375-117F0FC61B7C}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{B847E394-D691-45CA-BDED-05773A5ADCCB}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{99F0CA34-BF42-4180-88FC-D3CA1E665851}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{755726A6-2142-4021-ADE5-30B57B99D195}] => (Allow) D:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Orcs Must Die! Unchained\OMDU.exe
FirewallRules: [{D91C7ADE-70EF-4D95-B204-ABAAB5987F2C}] => (Allow) D:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Orcs Must Die! Unchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{B6E407FA-01C0-47EF-8379-A387B0D688AD}] => (Allow) D:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Orcs Must Die! Unchained\Binaries\Win64\SpitfireGame.exe
FirewallRules: [{E76C296D-0FAE-45D4-8936-71BFEDB53C73}] => (Allow) LPort=8317
FirewallRules: [{9DA6F3D0-EC91-4F57-B4B2-1AC1C04DAF61}] => (Allow) D:\SteamLibrary\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{04BE7B2B-23E6-4749-B8B8-831B50D3E804}] => (Allow) D:\SteamLibrary\steamapps\common\Edna and Harvey Harvey's New Eyes\harvey.exe
FirewallRules: [{1FA2C5CC-B788-41EF-B2B0-5E5F736B1E1B}] => (Allow) D:\SteamLibrary\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{4B2647DD-88E7-40F0-9D0E-BE142248A893}] => (Allow) D:\SteamLibrary\steamapps\common\Edna and Harvey Harvey's New Eyes\VisionaireConfigurationTool.exe
FirewallRules: [{59FB0ECB-5124-44BF-91DB-7225A3630FC7}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{86F951E1-9213-48A7-BE7E-B48A839B388B}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{297433AB-18F3-4784-911B-B295D11980D6}] => (Allow) D:\SteamLibrary\steamapps\common\Rampage Knights\rampage_knights.exe
FirewallRules: [{CEC8ADD4-A477-4E76-8B68-1DD086540490}] => (Allow) D:\SteamLibrary\steamapps\common\Rampage Knights\rampage_knights.exe
FirewallRules: [TCP Query User{ED5DA7DF-027E-47E3-82DA-D4C4D6A5327D}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{4A84907B-0389-43E0-8190-6EEB4EF2E898}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{AF5FAEB4-968E-40FD-B571-62D9433DE56E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{8436C605-7FEA-4AFD-8C96-291EF8DEB8E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [TCP Query User{AFA9587C-782D-4CE1-8767-67CE99CFB4A6}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{7F98BE40-5388-4EDB-8FB9-2262D8B366A4}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{D724AA95-540F-475E-99F4-BB2048950F1C}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EDFA4029-05BD-406C-91BC-3B2C41E37B8E}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{AEF4D823-1382-45AF-9117-7AE50C07C06E}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B5FFC905-ECC9-4032-ADCB-5E8B99930AC0}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{27360257-E090-4E25-94ED-9B8756E49388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{EC3EFADA-A636-432E-AD43-BE48616ACA6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{0927CD07-79A6-4D76-BD2E-E139168BA448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{0F70E41A-D6FB-4211-BEAE-A1394F2D31CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{06A2A33C-6EDF-4061-B29C-F30CD3DDF8C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{28328E10-2855-40F5-8431-6A0964E8F835}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{E99BF7BD-3A2A-40ED-90E0-36E1C8937976}] => (Allow) D:\SteamLibrary\steamapps\common\Roguelands\Roguelands.exe
FirewallRules: [{2A07E814-022B-4ED9-BEB3-56DDD67B9DF3}] => (Allow) D:\SteamLibrary\steamapps\common\Roguelands\Roguelands.exe
FirewallRules: [{AD8B2721-B69A-4D72-9A4E-6EA9BBF3990E}] => (Allow) D:\SteamLibrary\steamapps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{30D02D7B-A56D-4A71-9CDD-38D721B44D3A}] => (Allow) D:\SteamLibrary\steamapps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{F903674E-D7B3-49EA-95FC-ACFFBAAE8A1E}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{33F97C7A-DB38-4450-9030-0153B8503021}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{47EEA074-3AAB-48AC-B15C-BC51D09121A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{E057773D-E1F2-4F4F-8B67-F67D1ACA5835}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{20A281E4-0527-4A36-9479-234F347DF131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{E40F8B03-0365-48DC-A1C7-353EBF8D46D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{073E7A0E-84EC-49E0-BC6C-D42914061140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{D925C1D4-2ACB-4935-A787-A4324319F6E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{E5C261F9-51B5-4916-921C-282367A8EDE8}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{42D9C0E9-9B9F-4FAD-A49B-BEF6AA2841BE}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{5A32A0C8-BDFC-4988-99CC-DEB749556C72}] => (Allow) D:\SteamLibrary\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{E0C8A48C-F103-48C0-928C-2DFC502495A0}] => (Allow) D:\SteamLibrary\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{B78F7D96-116B-4FC8-A683-8DEE0A7F7EFF}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{1D2E5110-555F-41F0-B5DD-1652A550D1C1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{BF90AB46-CB94-4CB8-BA03-3BA7ACC35062}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C7FD2D6B-CCEC-4FCB-844B-894BF014E522}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EE3A2E14-EDA9-41C7-8050-65C577F41098}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D43E16E-F805-4C63-8948-71D09A4FC759}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E6BFC6E1-7FF5-4B71-AEC9-69182F294436}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4607CB63-061A-4B99-817E-1DAF2B16701D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FDCFCAE2-AF9F-4E42-80B8-934119F057BA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E12D66A4-9E55-41FB-A9CE-017744AAE33C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{5C832356-6383-4EEC-A48E-6CE750A2CA3D}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{EA4A6C6C-0713-46D1-97FF-268B15425E5A}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{99BA4A68-E4B5-4B40-86EE-8884B848DC5A}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{142A4FC3-BBC7-4E12-B1A7-9E3D571886FF}] => (Allow) D:\Origin Games\Battlefield 4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{739B1BAD-662B-4590-8706-9CA8E9947A15}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{D274B844-76DA-401E-B817-0F50F13EB513}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{B765B5B7-F864-4B7E-AA61-8E86FA7AE45A}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{EBA47ED1-BBF7-4AD9-890A-CB66A4801403}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{322D745D-C5FF-4AED-B216-A3D0C9976ED9}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{14C57A97-8390-4730-B105-A3484BBA6E1C}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C9BB834E-8CAC-427D-9A20-8F1E7CAE7315}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{F3DB0EA8-3F33-4611-AB87-CA8C3344F5EE}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{0F637272-1B08-4959-949F-FF97BCEA6849}] => (Allow) D:\SteamLibrary\steamapps\common\Prototype 2\prototype2.exe
FirewallRules: [{46804C6D-D782-4DCD-B7FB-208ABCF37F7D}] => (Allow) D:\SteamLibrary\steamapps\common\Prototype 2\prototype2.exe
FirewallRules: [{DCA315D7-CD1D-4DD7-92B2-1E2FCD6EC3D6}] => (Allow) D:\SteamLibrary\steamapps\common\Prototype\prototypef.exe
FirewallRules: [{6A57FCBA-CE97-4981-B2E5-5056072C376E}] => (Allow) D:\SteamLibrary\steamapps\common\Prototype\prototypef.exe
FirewallRules: [{4064FF18-2BC6-4E1D-831A-F8B5B1AE2CB4}] => (Allow) D:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{ECEB8A7B-1358-4E44-847D-F91032FC63A3}] => (Allow) D:\SteamLibrary\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{D65CBA9C-BE42-461F-A868-74BD93A12606}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{25C0AA3A-D2FE-4C55-BC19-758AABC55BCA}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{402E0CC5-1BD6-4C0B-AB1C-603E467A1DF5}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{BDB33D44-692F-4C9D-A019-E5AE857A3311}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{14365AC7-CA9D-4F2B-A170-A2A60624B682}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{2E703DAE-646A-4C71-9004-BCCD23BB6F32}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{67AC53A4-0BA1-4306-AC35-9B02DDBFC244}] => (Allow) D:\SteamLibrary\steamapps\common\OPPW3\oppw3.exe
FirewallRules: [{F4178C67-59A3-4454-B9AD-C457921050ED}] => (Allow) D:\SteamLibrary\steamapps\common\OPPW3\oppw3.exe
FirewallRules: [{13D57500-DB33-46FF-86CB-587A6B07DF60}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{9F8555C5-58E0-427E-B382-61F347B6C8F6}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5979A54C-6777-4A53-AD50-99C62D164DBC}] => (Allow) D:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{2F110D82-DE6C-427D-AA33-593A990B5342}] => (Allow) D:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{A57E7B96-5D56-49BE-AC6F-C00588776C85}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{2C2D9A5B-1F2F-4F5F-A297-F22486EF1152}] => (Allow) D:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{AEADC008-737A-40C4-87EA-50F6E4448929}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{28470039-E507-4C60-A156-9434B7D11789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{5A082EC8-B948-480F-BB02-872CABA84CA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{A12A5F53-4A8C-4229-9322-FEA7330B7BE8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DFC38A01-F3C8-416E-956D-E30A107B6F55}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{57EC1E59-BD30-4ABC-936F-B29A95935E30}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AE1C3E00-56CB-405F-A4F5-ECA264BF4FC2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{80FD318F-D0E6-4304-B16D-AD42A94B27E9}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{208CAD53-AFAC-450C-9F63-0D2A1F7AD2C4}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{E956EC81-E017-4922-B873-9A845084E41B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B5731399-BC77-427A-B754-9936ED8F364B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E52B6658-141D-4DD1-9278-0CDCBF1D3545}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B08D6689-8D50-4733-840A-A6FF00D279FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F8E35A5D-E641-4112-952A-F6390AD5F426}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1126104B-9A2C-4001-8F23-066C6DF6C979}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{8B7834F7-6E53-4BEB-9E8F-A141C8D1029D}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{8B0E012A-5795-4364-9243-4B6E6F01F7E0}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{B3DEA769-25BD-4358-B2D8-EC777435DEA4}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{DCF655C8-3DD8-40AD-8CED-3184B034FE4E}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{42389BFE-945E-4735-B58D-814A3DD97C3F}] => (Allow) D:\SteamLibrary\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [TCP Query User{BE9DC22E-A2A7-42E6-9F9D-643C60C5D45A}C:\users\sgt napoleon\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sgt napoleon\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4901367D-0D7E-4CC7-91CA-1E1F39825955}C:\users\sgt napoleon\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sgt napoleon\appdata\local\akamai\netsession_win.exe
FirewallRules: [{08DFDA7F-4E5D-4177-B4A1-9786B1FCF3DE}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{121C5A47-4004-4D47-9260-A4F2C322A54C}] => (Allow) D:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{07102432-B977-4D4F-A4A2-BA616FD50DA2}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{6B5A0FCB-125A-4512-97CD-76AB204BD090}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{8010D3A4-9B84-403F-B1B0-E322D5F86E56}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{F089E1BF-65D7-4A57-989D-2D193FBA2663}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D96A3CD4-1462-4584-80F0-ACFD244159C2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{01A04DB2-AED1-4A6C-A5CB-4105E69B8653}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{D62BB9D1-502E-4B35-A7A0-C151C5428C9B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{1EAA8A62-85AB-46C5-BC75-D06FF851F4BD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{BCDFB049-C627-44E0-B452-2212BA141352}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{4BC3F0C1-CD38-4703-B420-A35192DFE421}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{540F838F-E36C-424D-83A5-E3B974BFF116}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{646D3995-898F-4F82-A9D1-E15AB8888D3C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{8806FC5E-7687-4ED2-9CBF-917E625681EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{6514E980-D256-44EE-B674-CDC77C1216D8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{E3EAE5D7-6BF4-457E-95C6-80205E2FE812}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{63870D59-3174-47B5-A16B-C0F05477023B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{F7D197D4-6ECF-4722-8982-FC1DD27C3F45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2BF71D3D-A26B-4993-B4B7-935CAD834A50}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7EAFE096-C000-465C-9977-F0B8D3165CD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{796598D8-2671-445E-BD7F-C6412DB753E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{1CBA6601-6441-4511-A842-11509A735F18}] => (Allow) D:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{56A732B4-DCB9-49AE-8E82-4657912401DE}] => (Allow) D:\SteamLibrary\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{93B863A1-7D3A-4115-91DD-4E8985C4EBDA}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6834A0B5-D849-4C01-BB35-55AD8653F963}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{BEF057E6-3D38-4678-857A-1B10A3747181}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8C9F18F6-1B65-4520-B1E4-BA958DC64F89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{015E0695-8364-4E53-A42E-EDEF7BC8F7B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{522E0BA4-8911-4DA4-BCB2-ABEB47E0D7AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55B7682D-6CAD-4708-A12B-7CC4C37FD2C4}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{63EB530E-5E09-44FA-883F-3CAD8C8161D3}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{8B83C9C6-A058-4901-8C67-B2B0620286FF}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{6B22DBF1-B17E-4919-9CE6-9536234E1CAE}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{68A73B17-86D0-4775-ACEB-CB7026279136}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{CECFD0EC-D60C-4663-A3AC-BFC4BB9E0F49}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{C99DE774-BC48-4F8D-BB4F-26549B27DCA8}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{068A75CB-7387-45AC-89C7-6ABDB8FB1F52}] => (Allow) D:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{2562FB87-FD60-458B-B073-01DB390EF815}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [{0F21A381-ED07-4DB6-B1C6-F3EB1237A08C}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [{43EAA2CD-1BD0-445A-B1FB-1F6ADF1C8538}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{434A0AAD-45EB-4D8A-A4DF-29F90B6F509F}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{126842E6-B69C-49E5-B3E5-0792B276D8B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{2B2B61A1-B12B-4031-941B-F9B9BFF13CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3C6D1268-0D45-47B0-92F8-2F5F194716B9}] => (Allow) C:\Program Files\MariaDB\bin\mysqld.exe
FirewallRules: [{6517D90C-5EC9-48E6-8C37-7B5ECDB9E6EC}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe
FirewallRules: [{5B8875FA-F954-4879-B987-AAABC9EE1E96}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{307669C5-902E-4C34-82F9-71DCE8098434}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{C7FC1B6F-E8A7-455A-8DFB-49329529579B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{D0100FB3-FF53-448A-8008-9B9BC1022A2C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

02-05-2017 19:27:45 Windows Update
03-05-2017 05:46:25 Installed Oracle VM VirtualBox 5.1.22

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/03/2017 05:32:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (05/03/2017 05:32:35 AM) (Source: MSI_ActiveX_Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   bei System.Management.ManagementScope.InitializeGuts(Object o)
   bei System.Management.ManagementScope.Initialize()
   bei System.Management.ManagementEventWatcher.Initialize()
   bei System.Management.ManagementEventWatcher.Start()
   bei MSI_ActiveX_Service.ActiveX_Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/03/2017 04:03:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (05/03/2017 04:03:44 AM) (Source: MSI_ActiveX_Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80010002): Aufruf wurde durch Messagefilter abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
   bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
   bei System.Management.ManagementScope.InitializeGuts(Object o)
   bei System.Management.ManagementScope.Initialize()
   bei System.Management.ManagementEventWatcher.Initialize()
   bei System.Management.ManagementEventWatcher.Start()
   bei MSI_ActiveX_Service.ActiveX_Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/03/2017 03:50:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/02/2017 04:33:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2017 04:59:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "d:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/30/2017 06:26:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6988

Error: (04/30/2017 06:26:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6988

Error: (04/30/2017 06:26:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (05/03/2017 05:40:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/03/2017 05:40:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/03/2017 05:40:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/03/2017 05:40:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/03/2017 05:40:52 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.

Error: (05/03/2017 05:40:52 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.

Error: (05/03/2017 05:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinRing0_1_2_0" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/03/2017 05:40:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/03/2017 05:40:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/03/2017 05:40:41 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.


CodeIntegrity:
===================================
  Date: 2016-09-16 00:33:51.370
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\DARKRI~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-16 00:33:51.347
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\DARKRI~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-16 00:33:51.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-16 00:33:51.260
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-03-08 02:58:05.858
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\CMWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-03-08 02:58:05.845
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\CMWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-03-08 02:57:52.387
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\CMWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-03-08 02:57:26.252
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\CMWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-03-08 02:56:17.711
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\CMWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-03-08 02:44:22.737
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\CMWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 91%
Installierter physikalischer RAM: 15815.94 MB
Verfügbarer physikalischer RAM: 1413.17 MB
Summe virtueller Speicher: 31630.07 MB
Verfügbarer virtueller Speicher: 12780.09 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:476.72 GB) (Free:64.59 GB) NTFS
Drive d: (Seagate) (Fixed) (Total:2794.39 GB) (Free:155.01 GB) NTFS
Drive e: (Lokaler Datenträger) (Fixed) (Total:930.41 GB) (Free:83.96 GB) NTFS
Drive k: () (Fixed) (Total:0.1 GB) (Free:0.05 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 17A18ECB)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

darkrider78 · 04.05.2017, 01:38

TDSSKiller-Log:

Code:

ATTFilter

02:25:43.0959 0x190c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
02:25:43.0959 0x190c  UEFI system
02:25:46.0124 0x190c  ============================================================
02:25:46.0124 0x190c  Current date / time: 2017/05/04 02:25:46.0124
02:25:46.0124 0x190c  SystemInfo:
02:25:46.0124 0x190c  
02:25:46.0124 0x190c  OS Version: 6.1.7601 ServicePack: 1.0
02:25:46.0124 0x190c  Product type: Workstation
02:25:46.0125 0x190c  ComputerName: DARKRIDER84-PC
02:25:46.0125 0x190c  UserName: darkrider84
02:25:46.0125 0x190c  Windows directory: C:\Windows
02:25:46.0125 0x190c  System windows directory: C:\Windows
02:25:46.0125 0x190c  Running under WOW64
02:25:46.0125 0x190c  Processor architecture: Intel x64
02:25:46.0125 0x190c  Number of processors: 8
02:25:46.0125 0x190c  Page size: 0x1000
02:25:46.0125 0x190c  Boot type: Normal boot
02:25:46.0125 0x190c  CodeIntegrityOptions = 0x00000001
02:25:46.0125 0x190c  ============================================================
02:25:46.0425 0x190c  KLMD registered as C:\Windows\system32\drivers\61431148.sys
02:25:46.0425 0x190c  KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23714, osProperties = 0x1
02:25:46.0488 0x190c  System UUID: {53ED4AC6-AF9B-3BE4-4AF2-6F883E9228E4}
02:25:46.0738 0x190c  Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:25:46.0757 0x190c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:25:46.0777 0x190c  Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:25:46.0789 0x190c  ============================================================
02:25:46.0789 0x190c  \Device\Harddisk0\DR0:
02:25:46.0789 0x190c  GPT partitions:
02:25:46.0789 0x190c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {AAC6314B-B4D0-426F-A25F-DDE0E3161889}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
02:25:46.0789 0x190c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {02906DB1-00C7-4CFE-962B-DAD6E59ED95A}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
02:25:46.0789 0x190c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4F62899B-0DBF-4131-AC67-9B4238564370}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x3B96E800
02:25:46.0789 0x190c  MBR partitions:
02:25:46.0789 0x190c  \Device\Harddisk1\DR1:
02:25:46.0789 0x190c  MBR partitions:
02:25:46.0789 0x190c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x744D2800
02:25:46.0789 0x190c  \Device\Harddisk2\DR2:
02:25:46.0790 0x190c  GPT partitions:
02:25:46.0790 0x190c  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8818D938-BFEA-484C-80AD-480D02DF6824}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
02:25:46.0790 0x190c  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {917EA19E-4D7E-474F-9CC0-092208381E60}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
02:25:46.0790 0x190c  MBR partitions:
02:25:46.0790 0x190c  ============================================================
02:25:46.0791 0x190c  C: <-> \Device\Harddisk0\DR0\Partition3
02:25:46.0802 0x190c  D: <-> \Device\Harddisk2\DR2\Partition2
02:25:46.0823 0x190c  E: <-> \Device\Harddisk1\DR1\Partition1
02:25:46.0823 0x190c  ============================================================
02:25:46.0824 0x190c  Initialize success
02:25:46.0824 0x190c  ============================================================
02:25:51.0389 0x3798  ============================================================
02:25:51.0389 0x3798  Scan started
02:25:51.0389 0x3798  Mode: Manual; SigCheck; TDLFS; 
02:25:51.0389 0x3798  ============================================================
02:25:51.0389 0x3798  KSN ping started
02:26:02.0521 0x3798  KSN ping finished: true
02:26:02.0780 0x3798  ================ Scan system memory ========================
02:26:02.0780 0x3798  System memory - ok
02:26:02.0781 0x3798  ================ Scan services =============================
02:26:02.0800 0x3798  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
02:26:02.0867 0x3798  1394ohci - ok
02:26:02.0877 0x3798  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
02:26:02.0891 0x3798  ACPI - ok
02:26:02.0894 0x3798  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
02:26:02.0906 0x3798  AcpiPmi - ok
02:26:02.0918 0x3798  [ BE62B286791F715E430FB022C1707BBA, 7EDFF71EFB65AA895270BD83B16F390F53D98C438ADA23E780CE6200CA0449F1 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:26:02.0934 0x3798  AdobeFlashPlayerUpdateSvc - ok
02:26:02.0942 0x3798  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
02:26:02.0956 0x3798  adp94xx - ok
02:26:02.0963 0x3798  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
02:26:02.0974 0x3798  adpahci - ok
02:26:02.0979 0x3798  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
02:26:02.0989 0x3798  adpu320 - ok
02:26:02.0992 0x3798  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
02:26:03.0003 0x3798  AeLookupSvc - ok
02:26:03.0010 0x3798  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
02:26:03.0025 0x3798  AFD - ok
02:26:03.0029 0x3798  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
02:26:03.0037 0x3798  agp440 - ok
02:26:03.0040 0x3798  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
02:26:03.0051 0x3798  ALG - ok
02:26:03.0054 0x3798  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
02:26:03.0066 0x3798  aliide - ok
02:26:03.0117 0x3798  ALSysIO - ok
02:26:03.0130 0x3798  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
02:26:03.0138 0x3798  amdide - ok
02:26:03.0141 0x3798  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
02:26:03.0151 0x3798  AmdK8 - ok
02:26:03.0154 0x3798  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
02:26:03.0164 0x3798  AmdPPM - ok
02:26:03.0168 0x3798  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
02:26:03.0177 0x3798  amdsata - ok
02:26:03.0181 0x3798  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
02:26:03.0192 0x3798  amdsbs - ok
02:26:03.0194 0x3798  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
02:26:03.0202 0x3798  amdxata - ok
02:26:03.0205 0x3798  [ F165140EFE85E7767A80BAA234D05A4C, 56101973CEAAFE78C8B723B03AC0835AC693F48EFB32A626BEB29E78C21485E2 ] AppID           C:\Windows\system32\drivers\appid.sys
02:26:03.0216 0x3798  AppID - ok
02:26:03.0218 0x3798  [ 43DDA527D48452D9F060744BDD5B0FE3, 94BA31B28E62E224AB60D494286355AF2C848FD75709BC56CDEA7B1BDD75A876 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
02:26:03.0228 0x3798  AppIDSvc - ok
02:26:03.0231 0x3798  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
02:26:03.0242 0x3798  Appinfo - ok
02:26:03.0247 0x3798  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
02:26:03.0259 0x3798  AppMgmt - ok
02:26:03.0262 0x3798  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
02:26:03.0273 0x3798  arc - ok
02:26:03.0280 0x3798  [ 68D342BCBF3147CB820E6F5C9E95BE6B, 48182137777EBE09380170F49F749CA33F3699DB849DDC621CA431504F95DF89 ] ArchiCrypt Sichere Loeschzonen C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
02:26:03.0297 0x3798  ArchiCrypt Sichere Loeschzonen - ok
02:26:03.0300 0x3798  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
02:26:03.0309 0x3798  arcsas - ok
02:26:03.0318 0x3798  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
02:26:03.0321 0x3798  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
02:26:03.0490 0x3798  Detect skipped due to KSN trusted
02:26:03.0490 0x3798  ASGT - ok
02:26:03.0495 0x3798  [ 085D39BB3C763F713331B5BD76B4A993, 7CD35EB53D1D0811D6E5A72098A432EA10ABB5C65C9C6068AF094AC0BDD3BFA4 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
02:26:03.0505 0x3798  asmthub3 - ok
02:26:03.0513 0x3798  [ 388D47F3B160DB126A35E0FE21A2CBB2, 2EDF45F80A294AC4EDCD65EE855C4E22B0103D1F4E6B321CEDFE5A50087BE2B1 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
02:26:03.0526 0x3798  asmtxhci - ok
02:26:03.0535 0x3798  [ DCB1F756422BE0F18F764A5A2BE75BEB, 91765F4132B51B55F8C8526B61171700EDE782B3BFEE18F597A2341FE82F941D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:26:03.0544 0x3798  aspnet_state - ok
02:26:03.0547 0x3798  [ 4684C1CF6A1865F724E2985A19C4F626, DDD17B59BCB72D535A714857CCA0CA0D15F6D4D6C05399802A1A49FB81CEB52B ] asstor64        C:\Windows\system32\DRIVERS\asstor64.sys
02:26:03.0556 0x3798  asstor64 - ok
02:26:03.0559 0x3798  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
02:26:03.0579 0x3798  AsyncMac - ok
02:26:03.0582 0x3798  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
02:26:03.0591 0x3798  atapi - ok
02:26:03.0594 0x3798  [ 93C18508CBBB82F601A4732B1F4A846C, 28B4A3C25B2E6DB5FA22855BA4B97381FC359A716C6C9469D8732AC24A03CEFB ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
02:26:03.0606 0x3798  AthBTPort - ok
02:26:03.0613 0x3798  [ 93B038459C1AECBFD5D11DF5EB2B6F48, 44B823A6217B4213121EDA374AB560A624DB2BFC42E3FA7284276C69BBCC674E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
02:26:03.0621 0x3798  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
02:26:03.0732 0x3798  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
02:26:03.0844 0x3798  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:26:03.0862 0x3798  AudioEndpointBuilder - ok
02:26:03.0873 0x3798  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
02:26:03.0893 0x3798  AudioSrv - ok
02:26:03.0901 0x3798  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
02:26:03.0913 0x3798  AVP17.0.0 - ok
02:26:03.0916 0x3798  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
02:26:03.0929 0x3798  AxInstSV - ok
02:26:03.0939 0x3798  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
02:26:03.0953 0x3798  b06bdrv - ok
02:26:03.0959 0x3798  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
02:26:03.0972 0x3798  b57nd60a - ok
02:26:03.0977 0x3798  [ D70CEC0C62FDC1772ACD42EEF467F491, 13D0726A31E45739B8FDB0D76638D2DCEA58F39B684AF04B286CFCADBC13C08A ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
02:26:03.0987 0x3798  bcbtums - ok
02:26:03.0991 0x3798  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
02:26:04.0001 0x3798  BDESVC - ok
02:26:04.0003 0x3798  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
02:26:04.0024 0x3798  Beep - ok
02:26:04.0043 0x3798  [ 9A11E8F9C71C087FCB57B48D80D3079A, C887560E8D1A9F53287A2409BD9727DEF40AFE69861943E2A5ADF4497A30E17C ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
02:26:04.0069 0x3798  BEService - ok
02:26:04.0082 0x3798  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
02:26:04.0102 0x3798  BFE - ok
02:26:04.0107 0x3798  [ C984B6F087A0CBEEE68CB3291CB6B9AB, 637A08E71168F5C8116B94F40DDA35A57FBE6F995CC9113AD0B771718092E0A4 ] BfLwf           C:\Windows\system32\DRIVERS\bflwfx64.sys
02:26:04.0118 0x3798  BfLwf - ok
02:26:04.0130 0x3798  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
02:26:04.0160 0x3798  BITS - ok
02:26:04.0164 0x3798  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
02:26:04.0174 0x3798  blbdrive - ok
02:26:04.0179 0x3798  [ 5AB58C337AC65837FE404462AD6265AB, F7E145F5D8DB1017D5B7B9D5380100F170FE5CC2050B5F7346A521B7B72D2166 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
02:26:04.0191 0x3798  Bonjour Service - ok
02:26:04.0194 0x3798  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
02:26:04.0205 0x3798  bowser - ok
02:26:04.0207 0x3798  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
02:26:04.0218 0x3798  BrFiltLo - ok
02:26:04.0220 0x3798  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
02:26:04.0231 0x3798  BrFiltUp - ok
02:26:04.0235 0x3798  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
02:26:04.0248 0x3798  Browser - ok
02:26:04.0253 0x3798  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
02:26:04.0266 0x3798  Brserid - ok
02:26:04.0269 0x3798  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
02:26:04.0282 0x3798  BrSerWdm - ok
02:26:04.0284 0x3798  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
02:26:04.0299 0x3798  BrUsbMdm - ok
02:26:04.0301 0x3798  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
02:26:04.0312 0x3798  BrUsbSer - ok
02:26:04.0317 0x3798  [ DCA3BEB41A5C0DF283D1D883A3ED7B7E, CAC782D262D01E51E390E22B3B70BC6E0483FB450240F580B38F45971487E503 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
02:26:04.0331 0x3798  BTATH_A2DP - ok
02:26:04.0335 0x3798  [ A5DD55A8BA9A0BB36F11976426F728E6, B6CF2CD533CC90CE6E852D5370AAAEAA006EB4CF47A99EAC5A206EB41A6E6A03 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
02:26:04.0346 0x3798  btath_avdt - ok
02:26:04.0348 0x3798  [ D4902F6448CE33F5EDB4864F13FEB807, 3FC94A2611B0E4E5ECB38423227AF7CCD57F24CCD52F6A028E68B85C52B3623A ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
02:26:04.0359 0x3798  BTATH_BUS - ok
02:26:04.0363 0x3798  [ 500BB13A69F1626DDF68362AE36059DB, 0C76F1F43199D84E4F6A0D026362142AACA6FED03A1C4D1D11EA21B9195D8E7B ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
02:26:04.0376 0x3798  BTATH_HCRP - ok
02:26:04.0378 0x3798  [ 7C66E7B9E3C3AC43C6A54C690BB3DCAA, 72C84BA700337DCC34082FE6192FADE1B1B37D737823250F2A1E2C09A93161DB ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
02:26:04.0389 0x3798  BTATH_LWFLT - ok
02:26:04.0393 0x3798  [ 0305CD01E02D9AC58687055DC17E17A7, 57630FCB69E1576E6E70732E96EB45AB87DF9DC8CC3CA41885FE740D8A29007D ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
02:26:04.0405 0x3798  BTATH_RCP - ok
02:26:04.0415 0x3798  [ 2F0DF33934B68AA81943577663416303, F89A5B0064F920B4311091B1AE98B08886B7C48DACD6CEAE9C12E949AAFF5F10 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
02:26:04.0426 0x3798  BtFilter - detected UnsignedFile.Multi.Generic ( 1 )
02:26:04.0510 0x3798  Detect skipped due to KSN trusted
02:26:04.0510 0x3798  BtFilter - ok
02:26:04.0512 0x3798  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
02:26:04.0522 0x3798  BthEnum - ok
02:26:04.0525 0x3798  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
02:26:04.0537 0x3798  BTHMODEM - ok
02:26:04.0541 0x3798  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
02:26:04.0554 0x3798  BthPan - ok
02:26:04.0563 0x3798  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
02:26:04.0578 0x3798  BTHPORT - ok
02:26:04.0582 0x3798  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
02:26:04.0602 0x3798  bthserv - ok
02:26:04.0605 0x3798  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
02:26:04.0616 0x3798  BTHUSB - ok
02:26:04.0625 0x3798  [ B6093B9B6A0238CC1239B019357BA5FF, 5400A0E30AF15F54DE804567EA4CE989CA882416C24BDBC4615A1839AE38FC0E ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
02:26:04.0642 0x3798  btwampfl - ok
02:26:04.0644 0x3798  btwaudio - ok
02:26:04.0649 0x3798  [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
02:26:04.0658 0x3798  btwavdt - ok
02:26:04.0674 0x3798  [ 7452E1FED8814E4FB5B109038147AA83, 3271CA7BF16D6F016C3A2330938ED9488F2CA4B15DF73AEF63B5C7C89673BFF9 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
02:26:04.0693 0x3798  btwdins - ok
02:26:04.0696 0x3798  btwl2cap - ok
02:26:04.0697 0x3798  btwrchid - ok
02:26:04.0700 0x3798  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
02:26:04.0721 0x3798  cdfs - ok
02:26:04.0726 0x3798  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
02:26:04.0737 0x3798  cdrom - ok
02:26:04.0741 0x3798  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
02:26:04.0761 0x3798  CertPropSvc - ok
02:26:04.0764 0x3798  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
02:26:04.0776 0x3798  circlass - ok
02:26:04.0783 0x3798  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
02:26:04.0795 0x3798  CLFS - ok
02:26:04.0848 0x3798  [ 11D080DAE23758FF6AC272ADC4C89339, BE6329D6110A8F49A178A5FF3BFFE0AA3BE648B67FC14DBF02E094D2D629D748 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
02:26:04.0902 0x3798  ClickToRunSvc - ok
02:26:04.0908 0x3798  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:26:04.0919 0x3798  clr_optimization_v2.0.50727_32 - ok
02:26:04.0922 0x3798  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:26:04.0931 0x3798  clr_optimization_v2.0.50727_64 - ok
02:26:04.0937 0x3798  [ CC49C3DB97ECB904760843F30A708D09, A5480D8D3219DD905D587D60385FACC3BF2E1E01431AB4AA9CCDD42ADFA7225E ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:26:04.0947 0x3798  clr_optimization_v4.0.30319_32 - ok
02:26:04.0950 0x3798  [ B0F2371E89292E083E0D524CA4C0E9F0, 8C8525B599843650842F6463E49BF05BA816DAD7936C84E1EA8B43DB0FF37436 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:26:04.0960 0x3798  clr_optimization_v4.0.30319_64 - ok
02:26:04.0962 0x3798  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
02:26:04.0972 0x3798  CmBatt - ok
02:26:04.0975 0x3798  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
02:26:04.0983 0x3798  cmdide - ok
02:26:04.0985 0x3798  [ E5DA87DAB3A32FA03F13FCFAE4255084, B2155BD7A87F5A07FF4E30A9BA6650489519B0BD58B26367856D29C7DDC31981 ] CMfilt          C:\Windows\system32\drivers\CMfilt64.sys
02:26:04.0994 0x3798  CMfilt - ok
02:26:04.0999 0x3798  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
02:26:05.0011 0x3798  cm_km - ok
02:26:05.0019 0x3798  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
02:26:05.0034 0x3798  CNG - ok
02:26:05.0037 0x3798  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
02:26:05.0045 0x3798  Compbatt - ok
02:26:05.0048 0x3798  [ 59D203C3F46F3CA536ECAC0E084CD887, 0D04D469ADE2AEFAA18920E13A8EC74FDFB7C6827A78BFCD987B66D579BFF846 ] CompFilter64    C:\Windows\system32\DRIVERS\lvbflt64.sys
02:26:05.0056 0x3798  CompFilter64 - ok
02:26:05.0058 0x3798  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
02:26:05.0070 0x3798  CompositeBus - ok
02:26:05.0073 0x3798  COMSysApp - ok
02:26:05.0085 0x3798  [ DAC4D7D79C07957F237E1A4F24435E96, F0D5C21A403580D71F1F6B049C5BB043D3257D39FABCDE623E81CD48034610AC ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
02:26:05.0098 0x3798  cphs - ok
02:26:05.0144 0x3798  [ 29872C7376C42E2A64FA838DAD98AA11, A072197177AAD26C31960694E38E2CAE85AFBAB070929E67E331B99D3A418CF4 ] cpuz140         C:\Users\DARKRI~1\AppData\Local\Temp\cpuz140\cpuz140_x64.sys
02:26:05.0155 0x3798  cpuz140 - ok
02:26:05.0167 0x3798  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
02:26:05.0175 0x3798  crcdisk - ok
02:26:05.0180 0x3798  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
02:26:05.0192 0x3798  CryptSvc - ok
02:26:05.0200 0x3798  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
02:26:05.0215 0x3798  CSC - ok
02:26:05.0230 0x3798  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
02:26:05.0247 0x3798  CscService - ok
02:26:05.0251 0x3798  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
02:26:05.0261 0x3798  dbupdate - ok
02:26:05.0264 0x3798  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
02:26:05.0274 0x3798  dbupdatem - ok
02:26:05.0276 0x3798  dbx - ok
02:26:05.0279 0x3798  [ B8F34CB79DF33C1A613709D99F4BFE77, 686E4E071EA43C122B0BE41C471220DE9BB31A3D5FEB30079C058FCA02FF3A59 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
02:26:05.0287 0x3798  DbxSvc - ok
02:26:05.0296 0x3798  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
02:26:05.0313 0x3798  DcomLaunch - ok
02:26:05.0318 0x3798  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
02:26:05.0342 0x3798  defragsvc - ok
02:26:05.0346 0x3798  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
02:26:05.0357 0x3798  DfsC - ok
02:26:05.0361 0x3798  [ BC319C065335B10A5AA5938A677A60D5, 6F32AF2A440E763DC2ADD06F3422DCF3285BDFA9E69E5C3CD67A10F039B2830F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
02:26:05.0371 0x3798  dg_ssudbus - ok
02:26:05.0377 0x3798  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
02:26:05.0390 0x3798  Dhcp - ok
02:26:05.0408 0x3798  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
02:26:05.0434 0x3798  DiagTrack - ok
02:26:05.0442 0x3798  [ BB5B80616BD01A9C59BF1D52BA238EDA, 8168F38127EC955B25AD4EF61081D86473E4959F797F68055E6210080EFEFF9F ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
02:26:05.0457 0x3798  DigitalWave.Update.Service - ok
02:26:05.0460 0x3798  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
02:26:05.0480 0x3798  discache - ok
02:26:05.0483 0x3798  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
02:26:05.0492 0x3798  Disk - ok
02:26:05.0551 0x3798  [ 54A22C7AA70469DA0F2674AE0B42A41C, 1476AD13A4DB941E92AE2824E6742140BC3AB87A250623C941460ACBCBCCBCD5 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
02:26:05.0616 0x3798  DisplayFusionService - ok
02:26:05.0622 0x3798  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
02:26:05.0633 0x3798  dmvsc - ok
02:26:05.0637 0x3798  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
02:26:05.0649 0x3798  Dnscache - ok
02:26:05.0654 0x3798  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
02:26:05.0676 0x3798  dot3svc - ok
02:26:05.0680 0x3798  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
02:26:05.0701 0x3798  DPS - ok
02:26:05.0704 0x3798  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
02:26:05.0714 0x3798  drmkaud - ok
02:26:05.0727 0x3798  [ C727B350874B61E4BE80AB013530F655, D3C2B704276A8C11017F21BA2AA78E9EB7C4830C4198A89C8CCB92CD5545A6CF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
02:26:05.0746 0x3798  DXGKrnl - ok
02:26:05.0750 0x3798  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
02:26:05.0771 0x3798  EapHost - ok
02:26:05.0773 0x3798  EasyAntiCheat - ok
02:26:05.0812 0x3798  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
02:26:05.0858 0x3798  ebdrv - ok
02:26:05.0864 0x3798  [ D6CCBE51C4FAA41F21BC451AE2C95B97, 17C99A71E169DD885B40717508D7988B7D0A78BACB11392890ED80518D0BF3F5 ] EFS             C:\Windows\System32\lsass.exe
02:26:05.0874 0x3798  EFS - ok
02:26:05.0885 0x3798  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
02:26:05.0903 0x3798  ehRecvr - ok
02:26:05.0906 0x3798  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
02:26:05.0917 0x3798  ehSched - ok
02:26:05.0926 0x3798  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
02:26:05.0941 0x3798  elxstor - ok
02:26:05.0945 0x3798  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
02:26:05.0954 0x3798  EpsonScanSvc - ok
02:26:05.0957 0x3798  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
02:26:05.0966 0x3798  ErrDev - ok
02:26:05.0975 0x3798  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
02:26:06.0000 0x3798  EventSystem - ok
02:26:06.0004 0x3798  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
02:26:06.0026 0x3798  exfat - ok
02:26:06.0028 0x3798  Fabs - ok
02:26:06.0032 0x3798  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
02:26:06.0054 0x3798  fastfat - ok
02:26:06.0065 0x3798  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
02:26:06.0082 0x3798  Fax - ok
02:26:06.0085 0x3798  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
02:26:06.0097 0x3798  fdc - ok
02:26:06.0102 0x3798  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
02:26:06.0125 0x3798  fdPHost - ok
02:26:06.0128 0x3798  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
02:26:06.0150 0x3798  FDResPub - ok
02:26:06.0153 0x3798  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
02:26:06.0164 0x3798  FileInfo - ok
02:26:06.0166 0x3798  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
02:26:06.0187 0x3798  Filetrace - ok
02:26:06.0219 0x3798  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
02:26:06.0254 0x3798  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
02:26:06.0337 0x3798  Detect skipped due to KSN trusted
02:26:06.0337 0x3798  FirebirdServerMAGIXInstance - ok
02:26:06.0341 0x3798  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
02:26:06.0353 0x3798  flpydisk - ok
02:26:06.0358 0x3798  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
02:26:06.0370 0x3798  FltMgr - ok
02:26:06.0386 0x3798  [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache       C:\Windows\system32\FntCache.dll
02:26:06.0409 0x3798  FontCache - ok
02:26:06.0413 0x3798  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:26:06.0421 0x3798  FontCache3.0.0.0 - ok
02:26:06.0442 0x3798  [ 46FB1A0445ADBE490A1B14F5D68A0E15, A667E1ECDFC894BA09C97002A0BCCE0778B08B28228CE57A9BA8E312B28D6302 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
02:26:06.0470 0x3798  FoxitReaderService - ok
02:26:06.0474 0x3798  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
02:26:06.0483 0x3798  FsDepends - ok
02:26:06.0485 0x3798  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
02:26:06.0494 0x3798  Fs_Rec - ok
02:26:06.0500 0x3798  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
02:26:06.0512 0x3798  fvevol - ok
02:26:06.0515 0x3798  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
02:26:06.0524 0x3798  gagp30kx - ok
02:26:06.0527 0x3798  [ 687A7B4480C6463D4523ECCE4F7D2AAB, E8437B7E89EF1E35F54E7FC8CC0AC04C05BF58DCFC3B8BE609D61A6C5E7813FE ] GamingApp_Service C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
02:26:06.0537 0x3798  GamingApp_Service - ok
02:26:06.0561 0x3798  [ 4716347F3BE7BFE99DF197D1407E8966, 513CBE08992E172D7759442D272B5CF00411589BC601861AE71A9791B3A72EE0 ] GamingHotkey_Service C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
02:26:06.0592 0x3798  GamingHotkey_Service - ok
02:26:06.0605 0x3798  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
02:26:06.0624 0x3798  gpsvc - ok
02:26:06.0628 0x3798  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:26:06.0638 0x3798  gupdate - ok
02:26:06.0641 0x3798  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:26:06.0651 0x3798  gupdatem - ok
02:26:06.0654 0x3798  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
02:26:06.0662 0x3798  hamachi - ok
02:26:06.0693 0x3798  [ C0702639ADE5C6D9CD27FD604146A6D4, C239F116C9BA7CA4891BDAA3DE808E1B7859B7B2FD8E642396DBB42A52AAD364 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
02:26:06.0729 0x3798  Hamachi2Svc - ok
02:26:06.0734 0x3798  [ 1854F72C219F72DB49698405520F3638, BEA6C02D947465C9FAE478DF4DCFC08C07B308DD28AA602E2D73690DA669CB1B ] hcmon           C:\Windows\system32\drivers\hcmon.sys
02:26:06.0743 0x3798  hcmon - ok
02:26:06.0746 0x3798  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
02:26:06.0757 0x3798  hcw85cir - ok
02:26:06.0763 0x3798  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:26:06.0778 0x3798  HdAudAddService - ok
02:26:06.0781 0x3798  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
02:26:06.0794 0x3798  HDAudBus - ok
02:26:06.0796 0x3798  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
02:26:06.0807 0x3798  HidBatt - ok
02:26:06.0810 0x3798  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
02:26:06.0822 0x3798  HidBth - ok
02:26:06.0825 0x3798  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
02:26:06.0836 0x3798  HidIr - ok
02:26:06.0838 0x3798  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
02:26:06.0859 0x3798  hidserv - ok
02:26:06.0861 0x3798  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
02:26:06.0871 0x3798  HidUsb - ok
02:26:06.0875 0x3798  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
02:26:06.0896 0x3798  hkmsvc - ok
02:26:06.0900 0x3798  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:26:06.0912 0x3798  HomeGroupListener - ok
02:26:06.0917 0x3798  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:26:06.0929 0x3798  HomeGroupProvider - ok
02:26:06.0932 0x3798  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
02:26:06.0941 0x3798  HpSAMD - ok
02:26:06.0952 0x3798  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
02:26:06.0971 0x3798  HTTP - ok
02:26:06.0976 0x3798  [ CB32F01890953A2FEE8FE01F289DF726, 77B3A619945F301CFC8B2E9E1D5D9355822EC3370928049247EA2BCB4E4D7E63 ] HWHandSet       C:\Windows\system32\DRIVERS\hw_quusbmdm.sys
02:26:06.0988 0x3798  HWHandSet - ok
02:26:06.0991 0x3798  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
02:26:06.0999 0x3798  HWiNFO32 - ok
02:26:07.0002 0x3798  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
02:26:07.0010 0x3798  hwpolicy - ok
02:26:07.0013 0x3798  [ 38C20EBB2621A86A5E9729EDA8F0F126, C362BF6523A16E4C9B040CD87511EF1E72788FB3B58F2FA23CD0A524CBD51140 ] I2cHkBurn       C:\Windows\system32\drivers\I2cHkBurn.sys
02:26:07.0022 0x3798  I2cHkBurn - ok
02:26:07.0026 0x3798  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
02:26:07.0036 0x3798  i8042prt - ok
02:26:07.0044 0x3798  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
02:26:07.0057 0x3798  iaStorV - ok
02:26:07.0061 0x3798  [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
02:26:07.0071 0x3798  ICCS - ok
02:26:07.0083 0x3798  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:26:07.0101 0x3798  idsvc - ok
02:26:07.0103 0x3798  IEEtwCollectorService - ok
02:26:07.0162 0x3798  [ 5863E2DD2E5C2D1B1F70C3826C162A7B, A6A0DBFA91F53D116AFFC1644F636A9D33A20B00A842A190190584F8AE2D1FF0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
02:26:07.0226 0x3798  igfx - ok
02:26:07.0236 0x3798  [ C5202C7669226FF13A74228BD42AD982, BA843DEF6649DF34F9D0D0A380E77557D7785B8239A61EA33EFF08AEF0C8E6DE ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
02:26:07.0249 0x3798  igfxCUIService1.0.0.0 - ok
02:26:07.0252 0x3798  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
02:26:07.0260 0x3798  iirsp - ok
02:26:07.0272 0x3798  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
02:26:07.0291 0x3798  IKEEXT - ok
02:26:07.0354 0x3798  [ 86236BC32512027B32A3E124C7306A7D, A9BFA35E4AD007EC556703B890FB2B3B6C34B3BA98E5DF53FB03A70D377F8B13 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
02:26:07.0433 0x3798  IntcAzAudAddService - ok
02:26:07.0449 0x3798  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
02:26:07.0467 0x3798  Intel(R) Capability Licensing Service TCP IP Interface - ok
02:26:07.0470 0x3798  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
02:26:07.0479 0x3798  intelide - ok
02:26:07.0482 0x3798  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
02:26:07.0493 0x3798  intelppm - ok
02:26:07.0495 0x3798  IOMap - ok
02:26:07.0498 0x3798  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
02:26:07.0519 0x3798  IPBusEnum - ok
02:26:07.0522 0x3798  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:26:07.0543 0x3798  IpFilterDriver - ok
02:26:07.0551 0x3798  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
02:26:07.0569 0x3798  iphlpsvc - ok
02:26:07.0572 0x3798  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
02:26:07.0584 0x3798  IPMIDRV - ok
02:26:07.0588 0x3798  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
02:26:07.0610 0x3798  IPNAT - ok
02:26:07.0612 0x3798  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
02:26:07.0624 0x3798  IRENUM - ok
02:26:07.0626 0x3798  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
02:26:07.0635 0x3798  isapnp - ok
02:26:07.0640 0x3798  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
02:26:07.0651 0x3798  iScsiPrt - ok
02:26:07.0663 0x3798  [ 242C9879365A45E4E0C5E2E13E43E938, 43F5003794D1388B58CA9D8CD126480DE5C8CC63CBA98DFF602F46F616DA5064 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
02:26:07.0684 0x3798  iusb3xhc - ok
02:26:07.0688 0x3798  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
02:26:07.0699 0x3798  jhi_service - ok
02:26:07.0702 0x3798  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
02:26:07.0711 0x3798  kbdclass - ok
02:26:07.0713 0x3798  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
02:26:07.0724 0x3798  kbdhid - ok
02:26:07.0728 0x3798  [ 61F33611E3EB17B4A05DDFE837DDB6C0, 05CAF0506041C659204152354D8ACCFB211DED946D01E5AFF3DE30559F0BA4A6 ] Ke2200          C:\Windows\system32\DRIVERS\e22w7x64.sys
02:26:07.0737 0x3798  Ke2200 - ok
02:26:07.0739 0x3798  [ D6CCBE51C4FAA41F21BC451AE2C95B97, 17C99A71E169DD885B40717508D7988B7D0A78BACB11392890ED80518D0BF3F5 ] KeyIso          C:\Windows\system32\lsass.exe
02:26:07.0750 0x3798  KeyIso - ok
02:26:07.0758 0x3798  [ 2B3FA3CB022478DE79721CA25612C5EF, 8A639764C37E61ADE1A09973D3C66BA6D6BB92D174BD03D55AABC9F01837FD51 ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
02:26:07.0772 0x3798  Killer Service V2 - ok
02:26:07.0781 0x3798  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
02:26:07.0797 0x3798  kl1 - ok
02:26:07.0800 0x3798  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
02:26:07.0810 0x3798  klbackupdisk - ok
02:26:07.0814 0x3798  [ 39DFFABF0E74E1F4856EF0A9E696C337, F7CA397BC87B01EAF0A2B737447B0B84ACCD72782473CA98FA73DA3232B64AD7 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
02:26:07.0825 0x3798  klbackupflt - ok
02:26:07.0827 0x3798  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
02:26:07.0838 0x3798  kldisk - ok
02:26:07.0842 0x3798  [ E6C27E167031C6AE19E8F437421BBBD5, DB2D3F9EDE9F3045DCDB103D48DCE64003FA691CF8EE6CB17278301CFB7EF93C ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
02:26:07.0854 0x3798  klflt - ok
02:26:07.0860 0x3798  [ 7A50E5163AB77AE08586AB3EAAB2970E, 738866D2B13209F9D427F019F4CC8C5976CD8D8D2E34ACE5346656E082116C4F ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
02:26:07.0873 0x3798  klhk - ok
02:26:07.0888 0x3798  [ B3CC3508E770B1D2C262C5A7DE035761, 64D97975DCD85E74FD7FA583F26D7AF2C86000317FBBDD5031A631916B97B494 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
02:26:07.0909 0x3798  KLIF - ok
02:26:07.0913 0x3798  [ F8AE6D4060F8822D246D493359D06201, 9974A80DF0CF22ACB8A4F37E1A19E27ACB4F16429FDC194608762E02BE23FDD9 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
02:26:07.0923 0x3798  KLIM6 - ok
02:26:07.0926 0x3798  [ DDBA4D4C8C08E4C972D7AF7B06B84804, FDC9138316C1ADA0895BBB9358EC74CD1E1B546E09EA1079393C4E6568523612 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
02:26:07.0937 0x3798  klkbdflt - ok
02:26:07.0940 0x3798  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
02:26:07.0950 0x3798  klmouflt - ok
02:26:07.0953 0x3798  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
02:26:07.0964 0x3798  klpd - ok
02:26:07.0967 0x3798  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\Windows\system32\DRIVERS\kltap.sys
02:26:07.0979 0x3798  kltap - ok
02:26:07.0982 0x3798  [ CFE5FD219EC7773D5674C6EDDF8C1A98, 34F7EEA492690980BE3A76E978D545CA49245E668174A51C9209B878ADA1E96A ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
02:26:07.0994 0x3798  kltdi - ok
02:26:08.0001 0x3798  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
02:26:08.0010 0x3798  klvssbrigde64 - ok
02:26:08.0013 0x3798  [ DCFD713E2888867179FCAAA3A88265D6, 44C8CD4B50A4C5D347738BC9A26B4104BEB2EF30BEAC1BE60367B7811E9480D8 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
02:26:08.0025 0x3798  Klwtp - ok
02:26:08.0029 0x3798  [ 098D3EBDC599E05449A3BFB5BB519FE0, 00A02DE53312D4DF52E26E14E0E803255DF5AFAE95455EAE5A004F9E84C8B2F5 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
02:26:08.0041 0x3798  kneps - ok
02:26:08.0046 0x3798  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
02:26:08.0058 0x3798  KSDE1.0.0 - ok
02:26:08.0061 0x3798  [ 1C19A55425902DC7EAFD208664837F5B, 8021BCDD0A010351490B8647379776030179F2390365C004A839A00C030D9D3D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
02:26:08.0071 0x3798  KSecDD - ok
02:26:08.0075 0x3798  [ 800B40CE64259F6EEFB1627C9DA0038E, 21D02F7790FB8089C6006A4B65763F8F7F4F52B7D84D2743B8967A542FF42214 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
02:26:08.0085 0x3798  KSecPkg - ok
02:26:08.0087 0x3798  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
02:26:08.0107 0x3798  ksthunk - ok
02:26:08.0114 0x3798  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
02:26:08.0140 0x3798  KtmRm - ok
02:26:08.0146 0x3798  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
02:26:08.0171 0x3798  LanmanServer - ok
02:26:08.0175 0x3798  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:26:08.0198 0x3798  LanmanWorkstation - ok
02:26:08.0205 0x3798  [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
02:26:08.0217 0x3798  LBTServ - ok
02:26:08.0222 0x3798  [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
02:26:08.0232 0x3798  LEqdUsb - ok
02:26:08.0234 0x3798  [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
02:26:08.0244 0x3798  LGBusEnum - ok
02:26:08.0246 0x3798  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
02:26:08.0255 0x3798  LGCoreTemp - ok
02:26:08.0258 0x3798  [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore     C:\Windows\system32\drivers\LGJoyXlCore.sys
02:26:08.0268 0x3798  LGJoyXlCore - ok
02:26:08.0271 0x3798  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
02:26:08.0280 0x3798  LGSHidFilt - ok
02:26:08.0282 0x3798  [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
02:26:08.0291 0x3798  LGVirHid - ok
02:26:08.0294 0x3798  [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
02:26:08.0303 0x3798  LHidEqd - ok
02:26:08.0306 0x3798  [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
02:26:08.0315 0x3798  LHidFilt - ok
02:26:08.0318 0x3798  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
02:26:08.0338 0x3798  lltdio - ok
02:26:08.0344 0x3798  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
02:26:08.0367 0x3798  lltdsvc - ok
02:26:08.0370 0x3798  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
02:26:08.0392 0x3798  lmhosts - ok
02:26:08.0399 0x3798  [ 58FA4A9CC1F6406B6B9FA57415989123, 8DA00EA4EECC6FA9A35CBA36551D22BE1B36EE41BB000085D83ADF433781A09E ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
02:26:08.0411 0x3798  LMIGuardianSvc - ok
02:26:08.0414 0x3798  [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
02:26:08.0424 0x3798  LMouFilt - ok
02:26:08.0431 0x3798  [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
02:26:08.0445 0x3798  LMS - ok
02:26:08.0450 0x3798  [ B78534B305C93D18CAED123E1F9346E5, 19FE198E0D7C81AAF1A00700AB85F19E37E4198EDB8A59C55D1766E03D9E060F ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
02:26:08.0460 0x3798  LogiRegistryService - ok
02:26:08.0464 0x3798  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
02:26:08.0474 0x3798  LSI_FC - ok
02:26:08.0477 0x3798  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
02:26:08.0487 0x3798  LSI_SAS - ok
02:26:08.0493 0x3798  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
02:26:08.0502 0x3798  LSI_SAS2 - ok
02:26:08.0505 0x3798  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
02:26:08.0515 0x3798  LSI_SCSI - ok
02:26:08.0518 0x3798  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
02:26:08.0539 0x3798  luafv - ok
02:26:08.0545 0x3798  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
02:26:08.0557 0x3798  LVRS64 - ok
02:26:08.0614 0x3798  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
02:26:08.0677 0x3798  LVUVC64 - ok
02:26:08.0686 0x3798  [ 835E1D6B5835EF70FC3BDF93ED42243A, 0025D232ED0FF9A572F8004094CFE21F62070DB832398345425554334E036DA6 ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
02:26:08.0697 0x3798  MBAMChameleon - ok
02:26:08.0700 0x3798  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
02:26:08.0710 0x3798  MBAMProtection - ok
02:26:08.0762 0x3798  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
02:26:08.0822 0x3798  MBAMService - ok
02:26:08.0831 0x3798  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\Windows\system32\drivers\13617676.sys
02:26:08.0843 0x3798  MBAMSwissArmy - ok
02:26:08.0846 0x3798  [ 42D3B200D357600CD9FAFF89C2FA3878, 2C251FE544012DAD6244FEE833FEDE65CE2302B320C2B9906EA4077C33E5DFF8 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
02:26:08.0855 0x3798  MBfilt - ok
02:26:08.0858 0x3798  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
02:26:08.0869 0x3798  Mcx2Svc - ok
02:26:08.0872 0x3798  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
02:26:08.0880 0x3798  megasas - ok
02:26:08.0886 0x3798  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
02:26:08.0897 0x3798  MegaSR - ok
02:26:08.0901 0x3798  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
02:26:08.0911 0x3798  MEIx64 - ok
02:26:08.0914 0x3798  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
02:26:08.0935 0x3798  MMCSS - ok
02:26:08.0937 0x3798  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
02:26:08.0958 0x3798  Modem - ok
02:26:08.0964 0x3798  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
02:26:08.0975 0x3798  monitor - ok
02:26:08.0981 0x3798  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
02:26:08.0990 0x3798  mouclass - ok
02:26:08.0992 0x3798  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
02:26:09.0004 0x3798  mouhid - ok
02:26:09.0008 0x3798  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
02:26:09.0019 0x3798  mountmgr - ok
02:26:09.0023 0x3798  [ D57B7C101A8216E7769B14645AFEB276, 38BF427F81589173D3CD823A7BD3CA84B0FADD6747467E7AEADB72D1F4E1404B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:26:09.0033 0x3798  MozillaMaintenance - ok
02:26:09.0037 0x3798  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
02:26:09.0047 0x3798  mpio - ok
02:26:09.0050 0x3798  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
02:26:09.0070 0x3798  mpsdrv - ok
02:26:09.0082 0x3798  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
02:26:09.0112 0x3798  MpsSvc - ok
02:26:09.0116 0x3798  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
02:26:09.0128 0x3798  MRxDAV - ok
02:26:09.0132 0x3798  [ 2EB36DF5E373FCD1783F941A85803F9F, B492BD954CD88F359B33528752B990E03B96337E60F4E732977A1820562FC73B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
02:26:09.0145 0x3798  mrxsmb - ok
02:26:09.0152 0x3798  [ 6C6A67FFEC4C06AEB61BC07E5E5B03C1, D0C461BAD39E9F7606AAE3CCE245252451DE1B391CB279C4E90ECE002CCDB2D7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:26:09.0167 0x3798  mrxsmb10 - ok
02:26:09.0171 0x3798  [ D9973E3B4637A4EA35DBF86A26F58270, C571FDCBBF7D5A79FCCD0A308FC5BBA2DCB9E04BB544316BFEB69C31AC803D38 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:26:09.0182 0x3798  mrxsmb20 - ok
02:26:09.0192 0x3798  [ 80794559DD71520023BA4B982FD21FCA, 1267811095E953A96A2B91FEC1674C61539BE8BFAADE4DAE2770AD413305444D ] MS7926          C:\Windows\system32\DRIVERS\MS7926.SYS
02:26:09.0211 0x3798  MS7926 - ok
02:26:09.0214 0x3798  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
02:26:09.0223 0x3798  msahci - ok
02:26:09.0227 0x3798  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
02:26:09.0237 0x3798  msdsm - ok
02:26:09.0241 0x3798  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
02:26:09.0252 0x3798  MSDTC - ok
02:26:09.0256 0x3798  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
02:26:09.0278 0x3798  Msfs - ok
02:26:09.0279 0x3798  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
02:26:09.0299 0x3798  mshidkmdf - ok
02:26:09.0349 0x3798  [ 167EA4D08BE4EB7723AFFF8ED58EBFE6, 4CC599A2C8FE4615ADF8C055330FC10963715D7E797AC7395F88E3C62BD3A102 ] MSIClock_CC     C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
02:26:09.0406 0x3798  MSIClock_CC - ok
02:26:09.0436 0x3798  [ A90C198A5B1C2E14AEB5B77EB29765A1, EB0361A0CBE1CAAF20682214707097B82CD5FB2BC3D077C9C9B40A4D19816D99 ] MSICOMM_CC      C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
02:26:09.0469 0x3798  MSICOMM_CC - ok
02:26:09.0519 0x3798  [ 400CECFB6E8993FC64E1282B28A12E11, 0F5F67A3AB7943FD1C2751FD7A3E5F3684033217775548A54C9B7220E94CEF7C ] MSICPU_CC       C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
02:26:09.0575 0x3798  MSICPU_CC - ok
02:26:09.0601 0x3798  [ C92E824E88FD6887C4E742AEAF3AA39E, 39A4BEB071E2E7890749A6C109C62C775AE48B9C3F917A48681B49B17AA2C5FE ] MSICTL_CC       C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
02:26:09.0633 0x3798  MSICTL_CC - ok
02:26:09.0662 0x3798  [ D40F54FD5C6271D60FA442F91780C493, 1E2C28C9E05F391964509DC77A4A103E9844C9D61E945B54EFE970FE2541B4D6 ] MSIDDR_CC       C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
02:26:09.0696 0x3798  MSIDDR_CC - ok
02:26:09.0702 0x3798  [ 3DFCCBE1A1C86BA4361BF5153FDF9267, 6AFDE70F16BFF467E31B3FCF4C3B2B2F1CD411D19889FA468FB202B9666899B5 ] MSIREGISTER_MR  C:\MSI\MSIRegister\MSIRegisterService.exe
02:26:09.0717 0x3798  MSIREGISTER_MR - ok
02:26:09.0719 0x3798  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
02:26:09.0728 0x3798  msisadrv - ok
02:26:09.0731 0x3798  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
02:26:09.0753 0x3798  MSiSCSI - ok
02:26:09.0755 0x3798  msiserver - ok
02:26:09.0780 0x3798  [ 9F9B6E7DE1E31139E299521CB3015C04, B87E09C15F0EF9E9750C151107B071E0235062F7B3ADB228F6ECF5F4508EA5D7 ] MSISMB_CC       C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
02:26:09.0812 0x3798  MSISMB_CC - ok
02:26:09.0822 0x3798  [ C162C7E1C354E620BB4C1CC886161AEB, 67E9298E5B535E731E017E8FE0CA4CB383A18D7557D7F4D504B6E3C2EC1FF90E ] MSISuperIO_CC   C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
02:26:09.0837 0x3798  MSISuperIO_CC - ok
02:26:09.0842 0x3798  [ A75629728D650A406F090675804B8096, 9367E948AC38F51627DB1FD5DA8CA6026A56F315B78C6BB45E047893623374CA ] MSI_ActiveX_Service C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
02:26:09.0851 0x3798  MSI_ActiveX_Service - ok
02:26:09.0854 0x3798  [ E6814A2B8420900DF92593E6961C027C, 0A993C76201D31779627BA0F9D6113A50273C5467520525BCA383490F5CF0E07 ] MSI_Driver_Service C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\MSI_Driver_Service.exe
02:26:09.0863 0x3798  MSI_Driver_Service - ok
02:26:09.0866 0x3798  [ 7753EE1F5D842518032C11A0F36853A2, 8378D05ABAB262448342E46C5AAA27BA3EE4CC4B25F0004A866709A74CB1D047 ] MSI_FastBoot    C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
02:26:09.0876 0x3798  MSI_FastBoot - ok
02:26:09.0903 0x3798  [ DF035B4980EB5072D5B66E6F607A5D28, F278F8AAB970B508BF6183EE313656CE79222158CD8E46D1B4680F3B6F814B26 ] MSI_LiveUpdate_Service C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
02:26:09.0936 0x3798  MSI_LiveUpdate_Service - ok
02:26:09.0940 0x3798  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
02:26:09.0959 0x3798  MSKSSRV - ok
02:26:09.0961 0x3798  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
02:26:09.0980 0x3798  MSPCLOCK - ok
02:26:09.0982 0x3798  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
02:26:10.0002 0x3798  MSPQM - ok
02:26:10.0008 0x3798  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
02:26:10.0021 0x3798  MsRPC - ok
02:26:10.0024 0x3798  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
02:26:10.0035 0x3798  mssmbios - ok
02:26:10.0037 0x3798  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
02:26:10.0057 0x3798  MSTEE - ok
02:26:10.0060 0x3798  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
02:26:10.0070 0x3798  MTConfig - ok
02:26:10.0072 0x3798  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
02:26:10.0082 0x3798  Mup - ok
02:26:10.0234 0x3798  [ A3E6E5ECCF9A7E319234A9822E3536F7, 8081EC74DBB256F2500BCC5DA82AB10B134D11D92592EE9372C5DA9473BC68BB ] MySQL           C:\Program Files\MariaDB\bin\mysqld.exe
02:26:10.0390 0x3798  MySQL - ok
02:26:10.0406 0x3798  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
02:26:10.0432 0x3798  napagent - ok
02:26:10.0439 0x3798  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
02:26:10.0458 0x3798  NativeWifiP - ok
02:26:10.0471 0x3798  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
02:26:10.0489 0x3798  NDIS - ok
02:26:10.0493 0x3798  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
02:26:10.0513 0x3798  NdisCap - ok
02:26:10.0516 0x3798  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
02:26:10.0536 0x3798  NdisTapi - ok
02:26:10.0539 0x3798  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
02:26:10.0559 0x3798  Ndisuio - ok
02:26:10.0563 0x3798  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
02:26:10.0584 0x3798  NdisWan - ok
02:26:10.0587 0x3798  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
02:26:10.0607 0x3798  NDProxy - ok
02:26:10.0610 0x3798  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
02:26:10.0630 0x3798  NetBIOS - ok
02:26:10.0635 0x3798  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
02:26:10.0649 0x3798  NetBT - ok
02:26:10.0652 0x3798  [ D6CCBE51C4FAA41F21BC451AE2C95B97, 17C99A71E169DD885B40717508D7988B7D0A78BACB11392890ED80518D0BF3F5 ] Netlogon        C:\Windows\system32\lsass.exe
02:26:10.0663 0x3798  Netlogon - ok
02:26:10.0670 0x3798  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
02:26:10.0694 0x3798  Netman - ok
02:26:10.0699 0x3798  [ 792C776343425C7BF811BEBA4A885D23, D3ADE67963349244C647EC5C23BAE2371B73051AE6E296272AF273DC2963C031 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:26:10.0710 0x3798  NetMsmqActivator - ok
02:26:10.0713 0x3798  [ 792C776343425C7BF811BEBA4A885D23, D3ADE67963349244C647EC5C23BAE2371B73051AE6E296272AF273DC2963C031 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:26:10.0723 0x3798  NetPipeActivator - ok
02:26:10.0731 0x3798  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
02:26:10.0756 0x3798  netprofm - ok
02:26:10.0760 0x3798  [ 792C776343425C7BF811BEBA4A885D23, D3ADE67963349244C647EC5C23BAE2371B73051AE6E296272AF273DC2963C031 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:26:10.0771 0x3798  NetTcpActivator - ok
02:26:10.0778 0x3798  [ 792C776343425C7BF811BEBA4A885D23, D3ADE67963349244C647EC5C23BAE2371B73051AE6E296272AF273DC2963C031 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:26:10.0789 0x3798  NetTcpPortSharing - ok
02:26:10.0792 0x3798  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
02:26:10.0801 0x3798  nfrd960 - ok
02:26:10.0809 0x3798  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
02:26:10.0824 0x3798  NlaSvc - ok
02:26:10.0827 0x3798  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
02:26:10.0850 0x3798  Npfs - ok
02:26:10.0852 0x3798  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
02:26:10.0874 0x3798  nsi - ok
02:26:10.0876 0x3798  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
02:26:10.0896 0x3798  nsiproxy - ok
02:26:10.0918 0x3798  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
02:26:10.0955 0x3798  Ntfs - ok
02:26:10.0958 0x3798  [ 992DED5B623BE3C228F32EDB4CA3F2D2, 47F0CDAA2359A63AD1389EF4A635F1F6EEE1F63BDF6EF177F114BDCDADC2E005 ] NTIOLib_FastBoot C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
02:26:10.0966 0x3798  NTIOLib_FastBoot - ok
02:26:10.0968 0x3798  [ 6CCE5BB9C8C2A8293DF2D3B1897941A2, 9254F012009D55F555418FF85F7D93B184AB7CB0E37AECDFDAB62CFE94DEA96B ] NTIOLib_MSIDDR_CC C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys
02:26:10.0976 0x3798  NTIOLib_MSIDDR_CC - ok
02:26:10.0978 0x3798  [ 7ED6030F14E66E743241F2C1FA783E69, 1DDFE4756F5DB9FB319D6C6DA9C41C588A729D9E7817190B027B38E9C076D219 ] NTIOLib_OCKit_MB C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys
02:26:10.0986 0x3798  NTIOLib_OCKit_MB - ok
02:26:10.0988 0x3798  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
02:26:11.0009 0x3798  Null - ok
02:26:11.0017 0x3798  [ 45744CA8B82D46F1779FE2742DED71F3, 2A7A27744DDEB88954EF3099C0956005D2B936BE9119CBF6015EC702E7F74272 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
02:26:11.0031 0x3798  NvContainerLocalSystem - ok
02:26:11.0039 0x3798  [ 45744CA8B82D46F1779FE2742DED71F3, 2A7A27744DDEB88954EF3099C0956005D2B936BE9119CBF6015EC702E7F74272 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
02:26:11.0053 0x3798  NvContainerNetworkService - ok
02:26:11.0059 0x3798  [ C27427C9D79DE00A01B9987B68485F60, D385AFADECC3B1ECD62211D5501050A66F6A334AE3799DDA8F8CA4C231CFB075 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
02:26:11.0072 0x3798  NVHDA - ok
02:26:11.0239 0x3798  [ 05774BBE7728E451C02A08E0D2E90B3A, 1C2D41955A57690066812700C2DF6E8E9C152BE52CE57E35254D090E81F1DE98 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:26:11.0411 0x3798  nvlddmkm - ok
02:26:11.0425 0x3798  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
02:26:11.0435 0x3798  nvraid - ok
02:26:11.0439 0x3798  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
02:26:11.0449 0x3798  nvstor - ok
02:26:11.0451 0x3798  [ E2FB488BC050378E94EECC214D2E5BE0, 86ADB37D992F7A5EADA38A309E5A6D679F3914B553854C6F5817B43845B6EE67 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
02:26:11.0462 0x3798  NvStreamKms - ok
02:26:11.0470 0x3798  [ 67B10EDFEEB3D404187487A61F19320D, 24594AF7594DCDCCCC04DF06C27769AE44DA7964FBFF900D5DEC5B5773B25822 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
02:26:11.0483 0x3798  NvTelemetryContainer - ok
02:26:11.0486 0x3798  [ 0EE2295234652B8B32E74D867303A3B8, 0814B7243BB0E578D8F6C093AFDDAB680CBD131E4FC9F4B9FEF40683DA7BCAF4 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
02:26:11.0495 0x3798  nvvad_WaveExtensible - ok
02:26:11.0498 0x3798  [ 842E1AB0A53CEDE011F71C4E4DCC9871, 1939332A1EF4C30DD1199CB25366A4E51B83CF310292E1E3157122C9707C29FB ] nvvhci          C:\Windows\system32\DRIVERS\nvvhci.sys
02:26:11.0509 0x3798  nvvhci - ok
02:26:11.0513 0x3798  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
02:26:11.0522 0x3798  nv_agp - ok
02:26:11.0525 0x3798  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
02:26:11.0536 0x3798  ohci1394 - ok
02:26:11.0563 0x3798  [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
02:26:11.0595 0x3798  Origin Client Service - ok
02:26:11.0624 0x3798  [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
02:26:11.0656 0x3798  Origin Web Helper Service - ok
02:26:11.0662 0x3798  [ F0DFE1E16F11D18898610A28F9AC3EB7, 658D1084F2328B87ACBFF490657A6C8630BCBFC47D303FDC60AC3E186FE0FE4B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:26:11.0675 0x3798  ose - ok
02:26:11.0734 0x3798  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
02:26:11.0800 0x3798  osppsvc - ok
02:26:11.0809 0x3798  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
02:26:11.0823 0x3798  p2pimsvc - ok
02:26:11.0831 0x3798  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
02:26:11.0845 0x3798  p2psvc - ok
02:26:11.0849 0x3798  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
02:26:11.0859 0x3798  Parport - ok
02:26:11.0862 0x3798  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
02:26:11.0874 0x3798  partmgr - ok
02:26:11.0879 0x3798  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
02:26:11.0893 0x3798  PcaSvc - ok
02:26:11.0897 0x3798  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
02:26:11.0907 0x3798  pci - ok
02:26:11.0909 0x3798  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
02:26:11.0917 0x3798  pciide - ok
02:26:11.0922 0x3798  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
02:26:11.0933 0x3798  pcmcia - ok
02:26:11.0935 0x3798  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
02:26:11.0944 0x3798  pcw - ok
02:26:11.0954 0x3798  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
02:26:11.0972 0x3798  PEAUTH - ok
02:26:11.0990 0x3798  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
02:26:12.0015 0x3798  PeerDistSvc - ok
02:26:12.0026 0x3798  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
02:26:12.0036 0x3798  PerfHost - ok
02:26:12.0056 0x3798  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
02:26:12.0083 0x3798  pla - ok
02:26:12.0091 0x3798  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
02:26:12.0107 0x3798  PlugPlay - ok
02:26:12.0111 0x3798  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
02:26:12.0120 0x3798  PnkBstrA - ok
02:26:12.0122 0x3798  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
02:26:12.0133 0x3798  PNRPAutoReg - ok
02:26:12.0138 0x3798  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
02:26:12.0152 0x3798  PNRPsvc - ok
02:26:12.0160 0x3798  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
02:26:12.0175 0x3798  PolicyAgent - ok
02:26:12.0181 0x3798  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
02:26:12.0205 0x3798  Power - ok
02:26:12.0209 0x3798  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
02:26:12.0231 0x3798  PptpMiniport - ok
02:26:12.0235 0x3798  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
02:26:12.0245 0x3798  Processor - ok
02:26:12.0250 0x3798  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
02:26:12.0262 0x3798  ProfSvc - ok
02:26:12.0265 0x3798  [ D6CCBE51C4FAA41F21BC451AE2C95B97, 17C99A71E169DD885B40717508D7988B7D0A78BACB11392890ED80518D0BF3F5 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:26:12.0275 0x3798  ProtectedStorage - ok
02:26:12.0279 0x3798  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
02:26:12.0303 0x3798  Psched - ok
02:26:12.0332 0x3798  [ 21E2DB427724AFEEF7C5452353ACCB5B, A0D68D588902AD82F5B363930A54FDF77443FCE0BDEF059BE10588C1DD6F064B ] Qcamain         C:\Windows\system32\DRIVERS\Qcamain7x64.sys
02:26:12.0367 0x3798  Qcamain - ok
02:26:12.0387 0x3798  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
02:26:12.0412 0x3798  ql2300 - ok
02:26:12.0417 0x3798  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
02:26:12.0426 0x3798  ql40xx - ok
02:26:12.0431 0x3798  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
02:26:12.0446 0x3798  QWAVE - ok
02:26:12.0448 0x3798  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
02:26:12.0460 0x3798  QWAVEdrv - ok
02:26:12.0463 0x3798  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
02:26:12.0483 0x3798  RasAcd - ok
02:26:12.0485 0x3798  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
02:26:12.0508 0x3798  RasAgileVpn - ok
02:26:12.0511 0x3798  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
02:26:12.0532 0x3798  RasAuto - ok
02:26:12.0535 0x3798  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
02:26:12.0556 0x3798  Rasl2tp - ok
02:26:12.0562 0x3798  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
02:26:12.0586 0x3798  RasMan - ok
02:26:12.0589 0x3798  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
02:26:12.0610 0x3798  RasPppoe - ok
02:26:12.0613 0x3798  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
02:26:12.0634 0x3798  RasSstp - ok
02:26:12.0640 0x3798  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
02:26:12.0662 0x3798  rdbss - ok
02:26:12.0664 0x3798  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
02:26:12.0675 0x3798  rdpbus - ok
02:26:12.0678 0x3798  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
02:26:12.0698 0x3798  RDPCDD - ok
02:26:12.0703 0x3798  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
02:26:12.0716 0x3798  RDPDR - ok
02:26:12.0718 0x3798  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
02:26:12.0738 0x3798  RDPENCDD - ok
02:26:12.0741 0x3798  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
02:26:12.0762 0x3798  RDPREFMP - ok
02:26:12.0765 0x3798  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
02:26:12.0775 0x3798  RdpVideoMiniport - ok
02:26:12.0780 0x3798  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
02:26:12.0791 0x3798  RDPWD - ok
02:26:12.0796 0x3798  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
02:26:12.0806 0x3798  rdyboost - ok
02:26:12.0812 0x3798  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
02:26:12.0834 0x3798  RemoteAccess - ok
02:26:12.0838 0x3798  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
02:26:12.0860 0x3798  RemoteRegistry - ok
02:26:12.0880 0x3798  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
02:26:12.0893 0x3798  RFCOMM - ok
02:26:12.0896 0x3798  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
02:26:12.0918 0x3798  RpcEptMapper - ok
02:26:12.0921 0x3798  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
02:26:12.0932 0x3798  RpcLocator - ok
02:26:12.0939 0x3798  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
02:26:12.0955 0x3798  RpcSs - ok
02:26:12.0958 0x3798  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
02:26:12.0978 0x3798  rspndr - ok
02:26:12.0980 0x3798  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
02:26:12.0990 0x3798  s3cap - ok
02:26:12.0992 0x3798  [ D6CCBE51C4FAA41F21BC451AE2C95B97, 17C99A71E169DD885B40717508D7988B7D0A78BACB11392890ED80518D0BF3F5 ] SamSs           C:\Windows\system32\lsass.exe
02:26:13.0002 0x3798  SamSs - ok
02:26:13.0004 0x3798  Samsung Printer Dianostics Service - ok
02:26:13.0008 0x3798  [ CCFCF96CB350DA48AFDCB221CA999ADA, 7E5490652E367D1EA0400ED95788AFB4E067373E5F8BF73165B7F7FDE20D1B27 ] SamsungUPDUtilSvc C:\Windows\SysWOW64\SecUPDUtilSvc.exe
02:26:13.0018 0x3798  SamsungUPDUtilSvc - ok
02:26:13.0021 0x3798  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
02:26:13.0031 0x3798  sbp2port - ok
02:26:13.0035 0x3798  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
02:26:13.0058 0x3798  SCardSvr - ok
02:26:13.0061 0x3798  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
02:26:13.0081 0x3798  scfilter - ok
02:26:13.0095 0x3798  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
02:26:13.0121 0x3798  Schedule - ok
02:26:13.0124 0x3798  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
02:26:13.0145 0x3798  SCPolicySvc - ok
02:26:13.0158 0x3798  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
02:26:13.0170 0x3798  SDRSVC - ok
02:26:13.0173 0x3798  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
02:26:13.0184 0x3798  secdrv - ok
02:26:13.0186 0x3798  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
02:26:13.0198 0x3798  seclogon - ok
02:26:13.0202 0x3798  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
02:26:13.0226 0x3798  SENS - ok
02:26:13.0229 0x3798  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
02:26:13.0239 0x3798  SensrSvc - ok
02:26:13.0242 0x3798  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
02:26:13.0252 0x3798  Serenum - ok
02:26:13.0255 0x3798  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
02:26:13.0265 0x3798  Serial - ok
02:26:13.0268 0x3798  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
02:26:13.0278 0x3798  sermouse - ok
02:26:13.0283 0x3798  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
02:26:13.0304 0x3798  SessionEnv - ok
02:26:13.0306 0x3798  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
02:26:13.0318 0x3798  sffdisk - ok
02:26:13.0320 0x3798  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
02:26:13.0333 0x3798  sffp_mmc - ok
02:26:13.0335 0x3798  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
02:26:13.0346 0x3798  sffp_sd - ok
02:26:13.0348 0x3798  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
02:26:13.0358 0x3798  sfloppy - ok
02:26:13.0364 0x3798  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
02:26:13.0388 0x3798  SharedAccess - ok
02:26:13.0394 0x3798  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:26:13.0418 0x3798  ShellHWDetection - ok
02:26:13.0421 0x3798  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
02:26:13.0430 0x3798  SiSRaid2 - ok
02:26:13.0434 0x3798  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
02:26:13.0443 0x3798  SiSRaid4 - ok
02:26:13.0448 0x3798  [ E84771625FE46CB5C53B475932EA4BE8, D6480BDFDB765690D4DF40234B1B7B3E9C08B3716D33CA7A379EBB7373F9A573 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
02:26:13.0466 0x3798  SkypeUpdate - ok
02:26:13.0469 0x3798  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
02:26:13.0490 0x3798  Smb - ok
02:26:13.0494 0x3798  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
02:26:13.0505 0x3798  SNMPTRAP - ok
02:26:13.0507 0x3798  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
02:26:13.0516 0x3798  spldr - ok
02:26:13.0525 0x3798  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
02:26:13.0551 0x3798  Spooler - ok
02:26:13.0593 0x3798  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
02:26:13.0651 0x3798  sppsvc - ok
02:26:13.0656 0x3798  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
02:26:13.0677 0x3798  sppuinotify - ok
02:26:13.0690 0x3798  [ 4C33F139236FD9BD14A920F60C1CB072, 806650B2AE7DC299DEC49C519E2452427B819213F863BFCC4188EDF075EAAD2D ] sptd            C:\Windows\system32\Drivers\sptd.sys
02:26:13.0690 0x3798  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 4C33F139236FD9BD14A920F60C1CB072, sha256: 806650B2AE7DC299DEC49C519E2452427B819213F863BFCC4188EDF075EAAD2D
02:26:13.0691 0x3798  sptd - detected LockedFile.Multi.Generic ( 1 )
02:26:13.0768 0x3798  Detect skipped due to KSN trusted
02:26:13.0768 0x3798  sptd - ok
02:26:13.0775 0x3798  [ EB15C46477EB84B6B520871ED5936CCF, 7366FD2E1315109B9A2F47DA08959CF0CBEEB1F20B2E2DEF449D39B508107D29 ] srv             C:\Windows\system32\DRIVERS\srv.sys
02:26:13.0790 0x3798  srv - ok
02:26:13.0797 0x3798  [ 7F4FDC9528BCE6FB919615B6A77D5724, C4843381504E0F50D4B8E4F8886C83112018CE5F64467B875F2809508EA2B182 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
02:26:13.0811 0x3798  srv2 - ok
02:26:13.0815 0x3798  [ 3F20CD2A11872284BD667DAD6D4801CC, 917EAA680CD10D3EA59EEF4B77BB3813D5718E7D1CB0846431255EE73035D834 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
02:26:13.0827 0x3798  srvnet - ok
02:26:13.0831 0x3798  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
02:26:13.0853 0x3798  SSDPSRV - ok
02:26:13.0856 0x3798  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
02:26:13.0864 0x3798  SSPORT - ok
02:26:13.0867 0x3798  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
02:26:13.0888 0x3798  SstpSvc - ok
02:26:13.0892 0x3798  [ 37680AECA1BF2D430719A297F68ECD49, 64E6A2C077316CE4807F2F480324F4011003686F698CCB0AA93C659DAAE1FAB5 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
02:26:13.0905 0x3798  ssudmdm - ok
02:26:13.0916 0x3798  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
02:26:13.0934 0x3798  ss_conn_service - ok
02:26:13.0955 0x3798  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
02:26:13.0981 0x3798  Steam Client Service - ok
02:26:13.0993 0x3798  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
02:26:14.0001 0x3798  stexstor - ok
02:26:14.0003 0x3798  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
02:26:14.0013 0x3798  StillCam - ok

darkrider78 · 04.05.2017, 09:26

TDSSKILLER Fortsetzung:

Code:

ATTFilter

02:26:14.0021 0x3798  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
02:26:14.0041 0x3798  stisvc - ok
02:26:14.0044 0x3798  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
02:26:14.0052 0x3798  storflt - ok
02:26:14.0055 0x3798  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
02:26:14.0065 0x3798  StorSvc - ok
02:26:14.0067 0x3798  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
02:26:14.0076 0x3798  storvsc - ok
02:26:14.0078 0x3798  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
02:26:14.0086 0x3798  swenum - ok
02:26:14.0094 0x3798  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
02:26:14.0120 0x3798  swprv - ok
02:26:14.0142 0x3798  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
02:26:14.0172 0x3798  SysMain - ok
02:26:14.0176 0x3798  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:26:14.0190 0x3798  TabletInputService - ok
02:26:14.0196 0x3798  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
02:26:14.0221 0x3798  TapiSrv - ok
02:26:14.0245 0x3798  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
02:26:14.0276 0x3798  Tcpip - ok
02:26:14.0301 0x3798  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
02:26:14.0329 0x3798  TCPIP6 - ok
02:26:14.0334 0x3798  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
02:26:14.0346 0x3798  tcpipreg - ok
02:26:14.0349 0x3798  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
02:26:14.0360 0x3798  TDPIPE - ok
02:26:14.0363 0x3798  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
02:26:14.0372 0x3798  TDTCP - ok
02:26:14.0376 0x3798  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
02:26:14.0386 0x3798  tdx - ok
02:26:14.0516 0x3798  [ 654DCE84A4674F77CDD22E46DAEA8C5A, 5BED3F2E2FA3692AA3BCE6455A58D3BE1C25D1D44578501531A33013029A093F ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
02:26:14.0644 0x3798  TeamViewer - ok
02:26:14.0654 0x3798  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
02:26:14.0663 0x3798  TermDD - ok
02:26:14.0673 0x3798  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
02:26:14.0691 0x3798  TermService - ok
02:26:14.0694 0x3798  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
02:26:14.0707 0x3798  Themes - ok
02:26:14.0710 0x3798  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
02:26:14.0730 0x3798  THREADORDER - ok
02:26:14.0734 0x3798  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
02:26:14.0757 0x3798  TrkWks - ok
02:26:14.0762 0x3798  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
02:26:14.0773 0x3798  truecrypt - ok
02:26:14.0777 0x3798  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:26:14.0798 0x3798  TrustedInstaller - ok
02:26:14.0802 0x3798  [ ABE8BFC62FB79E51086B8560689D4D02, 709CDA51B63A430C0AAD332DD64F3B77646184BD66ADFB411B50720191A6E083 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
02:26:14.0833 0x3798  tssecsrv - ok
02:26:14.0836 0x3798  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
02:26:14.0846 0x3798  TsUsbFlt - ok
02:26:14.0848 0x3798  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
02:26:14.0858 0x3798  TsUsbGD - ok
02:26:14.0862 0x3798  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
02:26:14.0883 0x3798  tunnel - ok
02:26:14.0885 0x3798  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
02:26:14.0894 0x3798  uagp35 - ok
02:26:14.0900 0x3798  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
02:26:14.0922 0x3798  udfs - ok
02:26:14.0927 0x3798  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
02:26:14.0938 0x3798  UI0Detect - ok
02:26:14.0941 0x3798  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
02:26:14.0950 0x3798  uliagpkx - ok
02:26:14.0953 0x3798  [ 694BCF23662F97D987CF4C6739C35F8B, 6D7D57785C8F968514FAB383732F9E2FB15349369D17E3BD1C438B5E95EBD388 ] UltraMonUtility C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
02:26:14.0963 0x3798  UltraMonUtility - ok
02:26:14.0965 0x3798  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
02:26:14.0977 0x3798  umbus - ok
02:26:14.0979 0x3798  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
02:26:14.0988 0x3798  UmPass - ok
02:26:14.0993 0x3798  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
02:26:15.0005 0x3798  UmRdpService - ok
02:26:15.0013 0x3798  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
02:26:15.0026 0x3798  UMVPFSrv - ok
02:26:15.0032 0x3798  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
02:26:15.0056 0x3798  upnphost - ok
02:26:15.0059 0x3798  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
02:26:15.0070 0x3798  usbaudio - ok
02:26:15.0073 0x3798  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
02:26:15.0083 0x3798  usbccgp - ok
02:26:15.0086 0x3798  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
02:26:15.0097 0x3798  usbcir - ok
02:26:15.0100 0x3798  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
02:26:15.0110 0x3798  usbehci - ok
02:26:15.0116 0x3798  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
02:26:15.0129 0x3798  usbhub - ok
02:26:15.0132 0x3798  [ 4E8CBE26FDC1CB0E2BE473B2985324C0, FD2AD423CDAE68F31978263BA29EBE2F8B4EF60698C9D406126DEE2CCA8AB9D6 ] USBLogonService C:\Program Files\USBLogon\usblonsvc.exe
02:26:15.0134 0x3798  USBLogonService - detected UnsignedFile.Multi.Generic ( 1 )
02:26:15.0222 0x3798  Detect skipped due to KSN trusted
02:26:15.0222 0x3798  USBLogonService - ok
02:26:15.0226 0x3798  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
02:26:15.0238 0x3798  usbohci - ok
02:26:15.0240 0x3798  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
02:26:15.0253 0x3798  usbprint - ok
02:26:15.0256 0x3798  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:26:15.0269 0x3798  USBSTOR - ok
02:26:15.0271 0x3798  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
02:26:15.0281 0x3798  usbuhci - ok
02:26:15.0285 0x3798  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
02:26:15.0299 0x3798  usbvideo - ok
02:26:15.0302 0x3798  [ 738F82B2D70B14A57BBDAC708C15C519, F8DDB7A0B1E3B0460AFD0946C5E108FDA3B0DE98E779B86C8CB845283820E943 ] uvhid           C:\Windows\system32\DRIVERS\uvhid.sys
02:26:15.0312 0x3798  uvhid - ok
02:26:15.0315 0x3798  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
02:26:15.0338 0x3798  UxSms - ok
02:26:15.0343 0x3798  [ D6CCBE51C4FAA41F21BC451AE2C95B97, 17C99A71E169DD885B40717508D7988B7D0A78BACB11392890ED80518D0BF3F5 ] VaultSvc        C:\Windows\system32\lsass.exe
02:26:15.0353 0x3798  VaultSvc - ok
02:26:15.0367 0x3798  [ EA1A8E890374FC8FB3F6459BCCD56F84, 45C46CE67B5F36C0C4BE56646C2823AC79E8E3CA7BB9A2CADC3410087466C08B ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
02:26:15.0388 0x3798  VBoxDrv - ok
02:26:15.0392 0x3798  [ 190C70B9068CF55F37E08DCAF3FF4C5C, 02B5A3D3042C4CB2DCF9FC855D80120C4D53D8E738616BD4C1EE26E450B67247 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
02:26:15.0403 0x3798  VBoxNetAdp - ok
02:26:15.0408 0x3798  [ 59DB706BF051D372C17F3153FC07CE90, A3A3B8A534EA531FA1C1CE3E68226FD69D589D491065432E8ACF139ADA801A9E ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
02:26:15.0419 0x3798  VBoxNetLwf - ok
02:26:15.0423 0x3798  [ 96A5BE08C3D815B19E40E00314DCF9F6, 3B6A7F2D02BFFD40B03DED95BA07DA77AB910EAFCDAFAC1CA8069BF8B0CEA931 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
02:26:15.0433 0x3798  VBoxUSB - ok
02:26:15.0437 0x3798  [ 25AB2A3865855234AAE13552195DF7D0, 09DC6FF9E809E6EF1733D2C87D63C8B18D8D7919DE7B3F2741CA97759A5E224F ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
02:26:15.0448 0x3798  VBoxUSBMon - ok
02:26:15.0450 0x3798  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
02:26:15.0459 0x3798  vdrvroot - ok
02:26:15.0467 0x3798  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
02:26:15.0493 0x3798  vds - ok
02:26:15.0496 0x3798  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
02:26:15.0507 0x3798  vga - ok
02:26:15.0509 0x3798  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
02:26:15.0529 0x3798  VgaSave - ok
02:26:15.0534 0x3798  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
02:26:15.0544 0x3798  vhdmp - ok
02:26:15.0546 0x3798  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
02:26:15.0555 0x3798  viaide - ok
02:26:15.0559 0x3798  [ C7C74D057890D93C3F9FA13874ED696E, 9532B9F4831293FB7BDEAA1B02372DDB6DC9899395CAC1DAE93EAA459DA4E682 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
02:26:15.0567 0x3798  VMAuthdService - ok
02:26:15.0572 0x3798  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
02:26:15.0584 0x3798  vmbus - ok
02:26:15.0587 0x3798  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
02:26:15.0597 0x3798  VMBusHID - ok
02:26:15.0600 0x3798  [ 23B3E571717D59C8B0A6963B79061B57, B41BF84972DE78FDD9FA1D69D0514FEABB238321A29608A5304D97EB6CC02B3F ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
02:26:15.0609 0x3798  vmci - ok
02:26:15.0612 0x3798  [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
02:26:15.0620 0x3798  VMnetAdapter - ok
02:26:15.0623 0x3798  [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
02:26:15.0631 0x3798  VMnetBridge - ok
02:26:15.0644 0x3798  [ 5AA028983A9E31F166C823213E09D831, E417A2A7E4A77E96F819EF1FCA0156AE01807825C0EE0817E649FE6C0D41A4BE ] VMnetDHCP       C:\Windows\SysWOW64\vmnetdhcp.exe
02:26:15.0656 0x3798  VMnetDHCP - ok
02:26:15.0659 0x3798  [ 3E90D3D63FF1E7C8D96C22C0634FBAE7, 469EB9597FE396FCA4ADA49C66DF0ED0F9D5C780F9321D525A6A2B99B59385DD ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
02:26:15.0667 0x3798  VMnetuserif - ok
02:26:15.0680 0x3798  [ 60F09F58C27924548F6627BF3A4111FE, 8357FDFB6574DCB2C036851CAC9A8E4659432FF1CDDBFA8195417CD975B52EF6 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
02:26:15.0698 0x3798  VMUSBArbService - ok
02:26:15.0706 0x3798  [ FE3F73C95BCDBB97CE8AF594C3EEE4CA, 69A722D67B96593CB4DEE59C99A594A1D91B176153AF923A7D4B3CAB98C7F46D ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
02:26:15.0719 0x3798  VMware NAT Service - ok
02:26:15.0722 0x3798  [ 9EA0F4084FE4FA67BE7496503C26AA85, F8700AC5B5A02F071ABE6AFFAD3A68D8BFE911C92E0F70E7F4EF8420199F4F5E ] vmx86           C:\Windows\system32\drivers\vmx86.sys
02:26:15.0730 0x3798  vmx86 - ok
02:26:15.0733 0x3798  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
02:26:15.0742 0x3798  volmgr - ok
02:26:15.0748 0x3798  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
02:26:15.0761 0x3798  volmgrx - ok
02:26:15.0766 0x3798  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
02:26:15.0778 0x3798  volsnap - ok
02:26:15.0782 0x3798  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
02:26:15.0794 0x3798  vsmraid - ok
02:26:15.0797 0x3798  [ 7639A7B4A8E5204BB37B479C2D1C8934, 2A35B3A7B20EE3F5888A089D1E46A7FD7B2D86AB36D3401A224F7CD39ABE7F27 ] vsock           C:\Windows\system32\drivers\vsock.sys
02:26:15.0806 0x3798  vsock - ok
02:26:15.0826 0x3798  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
02:26:15.0864 0x3798  VSS - ok
02:26:15.0867 0x3798  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
02:26:15.0878 0x3798  vwifibus - ok
02:26:15.0881 0x3798  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
02:26:15.0894 0x3798  vwififlt - ok
02:26:15.0896 0x3798  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
02:26:15.0909 0x3798  vwifimp - ok
02:26:15.0916 0x3798  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
02:26:15.0941 0x3798  W32Time - ok
02:26:15.0945 0x3798  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
02:26:15.0954 0x3798  WacomPen - ok
02:26:15.0958 0x3798  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
02:26:15.0978 0x3798  WANARP - ok
02:26:15.0981 0x3798  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
02:26:16.0001 0x3798  Wanarpv6 - ok
02:26:16.0020 0x3798  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
02:26:16.0047 0x3798  wbengine - ok
02:26:16.0052 0x3798  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
02:26:16.0067 0x3798  WbioSrvc - ok
02:26:16.0073 0x3798  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
02:26:16.0090 0x3798  wcncsvc - ok
02:26:16.0093 0x3798  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:26:16.0104 0x3798  WcsPlugInService - ok
02:26:16.0106 0x3798  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
02:26:16.0114 0x3798  Wd - ok
02:26:16.0117 0x3798  [ CC46CB1B492D69A5EF554F807DA01729, DED4151923A837F4889C84555D237513C9400CE5DF2DBC7FEC9B2DA1CC355C36 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64_prewin8.sys
02:26:16.0129 0x3798  WDC_SAM - ok
02:26:16.0135 0x3798  [ 7061A41616735D40751E8C85A2CD8E06, 09A06884D80B01F1208E31352AE9D4FA9D9B242FDC94E06C9108E98C44E7082D ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
02:26:16.0146 0x3798  WDDriveService - ok
02:26:16.0157 0x3798  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
02:26:16.0175 0x3798  Wdf01000 - ok
02:26:16.0179 0x3798  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
02:26:16.0192 0x3798  WdiServiceHost - ok
02:26:16.0194 0x3798  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
02:26:16.0206 0x3798  WdiSystemHost - ok
02:26:16.0211 0x3798  [ BFB595578D160F0D9EBF2D936A89D4FE, 8F843D9902B8D96A5FB44620BC341F6D7EB4CE3685F9CEFDD76F21A68A2DA788 ] wdm_usb         C:\Windows\system32\DRIVERS\usb2ser.sys
02:26:16.0226 0x3798  wdm_usb - ok
02:26:16.0231 0x3798  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
02:26:16.0246 0x3798  WebClient - ok
02:26:16.0253 0x3798  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
02:26:16.0277 0x3798  Wecsvc - ok
02:26:16.0281 0x3798  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
02:26:16.0303 0x3798  wercplsupport - ok
02:26:16.0307 0x3798  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
02:26:16.0327 0x3798  WerSvc - ok
02:26:16.0330 0x3798  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
02:26:16.0349 0x3798  WfpLwf - ok
02:26:16.0351 0x3798  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
02:26:16.0360 0x3798  WIMMount - ok
02:26:16.0362 0x3798  WinDefend - ok
02:26:16.0365 0x3798  WinHttpAutoProxySvc - ok
02:26:16.0372 0x3798  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
02:26:16.0396 0x3798  Winmgmt - ok
02:26:16.0440 0x3798  WinRing0_1_2_0 - ok
02:26:16.0473 0x3798  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
02:26:16.0507 0x3798  WinRM - ok
02:26:16.0515 0x3798  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
02:26:16.0526 0x3798  WinUSB - ok
02:26:16.0539 0x3798  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
02:26:16.0561 0x3798  Wlansvc - ok
02:26:16.0565 0x3798  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
02:26:16.0575 0x3798  WmiAcpi - ok
02:26:16.0581 0x3798  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
02:26:16.0594 0x3798  wmiApSrv - ok
02:26:16.0598 0x3798  WMPNetworkSvc - ok
02:26:16.0600 0x3798  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
02:26:16.0612 0x3798  WPCSvc - ok
02:26:16.0615 0x3798  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
02:26:16.0627 0x3798  WPDBusEnum - ok
02:26:16.0630 0x3798  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
02:26:16.0649 0x3798  ws2ifsl - ok
02:26:16.0652 0x3798  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
02:26:16.0666 0x3798  wscsvc - ok
02:26:16.0668 0x3798  WSearch - ok
02:26:16.0701 0x3798  [ F24A345C584EC2EFC49F9F375EBDA2A5, 85FBB211CA2320363B5503E06AC23C6A89007D3777D696DF6D7ADB2369965ECD ] wuauserv        C:\Windows\system32\wuaueng.dll
02:26:16.0740 0x3798  wuauserv - ok
02:26:16.0749 0x3798  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
02:26:16.0759 0x3798  WudfPf - ok
02:26:16.0764 0x3798  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
02:26:16.0776 0x3798  WUDFRd - ok
02:26:16.0779 0x3798  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
02:26:16.0791 0x3798  wudfsvc - ok
02:26:16.0796 0x3798  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
02:26:16.0811 0x3798  WwanSvc - ok
02:26:16.0813 0x3798  xhunter1 - ok
02:26:16.0829 0x3798  ================ Scan global ===============================
02:26:16.0831 0x3798  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
02:26:16.0836 0x3798  [ 1623550592C687B4F6E905FC39E8E8B0, 33D472C15964392391B1274551BFC3E228442BEEF1DCE99041D23E18753C2B35 ] C:\Windows\system32\winsrv.dll
02:26:16.0842 0x3798  [ 1623550592C687B4F6E905FC39E8E8B0, 33D472C15964392391B1274551BFC3E228442BEEF1DCE99041D23E18753C2B35 ] C:\Windows\system32\winsrv.dll
02:26:16.0847 0x3798  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
02:26:16.0853 0x3798  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
02:26:16.0856 0x3798  [ Global ] - ok
02:26:16.0857 0x3798  ================ Scan MBR ==================================
02:26:16.0858 0x3798  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
02:26:16.0874 0x3798  \Device\Harddisk0\DR0 - ok
02:26:16.0899 0x3798  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
02:26:16.0966 0x3798  \Device\Harddisk1\DR1 - ok
02:26:16.0967 0x3798  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
02:26:17.0041 0x3798  \Device\Harddisk2\DR2 - ok
02:26:17.0041 0x3798  ================ Scan VBR ==================================
02:26:17.0042 0x3798  [ 00F9F9991761102A6F8FE7A1C21C25E1 ] \Device\Harddisk0\DR0\Partition1
02:26:17.0042 0x3798  \Device\Harddisk0\DR0\Partition1 - ok
02:26:17.0044 0x3798  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
02:26:17.0044 0x3798  \Device\Harddisk0\DR0\Partition2 - ok
02:26:17.0045 0x3798  [ CDC0BAAB3AFF920AFB820CB614FDBD80 ] \Device\Harddisk0\DR0\Partition3
02:26:17.0046 0x3798  \Device\Harddisk0\DR0\Partition3 - ok
02:26:17.0047 0x3798  [ 741F81DB2856F4B8477CE9B85D09CA96 ] \Device\Harddisk1\DR1\Partition1
02:26:17.0048 0x3798  \Device\Harddisk1\DR1\Partition1 - ok
02:26:17.0049 0x3798  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
02:26:17.0049 0x3798  \Device\Harddisk2\DR2\Partition1 - ok
02:26:17.0051 0x3798  [ B0A148ADB8A8293FA14405D097FE937E ] \Device\Harddisk2\DR2\Partition2
02:26:17.0052 0x3798  \Device\Harddisk2\DR2\Partition2 - ok
02:26:17.0052 0x3798  ================ Scan generic autorun ======================
02:26:17.0063 0x3798  [ 4986E58509A8DCB765AAF00CE5239FB4, 7FD0E586ED7EC08C6E400EDCE8AC8065DDC19326640BD84A4FE8595CC5D33370 ] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
02:26:17.0078 0x3798  BtTray - detected UnsignedFile.Multi.Generic ( 1 )
02:26:17.0162 0x3798  BtTray ( UnsignedFile.Multi.Generic ) - warning
02:26:17.0263 0x3798  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
02:26:17.0275 0x3798  MBCfg64 - ok
02:26:17.0315 0x3798  [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
02:26:17.0356 0x3798  EvtMgr6 - ok
02:26:17.0459 0x3798  [ 08B627D08EDC160BFB8C13C1F26BCF87, 9F71CAE092F1BFE04620EAFF359A3EC1F4D08397EDCA40974943C79FDB72D79F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
02:26:17.0564 0x3798  RTHDVCPL - ok
02:26:17.0762 0x3798  [ 20AF39C7BE85BF7580A8EDF431A00974, C82F32547A80A786936A8E37CEC20D8C80A48B29A8C6157896C538A32D632AD4 ] C:\Program Files\Logitech Gaming Software\LCore.exe
02:26:17.0946 0x3798  Launch LCore - ok
02:26:17.0958 0x3798  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
02:26:17.0969 0x3798  ShadowPlay - ok
02:26:17.0977 0x3798  [ 8CC5E4DB25E4C22A308E2820E69D4950, A53BBE06FF226DA7E37C3ADA881AF4F856E439553DFA7D10DDECB07196545B39 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
02:26:17.0989 0x3798  CDAServer - ok
02:26:17.0992 0x3798  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
02:26:18.0003 0x3798  Logitech Download Assistant - ok
02:26:18.0035 0x3798  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
02:26:18.0073 0x3798  Malwarebytes TrayApp - ok
02:26:18.0077 0x3798  Dropbox - ok
02:26:18.0110 0x3798  [ B023DE11916C2B9048FC01B0AFE0EF66, A6E929CF62D9CE3A7E1909B64829A678C60BC94FAD4FDAA0178D28FC932F722B ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
02:26:18.0149 0x3798  KeePass 2 PreLoad - ok
02:26:18.0168 0x3798  [ 67E0ACC605B64401554CFCD0512E0F12, F4C04016381831E0F1AFBC0A7BE0AED9560D71824D50ADDC6DBE3ACB012BDB50 ] C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
02:26:18.0187 0x3798  Sound Blaster Cinema 2 - detected UnsignedFile.Multi.Generic ( 1 )
02:26:18.0268 0x3798  Detect skipped due to KSN trusted
02:26:18.0268 0x3798  Sound Blaster Cinema 2 - ok
02:26:18.0282 0x3798  [ BD0A0131D76DFD35B0C8A769C6AE1E74, 974BDFADE639992CA2FF36CA52DC0BADDE2B665F4E16080E9CA54D7264638906 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
02:26:18.0303 0x3798  EEventManager - ok
02:26:18.0367 0x3798  [ F8BD1E552918C8FDC13C25F0A3976F9F, F6C1F73A1464C9A59288D608B87FC260B13ACD0CDB0D54F7B70C2EF41B6EEB67 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
02:26:18.0435 0x3798  WD Quick View - ok
02:26:18.0459 0x3798  [ DE9A76F5ECAA1EDC2D4D2836E8148475, 0981DFADE5D61C5BBB6B63C16C5CAA159B647AA0FA78430D896F80395DC52A95 ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
02:26:18.0485 0x3798  WD Drive Unlocker - ok
02:26:18.0508 0x3798  [ E93FDA336764BBE2CB05C924AEF834B4, 2FE1443ED25708760CCB405AEFA26A4B0EE62CE20576AD31D8E4D2F4EDB13E92 ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
02:26:18.0536 0x3798  DriveUtilitiesHelper - ok
02:26:18.0547 0x3798  [ 9B9A568B8714245D2D2916AD2B837797, 0D3417C5191F52FA1A487B29219E60A76E85859C50D359FBD9085ABFB763D0BF ] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
02:26:18.0563 0x3798  Fast Boot - ok
02:26:18.0574 0x3798  [ 69698D66E820C1903081F1E8B751C334, 8FBE06F513BDF23772EB93F405657518080D511E767EA51CECF62B4D1DCD1A72 ] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
02:26:18.0592 0x3798  Command Center - ok
02:26:18.0764 0x3798  [ 1AB6D5A49ADCAE29BC91953C4A44DC63, 9D9911A46856D8B11084D6E75233434E1168CB752974F21C6A185CC6943C9F1E ] C:\Program Files (x86)\MSI\Live Update\Live Update.exe
02:26:18.0938 0x3798  Live Update - ok
02:26:18.0962 0x3798  [ 7B4E0D6B9EB81ECFA71993FD766E82EB, 48933F05B8C1EC50518A70CC7E285EB39A16B932260317867A45DC500263D077 ] C:\MSI\MSIRegister\MSIRegister.exe
02:26:18.0984 0x3798  MSIRegister - ok
02:26:18.0993 0x3798  [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
02:26:19.0007 0x3798  SunJavaUpdateSched - ok
02:26:19.0039 0x3798  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:26:19.0063 0x3798  Sidebar - ok
02:26:19.0067 0x3798  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:26:19.0080 0x3798  mctadmin - ok
02:26:19.0095 0x3798  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
02:26:19.0118 0x3798  Sidebar - ok
02:26:19.0121 0x3798  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
02:26:19.0134 0x3798  mctadmin - ok
02:26:19.0170 0x3798  [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] C:\Program Files (x86)\Steam\steam.exe
02:26:19.0210 0x3798  Steam - ok
02:26:19.0245 0x3798  [ B023DE11916C2B9048FC01B0AFE0EF66, A6E929CF62D9CE3A7E1909B64829A678C60BC94FAD4FDAA0178D28FC932F722B ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
02:26:19.0285 0x3798  KeePass Password Safe 2 - ok
02:26:19.0393 0x3798  [ EB05343AA5BEEBCD5249C10B974F1F9A, 008B879F518448669E92D66D1EFC119BB156129CAED664A6B57776B14FA9BE4F ] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
02:26:19.0502 0x3798  DisplayFusion - ok
02:26:19.0527 0x3798  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
02:26:19.0554 0x3798  Sidebar - ok
02:26:19.0556 0x3798  GoogleDriveSync - ok
02:26:19.0577 0x3798  [ 243F49E6B1AA97E01876020E17BDB4A9, 97E9CE8E9F1A77599B85B5952520B7D8BDDCE215F7EADAA884BA9F7E0D5BE568 ] C:\Users\darkrider84\AppData\Roaming\Spotify\SpotifyWebHelper.exe
02:26:19.0601 0x3798  Spotify Web Helper - ok
02:26:19.0609 0x3798  EPLTarget\P0000000000000000 - ok
02:26:19.0646 0x3798  [ 89C8F996261671DF62151EF923A926E0, 9F944A145F14A7FC8C90AD12368798DE5A97E7BF8255EC03696990EC3D4D2606 ] C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
02:26:19.0703 0x3798  Unified Remote V3 - ok
02:26:19.0754 0x3798  [ 1993AA1E592E75AA8E7C1B4DC3DF061A, A4D6003BA9DBB5E709C19B9ED4E93088D89E0157993DEE97EAC60732B2DC656E ] C:\Users\darkrider84\AppData\Local\Amazon Music\Amazon Music Helper.exe
02:26:19.0803 0x3798  Amazon Music - ok
02:26:19.0831 0x3798  [ 3AB783457278D5B48DF6E671B45EC40F, 69681EE121CE570D125735BBCC497EDF13827B9E72B6D16506CE9AA49A1DE3D4 ] C:\Users\darkrider84\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
02:26:19.0861 0x3798  Gaijin.Net Agent - ok
02:26:19.0864 0x3798  Skype - ok
02:26:19.0883 0x3798  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
02:26:19.0909 0x3798  Sidebar - ok
02:26:19.0965 0x3798  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Sgt Napoleon\AppData\Local\Akamai\netsession_win.exe
02:26:20.0025 0x3798  Akamai NetSession Interface - ok
02:26:20.0035 0x3798  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
02:26:20.0058 0x3798  Uninstall C:\Users\Sgt Napoleon\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64 - ok
02:26:20.0061 0x3798  Waiting for KSN requests completion. In queue: 265
02:26:21.0072 0x3798  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41000 ( enabled : updated )
02:26:21.0072 0x3798  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x60000 ( disabled : updated )
02:26:21.0073 0x3798  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41010 ( enabled )
02:26:21.0174 0x3798  ============================================================
02:26:21.0174 0x3798  Scan finished
02:26:21.0174 0x3798  ============================================================
02:26:21.0178 0x2534  Detected object count: 2
02:26:21.0178 0x2534  Actual detected object count: 2
02:29:16.0144 0x2534  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
02:29:16.0144 0x2534  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:29:16.0144 0x2534  BtTray ( UnsignedFile.Multi.Generic ) - skipped by user
02:29:16.0144 0x2534  BtTray ( UnsignedFile.Multi.Generic ) - User select action: Skip

Die Logs von Kaspersky Internet Security kann ich nicht finden.
Allerdings wurden diese Funde nicht während einem Suchlauf, sondern während einem Hintergrundsscan gefunden.

Bin jetzt leider erstmal einige Tage im Urlaub.
Also bitte nicht wundern, dass erstmal keine Antwort kommt.

Grüße

darkrider78

M-K-D-B · 04.05.2017, 19:46

Hallo,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

M-K-D-B · 07.05.2017, 19:30

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
Profilnachricht inklusive Link zum Thema an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Mehrere Funde von MBAM/Kaspersky -> EnigmaEncode.exe/Adware

Plagegeister aller Art und deren Bekämpfung: Mehrere Funde von MBAM/Kaspersky -> EnigmaEncode.exe/Adware