|
Plagegeister aller Art und deren Bekämpfung: Unsicher was los ist, Win7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.06.2017, 12:57 | #1 |
| Unsicher was los ist, Win7 Hallo zusammen, dieser Post dient dem sichergehen, ob ich mir ungemerkt was eingefangen habe obwohl ich garnichts mehr an meinem PC gemacht habe, was nicht vertrauenswürdig ist. (wurde gehacked, möchte sichergehen, dass es kein Programm auf dem PC ist) Hier die logs. Malwarebytes zeigt keinen Fund an. Ansonsten benutze ich MS Security Essentials Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2017 durchgeführt von Sandra (Administrator) auf CASTLE (01-06-2017 13:45:53) Gestartet von C:\Users\Sandra\Desktop Geladene Profile: Sandra (Verfügbare Profile: Sandra) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Logitech Inc.) C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\LWS.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Valve Corporation) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\CameraHelperShell.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Sandra\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) D:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_25_0_0_171.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_25_0_0_171.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Steam] => D:\Programme\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Spotify Web Helper] => C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-23] (Spotify Ltd) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Spotify] => C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-23] (Spotify Ltd) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Discord] => C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-18\...\Run: [script_fcbd] => D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat [333 2016-11-09] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-09] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{926621DC-B258-477C-BB1F-963C260A2860}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-170210240-1311727065-2204501080-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-05-29] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-05-29] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-29] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-29] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-05-29] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-29] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6581jtl4.default FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default [2017-06-01] FF Extension: (Lightbeam) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-03-23] FF Extension: (Pin It button) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2016-11-13] FF Extension: (Garmin Communicator) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-09-11] FF Extension: (WOT) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-05-09] FF Extension: (Adblock Plus) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-29] FF Extension: (DownThemAll!) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-29] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default [2017-06-01] CHR Extension: (YouTube) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11] CHR Extension: (Adobe Acrobat) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Google Mail) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11] CHR Extension: (Chrome Media Router) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-06-18] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-06-18] () [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-11-19] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-11-15] (Hi-Rez Studios) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-22] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] () S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-06-18] () R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658) R3 ElgatoVAD; C:\Windows\System32\DRIVERS\ElgatoVAD.sys [28800 2016-08-16] (Elgato Systems GmbH) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-12-08] (REALiX(tm)) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) S3 SoehnleComfort_x64; C:\Windows\System32\DRIVERS\SoehnleComfort_x64.sys [38400 2012-10-01] () ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-01 13:45 - 2017-06-01 13:45 - 00019694 _____ C:\Users\Sandra\Desktop\FRST.txt 2017-06-01 01:11 - 2017-06-01 01:11 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2017-06-01 01:11 - 2017-06-01 01:11 - 00000000 ____D C:\Program Files\Microsoft Security Client 2017-06-01 01:11 - 2017-06-01 01:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2017-06-01 00:49 - 2017-06-01 13:45 - 00000000 ____D C:\FRST 2017-06-01 00:49 - 2017-06-01 00:49 - 02431488 _____ (Farbar) C:\Users\Sandra\Desktop\FRST64.exe 2017-06-01 00:45 - 2017-06-01 00:45 - 00003241 _____ C:\Users\Sandra\Desktop\JRT.txt 2017-06-01 00:39 - 2017-06-01 00:42 - 00000000 ____D C:\AdwCleaner 2017-06-01 00:16 - 2017-06-01 01:10 - 00000000 ____D C:\Program Files\Common Files\AV 2017-06-01 00:15 - 2017-06-01 01:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-06-01 00:11 - 2017-06-01 00:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2017-05-30 03:05 - 2017-05-30 03:44 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\discord 2017-05-30 03:05 - 2017-05-30 03:05 - 00002163 _____ C:\Users\Sandra\Desktop\Discord.lnk 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\SquirrelTemp 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\Discord 2017-05-29 18:07 - 2017-05-29 18:07 - 00000000 ____D C:\988d3cdb8da3941b84 2017-05-29 18:06 - 2017-05-29 18:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2017-05-22 18:52 - 2017-05-22 19:06 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2017-05-22 18:52 - 2017-05-22 18:52 - 00000000 ____D C:\Users\Sandra\AppData\Local\PunkBuster 2017-05-22 18:51 - 2017-05-22 19:06 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2017-05-22 18:51 - 2017-05-22 18:58 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2017-05-22 18:51 - 2017-05-22 18:51 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2017-05-22 18:51 - 2017-05-22 18:51 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2017-05-21 16:14 - 2017-05-21 16:14 - 00002591 _____ C:\Users\Public\Desktop\BodyBalanceComfortSelect.lnk 2017-05-21 16:14 - 2017-05-21 16:14 - 00000000 ____D C:\Users\Sandra\AppData\Local\Leifheit_Soehnle 2017-05-21 16:14 - 2017-05-21 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soehnle 2017-05-21 16:14 - 2012-10-01 14:27 - 00038400 _____ () C:\Windows\system32\Drivers\SoehnleComfort_x64.sys 2017-05-20 17:52 - 2017-05-20 17:52 - 00000911 _____ C:\Users\Sandra\Desktop\WizeBot App.lnk 2017-05-20 17:52 - 2017-05-20 17:52 - 00000000 ____D C:\Users\Sandra\AppData\Local\Wizebot.tv 2017-05-17 20:11 - 2017-05-19 21:09 - 00000000 ____D C:\Users\Sandra\Desktop\Stadtpark+Webweek 2017-05-16 18:19 - 2017-05-16 18:20 - 00000000 ____D C:\Users\Sandra\Desktop\webweek 2017-05-13 14:28 - 2017-05-13 14:28 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Google 2017-05-12 22:36 - 2017-05-12 22:36 - 00000000 ____D C:\637c73e1917518b955979b83 2017-05-02 14:28 - 2017-05-02 14:28 - 00000000 ____D C:\3d20728df97b20f7aecc862c793a ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-01 13:40 - 2016-10-31 14:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-01 12:19 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-01 12:19 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-01 12:16 - 2016-11-18 22:20 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\Mozilla 2017-06-01 12:11 - 2016-09-11 17:53 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Spotify 2017-06-01 12:11 - 2016-09-10 21:55 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-01 12:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-01 03:20 - 2016-09-11 00:07 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\TS3Client 2017-06-01 02:00 - 2016-09-20 15:36 - 00000000 ____D C:\Users\Sandra\AppData\Local\Adobe 2017-06-01 01:12 - 2016-11-02 22:46 - 00001912 _____ C:\Windows\epplauncher.mif 2017-06-01 01:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-06-01 01:07 - 2016-09-18 19:27 - 00000000 ____D C:\Users\Sandra\AppData\Local\CrashDumps 2017-06-01 00:52 - 2017-05-01 23:37 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\Temp 2017-06-01 00:15 - 2016-09-23 01:37 - 00000000 ____D C:\Users\master 2017-06-01 00:14 - 2016-09-11 17:54 - 00000000 ____D C:\Users\Sandra\AppData\Local\Spotify 2017-05-31 23:52 - 2016-09-10 22:28 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\obs-studio 2017-05-31 15:49 - 2016-09-11 07:07 - 00698804 _____ C:\Windows\system32\perfh007.dat 2017-05-31 15:49 - 2016-09-11 07:07 - 00148944 _____ C:\Windows\system32\perfc007.dat 2017-05-31 15:49 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-30 14:17 - 2016-09-18 14:55 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Skype 2017-05-29 18:07 - 2017-01-02 19:58 - 00000000 ___HT C:\Windows\wusa.lock 2017-05-29 18:06 - 2016-09-14 17:00 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-29 18:06 - 2016-09-14 16:59 - 00000000 ____D C:\Program Files\Microsoft Office 2017-05-29 18:06 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-05-22 19:51 - 2016-09-10 22:23 - 00000000 ____D C:\Users\Sandra\AppData\Local\Ubisoft Game Launcher 2017-05-13 23:16 - 2016-10-10 22:03 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Audacity 2017-05-12 22:32 - 2016-09-14 21:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-12 22:32 - 2016-09-14 21:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-09 17:34 - 2016-10-23 13:05 - 00001198 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2017-05-09 15:39 - 2016-09-30 13:46 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-09 15:39 - 2016-09-20 15:37 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-05-09 15:39 - 2016-09-20 15:37 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-09 15:39 - 2016-09-20 15:37 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-09 15:39 - 2016-09-20 15:37 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-09 15:39 - 2016-09-20 15:37 - 00000000 ____D C:\Windows\system32\Macromed ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-10-23 00:46 - 2016-10-23 01:50 - 0007660 _____ () C:\Users\Sandra\AppData\Local\Resmon.ResmonCfg 2017-01-31 20:11 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Sandra\AppData\Local\TroubleshooterConfig.json 2016-09-24 10:22 - 2016-09-24 10:22 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-09-10 21:49 - 2016-09-10 21:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== 2017-06-01 01:13 - 2017-06-01 01:13 - 2893072 _____ (Microsoft Corporation) C:\Users\Sandra\AppData\Local\Temp\mpam-22f98529.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-04 16:18 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-05-2017 durchgeführt von Sandra (01-06-2017 13:46:06) Gestartet von C:\Users\Sandra\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-09-10 19:17:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-170210240-1311727065-2204501080-500 - Administrator - Disabled) Gast (S-1-5-21-170210240-1311727065-2204501080-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-170210240-1311727065-2204501080-1002 - Limited - Enabled) Sandra (S-1-5-21-170210240-1311727065-2204501080-1000 - Administrator - Enabled) => C:\Users\Sandra ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) AnkhBotR2 version 1.0.1.19 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.1.19 - Marcin Swierzowski aka AnkhHeart) Ansel (Version: 372.70 - NVIDIA Corporation) Hidden Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version: - Ubisoft) Body Balance Comfort Select Software (HKLM-x32\...\{F873D7A3-94D8-4B6D-B567-A56AB38AC1C0}) (Version: 1.1.4 - Leifheit AG) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.) Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) Discord (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs) Elgato Game Capture HD (HKLM\...\{879C5944-7B88-444B-A6B0-509CBC72B48D}) (Version: 3.20.33.1533 - Elgato Systems GmbH) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft) Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft) Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems) Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems) Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems) Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Support Solutions Framework (HKLM-x32\...\{D549B5E2-DBE8-4190-ABA5-71106264398C}) (Version: 12.6.14.19 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HWiNFO64 Version 5.40 (HKLM\...\HWiNFO64_is1) (Version: 5.40 - Martin Malík - REALiX) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan) Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.6.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Moobot Assistant (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\40790fab0e175d6b) (Version: 1.0.0.1 - Knudsen Apps) Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla) Mozilla Firefox 53.0.3 (x86 de) (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 45.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 de)) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 52.1.1 (x86 de) (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Mozilla Thunderbird 52.1.1 (x86 de)) (Version: 52.1.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden osu! (HKLM-x32\...\{f1ce1bae-e14e-4c0a-8542-1c70c385ecb3}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft) The Sims(TM) 3 (HKLM\...\Steam App 47890) (Version: - The Sims Studio) The Way of Life Free Edition (HKLM\...\Steam App 310370) (Version: - Fabio Ferrara) Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 4.FFD.2016 - Thrustmaster) Tomb Raider (HKLM\...\Steam App 203160) (Version: - Crystal Dynamics) Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Warface (HKLM\...\Steam App 291480) (Version: - Crytek) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WizeBot.tv App (HKLM-x32\...\WizeBot.tv App) (Version: V1.1 - WizeBot.tv) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Sandra\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Program Files (x86)\Google\Update\1.3.31.5\psmachine_64.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {030541F0-B768-4F2A-8747-93484D79F086} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-29] () Task: {226F4FFD-61EC-44DD-8D24-9C5C1234F0C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {42FE1C37-17C7-4F94-9784-C79D140BFA30} - System32\Tasks\AdobeAAMUpdater-1.0-Castle-Sandra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {4DDD6B8A-9D04-41C9-8C7C-8A307D2CD02E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {611773C4-A794-4BBD-8CD9-BAAB830EE6EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated) Task: {620D3F6C-1DD1-4358-B38C-E5DC9028730D} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {630D0C5E-C5CB-428E-8153-9A9B48F13D02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {6529DB75-F9E2-4AC3-BD2F-CE36FC9079EE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-29] (Microsoft Corporation) Task: {7809FD34-864B-4680-B569-C7773538EC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.) Task: {8A57B12A-51B0-4DDF-BF45-A567B54043DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.) Task: {8FDC7AFA-4BD7-437F-BB1E-553DEA5466B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-29] () Task: {A435AE87-616B-42A7-A993-C6958CF3D383} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-29] (Microsoft Corporation) Task: {DA30241B-CAC7-4868-AFE3-3F397DAC668F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {E2AF3C6C-4397-4DD3-81FA-36853E1A498B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {E33242E2-5762-4075-94A8-F5076E172056} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {E98D8BE8-C388-4ED4-B938-1C3D820236DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-29] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1cdcadec15321c01\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-09-10 21:55 - 2016-08-25 23:10 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-10 21:48 - 2014-06-18 07:54 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2017-05-22 18:51 - 2017-05-22 18:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-09-18 16:00 - 2016-08-26 01:28 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\CameraHelperShell.exe 2016-08-08 05:37 - 2016-08-08 05:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-09-18 16:00 - 2016-08-26 01:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-11 13:55 - 2017-03-10 02:13 - 00674592 _____ () D:\Programme\Steam\SDL2.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 04969248 _____ () D:\Programme\Steam\v8.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 01563936 _____ () D:\Programme\Steam\icui18n.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 01195296 _____ () D:\Programme\Steam\icuuc.dll 2016-09-11 13:55 - 2017-04-26 01:55 - 02465056 _____ () D:\Programme\Steam\video.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 02549760 _____ () D:\Programme\Steam\libavcodec-56.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll 2016-09-11 13:55 - 2017-04-26 01:55 - 00848672 _____ () D:\Programme\Steam\bin\chromehtml.DLL 2016-09-11 13:55 - 2016-07-05 00:17 - 00266560 _____ () D:\Programme\Steam\openvr_api.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 67117168 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libcef.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-05-30 03:05 - 2017-05-30 03:05 - 01082880 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-05-30 03:05 - 2017-05-30 03:05 - 03750400 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-05-30 03:05 - 2017-05-30 03:05 - 00914432 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2016-09-11 17:54 - 2017-05-23 19:34 - 02253424 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libglesv2.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 00086640 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libegl.dll 2016-08-29 10:09 - 2016-08-29 10:09 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtCore4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtGui4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtXml4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\imageformats\QJpeg4.dll 2016-12-13 14:42 - 2017-01-30 23:41 - 68875552 _____ () D:\Programme\Steam\bin\cef\cef.win7\libcef.dll 2016-09-11 13:55 - 2017-04-26 01:55 - 00383776 _____ () D:\Programme\Steam\steam.dll 2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 50656768 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 01874944 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 00075264 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-06-01 12:11 - 2017-06-01 12:11 - 00148992 _____ () \\?\C:\Users\Sandra\AppData\Local\Temp\9839.tmp.node 2017-05-30 03:05 - 2017-05-30 03:05 - 02658296 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-05-30 03:06 - 2017-05-30 03:06 - 02665976 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node 2017-05-09 15:39 - 2017-05-09 15:39 - 19700728 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: asComSvc => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe MSCONFIG\startupreg: Elgato Sound Capture => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe -hide_settings MSCONFIG\startupreg: PDFPrint => "D:\Programme\PDF24\pdf24.exe" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{96A18BEC-5AA0-4EF1-85E6-B6B1DEC81D71}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{5F6B1575-534B-4C94-A600-E33AE1684CE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DBB54C33-888D-47FB-B97C-AA2A70305A42}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe FirewallRules: [{CABC00B0-FBCC-4268-B82D-9FF154F51BF6}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe FirewallRules: [{985338DA-83B2-4C89-A405-8CA66EE1F8E5}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{80B92A09-24C5-4A5D-B843-3D55DC092D2C}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{209CB19B-E1B3-4752-90E6-4542CA1B7683}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{C377D6FA-3A64-46B5-B986-E77CFCF38336}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{1E6C7AF1-7C82-4493-9788-4752CAEE30EA}] => (Allow) D:\Programme\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{2B28592B-8BA8-4174-9E0A-D1D68CBAB498}] => (Allow) D:\Programme\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [TCP Query User{4CB8FB17-F2C7-49C6-B193-FDB54CF82C98}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{0B6219E1-B728-4BA0-A974-BDBD2B7949FE}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [{69D6E76C-EA50-4A3A-BA50-94C3E3DA4DEB}] => (Allow) D:\Programme\Google\Chrome\Application\chrome.exe FirewallRules: [{8850CF2F-5228-4753-9481-97E68E0A92A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{36751016-D5FD-4F68-B9C3-A86AF2B181D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [TCP Query User{E12F3F24-875C-4A11-A88A-6D7CEC60630B}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{74F15462-C703-42A0-A7BC-A6121C5DD522}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [{88F1EA1D-81F1-40FA-8FBC-8B10DD10F62D}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe FirewallRules: [{FFF8A0F7-5775-4119-8509-92131BF4CC51}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe FirewallRules: [{0B6C6BBC-A9DF-4CD2-8B59-09B5EC6498CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{B6F61FAC-4C16-4A42-A3CA-E3A7A420988A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{9DFFB746-4CA0-4CBD-8979-79A8B415BC3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{E63A411E-CFA5-4362-91ED-7AA3B31C085C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{01940263-3F55-41EB-9269-FAC5E8A199CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F6EED7EC-DA73-4FAD-888E-8E197589D865}] => (Allow) D:\Programme\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe FirewallRules: [{9A258F61-8AA8-4E72-A1E8-FD6D3C34995C}] => (Allow) D:\Programme\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe FirewallRules: [TCP Query User{3E25FB62-4A88-45C9-A7D2-103F84C0D421}D:\programme\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\programme\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe FirewallRules: [UDP Query User{6EA2FD90-EF29-4965-8428-8900EFF18314}D:\programme\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\programme\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe FirewallRules: [{7EF412C3-6601-481F-A067-AF3706E341D7}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{4B3CF318-2F4C-483D-95D8-34409D1BEE5B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{5F81FB3E-9AA8-4C98-A6FE-626D5F1B0104}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4FCBCFFC-8A49-4E6A-8ADA-A77E3741CFB1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{36ABC80A-63DC-47BF-BCB0-13849023E08A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{FDC7B986-CBE1-4BD0-A104-2CA6952DAD20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{8F17F3B5-F143-4A65-A718-D1F14AAEAF0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{980648E9-5628-4CAA-939F-E13FC1464845}] => (Allow) D:\Programme\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe FirewallRules: [{DBDB2CDA-62B0-4A83-9EB8-ECDCD1B2E0FA}] => (Allow) D:\Programme\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe FirewallRules: [{248AAF77-3DE8-4092-B046-0C6E2AC0E87B}] => (Allow) D:\Programme\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{828A78E0-A3F2-47F0-9F10-51510F6EA3D6}] => (Allow) D:\Programme\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{12523386-7501-46BB-8EF2-CD4832155B6F}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe FirewallRules: [{A893A862-3A7E-45F2-8B96-440769D5B056}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe FirewallRules: [{F2BE47E9-94FC-4FF6-93E7-43BF2DC93F29}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe FirewallRules: [{1708BD5A-388A-4778-A358-AFFB47626A7A}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe FirewallRules: [{8660E710-4BAE-4AEC-9E7E-00CC8917AFB6}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe FirewallRules: [{B6243634-4360-428B-B1FD-CB3024716CEE}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe FirewallRules: [{444192C9-4760-4487-A25A-ED0B8BA9F042}] => (Allow) D:\Programme\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe FirewallRules: [{E26B0EF7-40CA-4B34-AA35-68B25577F02A}] => (Allow) D:\Programme\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe FirewallRules: [TCP Query User{24A13A68-A92B-4C2D-9D82-84AF9006E3D1}D:\programme\overwatch\overwatch.exe] => (Allow) D:\programme\overwatch\overwatch.exe FirewallRules: [UDP Query User{14F2AB0B-0AF8-4CCE-A98C-5C8B1F3605EE}D:\programme\overwatch\overwatch.exe] => (Allow) D:\programme\overwatch\overwatch.exe FirewallRules: [TCP Query User{59B444A9-639A-4FCE-A3C8-289AA9FDACFC}D:\programme\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\programme\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{A7BBE898-F880-4C45-9AD4-FAF2C2EE36A4}D:\programme\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\programme\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [{972B2AF6-4540-4848-B842-3C55FADD97FF}] => (Allow) D:\Programme\Steam\steamapps\common\Warface\live\nw.exe FirewallRules: [{4F949D13-E07C-49B5-9930-2E873FC6934D}] => (Allow) D:\Programme\Steam\steamapps\common\Warface\live\nw.exe FirewallRules: [{36DF16F8-9870-4804-B585-C84C68D84D41}] => (Allow) D:\Programme\Steam\steamapps\common\Tomb Raider\TombRaider.exe FirewallRules: [{402DD289-6354-4671-8282-38A1C3BA484E}] => (Allow) D:\Programme\Steam\steamapps\common\Tomb Raider\TombRaider.exe FirewallRules: [{2374159D-1CF7-43E0-A93B-21239E3A5407}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{9FEDCE2C-918C-4B28-9131-D79AAF9D66E9}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{72B4417B-6C43-47AC-B785-45B2F4BB868A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{34C7B7C9-3DD3-49D9-8A41-13B4DEC8EFDC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{3D88AF0A-D3F6-46B2-9BBF-EC000812F60D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{74CC4090-4968-4F75-990E-27B68D1932CB}] => (Allow) D:\Programme\Steam\steamapps\common\Warface\live\gflauncher.exe FirewallRules: [{D6B61449-36F2-4611-94C8-655EA9E8645E}] => (Allow) D:\Programme\Steam\steamapps\common\Warface\live\gflauncher.exe FirewallRules: [{81504E0F-2679-4804-A1FC-C7668EF2F791}] => (Allow) D:\Programme\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe FirewallRules: [{5AAE61DF-4F6A-4E49-93FD-C82EF83A2696}] => (Allow) D:\Programme\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe FirewallRules: [{FAC2A59E-F569-4629-9194-5A5F85CB32CD}] => (Allow) D:\Programme\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{B4EF31FC-272A-4446-8250-8A0A6CC0629B}] => (Allow) D:\Programme\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{61C58570-B9F2-494C-B9C3-D502929569CC}] => (Allow) D:\Programme\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{4661ACCE-E0C9-4543-9A83-A91E470C0438}] => (Allow) D:\Programme\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{4523E052-1738-46AE-94B5-CEDE0CE4F343}] => (Allow) C:\Users\Sandra\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe FirewallRules: [{0E4382A7-076A-49BB-88E1-831786788C70}] => (Allow) C:\Users\Sandra\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe FirewallRules: [{2273D7ED-2DAA-40E3-8273-1CEAB442ECBA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E8B2410B-ED17-4606-A3CD-8329EFBFDF4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{BF342EA9-63AF-4BC2-80AD-67ACFF014918}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{9A06AB7A-6B89-4EA1-9707-37FEBBAC9F89}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{500EFCBB-72D4-4984-8145-2E8AD713552C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{0CFFD54E-CEE0-4300-BCF2-FDF2F2F71CFF}D:\programme\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\programme\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [UDP Query User{7E4143FE-10FB-4705-9271-B3117359149B}D:\programme\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\programme\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [{EBFC9B91-2D1E-4501-8604-6896C2C72662}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe ==================== Wiederherstellungspunkte ========================= 30-05-2017 12:30:14 Windows Update 01-06-2017 00:43:17 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/01/2017 12:13:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/01/2017 01:07:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 53.0.3.6347, Zeitstempel: 0x591d5a0c Name des fehlerhaften Moduls: xul.dll, Version: 53.0.3.6347, Zeitstempel: 0x591d59fb Ausnahmecode: 0x80000003 Fehleroffset: 0x007ffe99 ID des fehlerhaften Prozesses: 0x15c4 Startzeit der fehlerhaften Anwendung: 0x01d2da61530f8d23 Pfad der fehlerhaften Anwendung: D:\Programme\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: D:\Programme\Mozilla Firefox\xul.dll Berichtskennung: eed15eb0-4655-11e7-bcfd-1cb72caa10b4 Error: (06/01/2017 12:54:35 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/01/2017 12:52:01 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 53.0.3.6347, Zeitstempel: 0x591d5a0c Name des fehlerhaften Moduls: xul.dll, Version: 53.0.3.6347, Zeitstempel: 0x591d59fb Ausnahmecode: 0x80000003 Fehleroffset: 0x007ffe99 ID des fehlerhaften Prozesses: 0x5fac Startzeit der fehlerhaften Anwendung: 0x01d2da5fb30a2d74 Pfad der fehlerhaften Anwendung: D:\Programme\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: D:\Programme\Mozilla Firefox\xul.dll Berichtskennung: c18b03da-4653-11e7-bd50-1cb72caa10b4 Error: (06/01/2017 12:43:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (06/01/2017 12:43:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/01/2017 12:43:01 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "D:\Eigene Dateien\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (06/01/2017 12:16:34 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (05/31/2017 10:17:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b8554 ID des fehlerhaften Prozesses: 0xbb4 Startzeit der fehlerhaften Anwendung: 0x01d2da4af5d074ad Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Pfad des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Berichtskennung: 33ebb125-463e-11e7-9a83-1cb72caa10b4 Error: (05/31/2017 03:45:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Systemfehler: ============= Error: (06/01/2017 12:12:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} und APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error: (06/01/2017 12:53:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} und APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error: (06/01/2017 12:42:18 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} und APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error: (06/01/2017 12:40:50 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Kaspersky Secure Connection Service 1.0.0" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: Es wird bereits eine Instanz des Dienstes ausgeführt. Error: (06/01/2017 12:40:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/01/2017 12:40:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/01/2017 12:40:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/01/2017 12:40:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/01/2017 12:40:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/01/2017 12:40:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 55% Installierter physikalischer RAM: 8132.24 MB Verfügbarer physikalischer RAM: 3641.64 MB Summe virtueller Speicher: 16262.67 MB Verfügbarer virtueller Speicher: 10969.71 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:111.25 GB) (Free:27.13 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:801.01 GB) NTFS Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DC39A4D3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC39A4DC) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
01.06.2017, 14:59 | #2 |
/// TB-Ausbilder | Unsicher was los ist, Win7Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
01.06.2017, 15:03 | #3 |
| Unsicher was los ist, Win7 Danke vorab für deine Hilfe!
__________________Kein Fund hier. Code:
ATTFilter 16:01:13.0979 0x2bb0 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02 16:01:16.0202 0x2bb0 ============================================================ 16:01:16.0202 0x2bb0 Current date / time: 2017/06/01 16:01:16.0202 16:01:16.0202 0x2bb0 SystemInfo: 16:01:16.0202 0x2bb0 16:01:16.0202 0x2bb0 OS Version: 6.1.7601 ServicePack: 1.0 16:01:16.0202 0x2bb0 Product type: Workstation 16:01:16.0202 0x2bb0 ComputerName: CASTLE 16:01:16.0202 0x2bb0 UserName: Sandra 16:01:16.0202 0x2bb0 Windows directory: C:\Windows 16:01:16.0202 0x2bb0 System windows directory: C:\Windows 16:01:16.0202 0x2bb0 Running under WOW64 16:01:16.0202 0x2bb0 Processor architecture: Intel x64 16:01:16.0202 0x2bb0 Number of processors: 8 16:01:16.0202 0x2bb0 Page size: 0x1000 16:01:16.0202 0x2bb0 Boot type: Normal boot 16:01:16.0202 0x2bb0 CodeIntegrityOptions = 0x00000001 16:01:16.0202 0x2bb0 ============================================================ 16:01:16.0285 0x2bb0 KLMD registered as C:\Windows\system32\drivers\84950285.sys 16:01:16.0285 0x2bb0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1 16:01:16.0719 0x2bb0 System UUID: {703F48BC-FDD9-1090-7938-E6A60F868BE1} 16:01:17.0142 0x2bb0 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:01:17.0159 0x2bb0 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:01:17.0176 0x2bb0 ============================================================ 16:01:17.0176 0x2bb0 \Device\Harddisk0\DR0: 16:01:17.0176 0x2bb0 MBR partitions: 16:01:17.0176 0x2bb0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 16:01:17.0176 0x2bb0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE80800 16:01:17.0176 0x2bb0 \Device\Harddisk1\DR1: 16:01:17.0176 0x2bb0 MBR partitions: 16:01:17.0176 0x2bb0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800 16:01:17.0176 0x2bb0 ============================================================ 16:01:17.0177 0x2bb0 C: <-> \Device\Harddisk0\DR0\Partition2 16:01:17.0188 0x2bb0 D: <-> \Device\Harddisk1\DR1\Partition1 16:01:17.0188 0x2bb0 F: <-> \Device\Harddisk0\DR0\Partition1 16:01:17.0188 0x2bb0 ============================================================ 16:01:17.0188 0x2bb0 Initialize success 16:01:17.0188 0x2bb0 ============================================================ 16:01:43.0364 0x2478 ============================================================ 16:01:43.0364 0x2478 Scan started 16:01:43.0364 0x2478 Mode: Manual; SigCheck; TDLFS; 16:01:43.0364 0x2478 ============================================================ 16:01:43.0364 0x2478 KSN ping started 16:01:43.0480 0x2478 KSN ping finished: true 16:01:43.0801 0x2478 ================ Scan system memory ======================== 16:01:43.0801 0x2478 System memory - ok 16:01:43.0801 0x2478 ================ Scan services ============================= 16:01:43.0820 0x2478 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 16:01:43.0849 0x2478 1394ohci - ok 16:01:43.0858 0x2478 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 16:01:43.0868 0x2478 ACPI - ok 16:01:43.0870 0x2478 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 16:01:43.0886 0x2478 AcpiPmi - ok 16:01:43.0890 0x2478 [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:01:43.0897 0x2478 AdobeARMservice - ok 16:01:43.0909 0x2478 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:01:43.0919 0x2478 AdobeFlashPlayerUpdateSvc - ok 16:01:43.0933 0x2478 [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe 16:01:43.0949 0x2478 AdobeUpdateService - ok 16:01:43.0959 0x2478 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:01:43.0971 0x2478 adp94xx - ok 16:01:43.0979 0x2478 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:01:43.0989 0x2478 adpahci - ok 16:01:43.0993 0x2478 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:01:44.0001 0x2478 adpu320 - ok 16:01:44.0005 0x2478 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:01:44.0023 0x2478 AeLookupSvc - ok 16:01:44.0032 0x2478 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 16:01:44.0050 0x2478 AFD - ok 16:01:44.0053 0x2478 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 16:01:44.0059 0x2478 agp440 - ok 16:01:44.0096 0x2478 [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 16:01:44.0136 0x2478 AGSService - ok 16:01:44.0141 0x2478 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 16:01:44.0153 0x2478 ALG - ok 16:01:44.0155 0x2478 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 16:01:44.0160 0x2478 aliide - ok 16:01:44.0162 0x2478 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 16:01:44.0167 0x2478 amdide - ok 16:01:44.0170 0x2478 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:01:44.0177 0x2478 AmdK8 - ok 16:01:44.0179 0x2478 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 16:01:44.0186 0x2478 AmdPPM - ok 16:01:44.0189 0x2478 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys 16:01:44.0196 0x2478 amdsata - ok 16:01:44.0200 0x2478 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 16:01:44.0208 0x2478 amdsbs - ok 16:01:44.0210 0x2478 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys 16:01:44.0216 0x2478 amdxata - ok 16:01:44.0218 0x2478 [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID C:\Windows\system32\drivers\appid.sys 16:01:44.0229 0x2478 AppID - ok 16:01:44.0232 0x2478 [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc C:\Windows\System32\appidsvc.dll 16:01:44.0238 0x2478 AppIDSvc - ok 16:01:44.0241 0x2478 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll 16:01:44.0251 0x2478 Appinfo - ok 16:01:44.0256 0x2478 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 16:01:44.0268 0x2478 AppMgmt - ok 16:01:44.0271 0x2478 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 16:01:44.0277 0x2478 arc - ok 16:01:44.0281 0x2478 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:01:44.0287 0x2478 arcsas - ok 16:01:44.0302 0x2478 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 16:01:44.0325 0x2478 asComSvc - ok 16:01:44.0329 0x2478 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 16:01:44.0334 0x2478 AsIO - ok 16:01:44.0340 0x2478 [ 49C65599344CCADFD085709745761ED4, F8797F59B752A7F4BD66596DCE178BD993C73B6091A5CE7C9EFA1B557AA950E9 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:01:44.0347 0x2478 aspnet_state - ok 16:01:44.0369 0x2478 [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 16:01:44.0398 0x2478 AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 ) 16:01:44.0542 0x2478 Detect skipped due to KSN trusted 16:01:44.0542 0x2478 AsSysCtrlService - ok 16:01:44.0547 0x2478 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:01:44.0566 0x2478 AsyncMac - ok 16:01:44.0569 0x2478 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 16:01:44.0574 0x2478 atapi - ok 16:01:44.0586 0x2478 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:01:44.0603 0x2478 AudioEndpointBuilder - ok 16:01:44.0615 0x2478 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:01:44.0629 0x2478 AudioSrv - ok 16:01:44.0633 0x2478 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 16:01:44.0643 0x2478 AxInstSV - ok 16:01:44.0652 0x2478 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 16:01:44.0669 0x2478 b06bdrv - ok 16:01:44.0675 0x2478 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 16:01:44.0686 0x2478 b57nd60a - ok 16:01:44.0690 0x2478 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 16:01:44.0701 0x2478 BDESVC - ok 16:01:44.0703 0x2478 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 16:01:44.0721 0x2478 Beep - ok 16:01:44.0733 0x2478 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 16:01:44.0751 0x2478 BFE - ok 16:01:44.0767 0x2478 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 16:01:44.0797 0x2478 BITS - ok 16:01:44.0800 0x2478 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 16:01:44.0806 0x2478 blbdrive - ok 16:01:44.0809 0x2478 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:01:44.0816 0x2478 bowser - ok 16:01:44.0818 0x2478 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 16:01:44.0826 0x2478 BrFiltLo - ok 16:01:44.0828 0x2478 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 16:01:44.0836 0x2478 BrFiltUp - ok 16:01:44.0839 0x2478 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 16:01:44.0847 0x2478 Browser - ok 16:01:44.0853 0x2478 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 16:01:44.0868 0x2478 Brserid - ok 16:01:44.0871 0x2478 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 16:01:44.0879 0x2478 BrSerWdm - ok 16:01:44.0881 0x2478 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 16:01:44.0888 0x2478 BrUsbMdm - ok 16:01:44.0890 0x2478 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 16:01:44.0896 0x2478 BrUsbSer - ok 16:01:44.0898 0x2478 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:01:44.0906 0x2478 BTHMODEM - ok 16:01:44.0910 0x2478 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 16:01:44.0928 0x2478 bthserv - ok 16:01:44.0932 0x2478 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:01:44.0951 0x2478 cdfs - ok 16:01:44.0956 0x2478 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:01:44.0964 0x2478 cdrom - ok 16:01:44.0968 0x2478 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 16:01:44.0986 0x2478 CertPropSvc - ok 16:01:44.0989 0x2478 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 16:01:44.0997 0x2478 circlass - ok 16:01:45.0004 0x2478 [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS C:\Windows\system32\CLFS.sys 16:01:45.0015 0x2478 CLFS - ok 16:01:45.0079 0x2478 [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 16:01:45.0148 0x2478 ClickToRunSvc - ok 16:01:45.0157 0x2478 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:01:45.0163 0x2478 clr_optimization_v2.0.50727_32 - ok 16:01:45.0167 0x2478 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:01:45.0173 0x2478 clr_optimization_v2.0.50727_64 - ok 16:01:45.0178 0x2478 [ BD2AE15EFB47E5215B4D0C59EA00C91A, E2A3FB8B606E55E843958B93EE6A5FDCE6FB4AAA6BEFD2F030BAA91ED4B5B013 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:01:45.0186 0x2478 clr_optimization_v4.0.30319_32 - ok 16:01:45.0189 0x2478 [ 30EAABE7A3B1081B6F5DDE4A1C0305D2, 14C1D9931D32A069B6E90B47476FEC3978818D040A23BE939F04DC0A5D978509 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:01:45.0197 0x2478 clr_optimization_v4.0.30319_64 - ok 16:01:45.0199 0x2478 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 16:01:45.0205 0x2478 CmBatt - ok 16:01:45.0207 0x2478 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:01:45.0212 0x2478 cmdide - ok 16:01:45.0220 0x2478 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys 16:01:45.0234 0x2478 CNG - ok 16:01:45.0237 0x2478 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:01:45.0243 0x2478 Compbatt - ok 16:01:45.0245 0x2478 [ 0C5B0DF7EF9F719EBAE9F8FE70E083A9, 3C21F5688D7EF748B7D48625E85FB9D5A6A4ABCE1939AF4D6993D3AD5CE71FD2 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys 16:01:45.0250 0x2478 CompFilter64 - ok 16:01:45.0252 0x2478 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 16:01:45.0260 0x2478 CompositeBus - ok 16:01:45.0262 0x2478 COMSysApp - ok 16:01:45.0264 0x2478 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:01:45.0269 0x2478 crcdisk - ok 16:01:45.0274 0x2478 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:01:45.0283 0x2478 CryptSvc - ok 16:01:45.0293 0x2478 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 16:01:45.0309 0x2478 CSC - ok 16:01:45.0321 0x2478 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 16:01:45.0337 0x2478 CscService - ok 16:01:45.0348 0x2478 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 16:01:45.0374 0x2478 DcomLaunch - ok 16:01:45.0381 0x2478 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 16:01:45.0403 0x2478 defragsvc - ok 16:01:45.0406 0x2478 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:01:45.0414 0x2478 DfsC - ok 16:01:45.0420 0x2478 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 16:01:45.0441 0x2478 Dhcp - ok 16:01:45.0465 0x2478 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll 16:01:45.0496 0x2478 DiagTrack - ok 16:01:45.0500 0x2478 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 16:01:45.0518 0x2478 discache - ok 16:01:45.0521 0x2478 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 16:01:45.0527 0x2478 Disk - ok 16:01:45.0529 0x2478 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 16:01:45.0540 0x2478 dmvsc - ok 16:01:45.0545 0x2478 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:01:45.0553 0x2478 Dnscache - ok 16:01:45.0558 0x2478 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 16:01:45.0579 0x2478 dot3svc - ok 16:01:45.0584 0x2478 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 16:01:45.0603 0x2478 DPS - ok 16:01:45.0605 0x2478 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:01:45.0614 0x2478 drmkaud - ok 16:01:45.0630 0x2478 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:01:45.0651 0x2478 DXGKrnl - ok 16:01:45.0661 0x2478 [ A16FD7174C8D5A4021F8C5ED45C4EC82, 57080E6926C8E2E2589FD29B823F62A9ED38FD97284E3ACAA55B183BAA7621C4 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys 16:01:45.0674 0x2478 e1dexpress - ok 16:01:45.0677 0x2478 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 16:01:45.0696 0x2478 EapHost - ok 16:01:45.0698 0x2478 EasyAntiCheat - ok 16:01:45.0745 0x2478 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 16:01:45.0802 0x2478 ebdrv - ok 16:01:45.0809 0x2478 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS C:\Windows\System32\lsass.exe 16:01:45.0816 0x2478 EFS - ok 16:01:45.0829 0x2478 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:01:45.0851 0x2478 ehRecvr - ok 16:01:45.0855 0x2478 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 16:01:45.0864 0x2478 ehSched - ok 16:01:45.0866 0x2478 [ B927628E9BCE5AA671A0099CCAAD4726, BB0FFF1BB8E82EA879BD8EDE83F3E216E63CF5BC0E099C3BDC37533D00045AE4 ] ElgatoGC658Y C:\Windows\system32\Drivers\ElgatoGC658.sys 16:01:45.0872 0x2478 ElgatoGC658Y - ok 16:01:45.0874 0x2478 [ D8CFAE73CF6AB92B94B2043ABB3F2CF2, B98ABCEF4315B13BC7619A3F1B6216F38CFE4220F8338F11B29A5DFBC9EB8A79 ] ElgatoVAD C:\Windows\system32\DRIVERS\ElgatoVAD.sys 16:01:45.0879 0x2478 ElgatoVAD - ok 16:01:45.0889 0x2478 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:01:45.0903 0x2478 elxstor - ok 16:01:45.0905 0x2478 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:01:45.0911 0x2478 ErrDev - ok 16:01:45.0920 0x2478 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 16:01:45.0943 0x2478 EventSystem - ok 16:01:45.0948 0x2478 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 16:01:45.0968 0x2478 exfat - ok 16:01:45.0973 0x2478 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:01:45.0995 0x2478 fastfat - ok 16:01:46.0007 0x2478 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 16:01:46.0026 0x2478 Fax - ok 16:01:46.0030 0x2478 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 16:01:46.0036 0x2478 fdc - ok 16:01:46.0038 0x2478 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 16:01:46.0055 0x2478 fdPHost - ok 16:01:46.0058 0x2478 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 16:01:46.0075 0x2478 FDResPub - ok 16:01:46.0078 0x2478 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:01:46.0084 0x2478 FileInfo - ok 16:01:46.0086 0x2478 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:01:46.0104 0x2478 Filetrace - ok 16:01:46.0106 0x2478 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 16:01:46.0113 0x2478 flpydisk - ok 16:01:46.0119 0x2478 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:01:46.0128 0x2478 FltMgr - ok 16:01:46.0147 0x2478 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll 16:01:46.0171 0x2478 FontCache - ok 16:01:46.0174 0x2478 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:01:46.0180 0x2478 FontCache3.0.0.0 - ok 16:01:46.0183 0x2478 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 16:01:46.0188 0x2478 FsDepends - ok 16:01:46.0190 0x2478 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:01:46.0196 0x2478 Fs_Rec - ok 16:01:46.0201 0x2478 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 16:01:46.0211 0x2478 fvevol - ok 16:01:46.0213 0x2478 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:01:46.0219 0x2478 gagp30kx - ok 16:01:46.0238 0x2478 [ F78BC07DCED5EDDD6D477E923620F8EA, ABE28155100A38A5E1B58FFC8099EF416145278B440A67B8DAFD7715FE412624 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 16:01:46.0261 0x2478 GfExperienceService - ok 16:01:46.0275 0x2478 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll 16:01:46.0294 0x2478 gpsvc - ok 16:01:46.0300 0x2478 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:01:46.0307 0x2478 gupdate - ok 16:01:46.0310 0x2478 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:01:46.0316 0x2478 gupdatem - ok 16:01:46.0319 0x2478 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 16:01:46.0329 0x2478 hcw85cir - ok 16:01:46.0336 0x2478 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:01:46.0348 0x2478 HdAudAddService - ok 16:01:46.0352 0x2478 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:01:46.0361 0x2478 HDAudBus - ok 16:01:46.0363 0x2478 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 16:01:46.0369 0x2478 HidBatt - ok 16:01:46.0372 0x2478 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:01:46.0381 0x2478 HidBth - ok 16:01:46.0384 0x2478 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 16:01:46.0392 0x2478 HidIr - ok 16:01:46.0394 0x2478 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 16:01:46.0412 0x2478 hidserv - ok 16:01:46.0415 0x2478 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:01:46.0424 0x2478 HidUsb - ok 16:01:46.0450 0x2478 [ 2FA521C68E0CD492E6C216EA617EE4AB, D6FE38E23CD8D2CB879FC9AC91213A6E24DF5CC831E8FAE83807C6629025CAEE ] HiPatchService D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 16:01:46.0453 0x2478 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 ) 16:01:46.0599 0x2478 Detect skipped due to KSN trusted 16:01:46.0599 0x2478 HiPatchService - ok 16:01:46.0602 0x2478 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:01:46.0622 0x2478 hkmsvc - ok 16:01:46.0627 0x2478 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 16:01:46.0640 0x2478 HomeGroupListener - ok 16:01:46.0645 0x2478 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 16:01:46.0655 0x2478 HomeGroupProvider - ok 16:01:46.0658 0x2478 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 16:01:46.0664 0x2478 HpSAMD - ok 16:01:46.0667 0x2478 [ 91ADA2CF99A0C28A231763E033FD6F98, 80F6ABD22D018EBF5AC3FD5BEE941962B29B1517EACE0C7730C00D7DE17CEFAC ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 16:01:46.0673 0x2478 HPSupportSolutionsFrameworkService - ok 16:01:46.0686 0x2478 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:01:46.0707 0x2478 HTTP - ok 16:01:46.0710 0x2478 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS 16:01:46.0716 0x2478 HWiNFO32 - ok 16:01:46.0718 0x2478 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 16:01:46.0723 0x2478 hwpolicy - ok 16:01:46.0726 0x2478 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 16:01:46.0733 0x2478 i8042prt - ok 16:01:46.0741 0x2478 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 16:01:46.0752 0x2478 iaStorV - ok 16:01:46.0767 0x2478 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:01:46.0786 0x2478 idsvc - ok 16:01:46.0788 0x2478 IEEtwCollectorService - ok 16:01:46.0791 0x2478 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:01:46.0796 0x2478 iirsp - ok 16:01:46.0810 0x2478 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 16:01:46.0830 0x2478 IKEEXT - ok 16:01:46.0888 0x2478 [ CC2521C1BE66E922196431B77F765178, 07106F575F715F761E01D3788053CBA6E53DD8390CE79BD4F6FC2BCDDC34C982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:01:46.0954 0x2478 IntcAzAudAddService - ok 16:01:46.0963 0x2478 [ E42505363945956ECB5D38A4EB21CB39, C6A46A7621721EB1EA46E5F7D2E560D8022A97241F0792814015F803D96A2C92 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe 16:01:46.0971 0x2478 Intel(R) PROSet Monitoring Service - ok 16:01:46.0974 0x2478 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 16:01:46.0979 0x2478 intelide - ok 16:01:46.0981 0x2478 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:01:46.0988 0x2478 intelppm - ok 16:01:46.0991 0x2478 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:01:47.0010 0x2478 IPBusEnum - ok 16:01:47.0013 0x2478 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:01:47.0032 0x2478 IpFilterDriver - ok 16:01:47.0042 0x2478 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:01:47.0067 0x2478 iphlpsvc - ok 16:01:47.0071 0x2478 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 16:01:47.0078 0x2478 IPMIDRV - ok 16:01:47.0081 0x2478 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 16:01:47.0100 0x2478 IPNAT - ok 16:01:47.0102 0x2478 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:01:47.0111 0x2478 IRENUM - ok 16:01:47.0113 0x2478 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:01:47.0118 0x2478 isapnp - ok 16:01:47.0124 0x2478 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 16:01:47.0133 0x2478 iScsiPrt - ok 16:01:47.0135 0x2478 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 16:01:47.0140 0x2478 iusb3hcs - ok 16:01:47.0147 0x2478 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 16:01:47.0157 0x2478 iusb3hub - ok 16:01:47.0169 0x2478 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 16:01:47.0186 0x2478 iusb3xhc - ok 16:01:47.0189 0x2478 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:01:47.0195 0x2478 kbdclass - ok 16:01:47.0197 0x2478 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:01:47.0203 0x2478 kbdhid - ok 16:01:47.0205 0x2478 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso C:\Windows\system32\lsass.exe 16:01:47.0211 0x2478 KeyIso - ok 16:01:47.0214 0x2478 [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:01:47.0220 0x2478 KSecDD - ok 16:01:47.0224 0x2478 [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 16:01:47.0231 0x2478 KSecPkg - ok 16:01:47.0233 0x2478 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:01:47.0250 0x2478 ksthunk - ok 16:01:47.0257 0x2478 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 16:01:47.0280 0x2478 KtmRm - ok 16:01:47.0285 0x2478 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 16:01:47.0305 0x2478 LanmanServer - ok 16:01:47.0309 0x2478 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:01:47.0328 0x2478 LanmanWorkstation - ok 16:01:47.0332 0x2478 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:01:47.0349 0x2478 lltdio - ok 16:01:47.0356 0x2478 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:01:47.0377 0x2478 lltdsvc - ok 16:01:47.0379 0x2478 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:01:47.0397 0x2478 lmhosts - ok 16:01:47.0401 0x2478 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:01:47.0407 0x2478 LSI_FC - ok 16:01:47.0410 0x2478 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:01:47.0417 0x2478 LSI_SAS - ok 16:01:47.0419 0x2478 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 16:01:47.0425 0x2478 LSI_SAS2 - ok 16:01:47.0429 0x2478 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:01:47.0435 0x2478 LSI_SCSI - ok 16:01:47.0439 0x2478 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 16:01:47.0458 0x2478 luafv - ok 16:01:47.0465 0x2478 [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 16:01:47.0475 0x2478 LVRS64 - ok 16:01:47.0542 0x2478 [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 16:01:47.0619 0x2478 LVUVC64 - ok 16:01:47.0628 0x2478 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:01:47.0636 0x2478 Mcx2Svc - ok 16:01:47.0638 0x2478 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 16:01:47.0644 0x2478 megasas - ok 16:01:47.0649 0x2478 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 16:01:47.0659 0x2478 MegaSR - ok 16:01:47.0662 0x2478 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 16:01:47.0681 0x2478 MMCSS - ok 16:01:47.0684 0x2478 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 16:01:47.0702 0x2478 Modem - ok 16:01:47.0704 0x2478 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:01:47.0711 0x2478 monitor - ok 16:01:47.0714 0x2478 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:01:47.0720 0x2478 mouclass - ok 16:01:47.0722 0x2478 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:01:47.0728 0x2478 mouhid - ok 16:01:47.0731 0x2478 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 16:01:47.0738 0x2478 mountmgr - ok 16:01:47.0741 0x2478 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:01:47.0749 0x2478 MozillaMaintenance - ok 16:01:47.0755 0x2478 [ 3665AB2F67F4024F5F3F80335ED5322A, BE3DC246F176E00D7611A7E16FBC22615199F49EBCB4C90B0C107294E592BF8D ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 16:01:47.0767 0x2478 MpFilter - ok 16:01:47.0771 0x2478 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 16:01:47.0778 0x2478 mpio - ok 16:01:47.0782 0x2478 [ AA12FAF01013F63348B722D3588550FF, AADE8C93BFE0830AE43AD649F62D7D7E25FC14107B172815EF9F4069C19ADFCC ] MpKsl595ec118 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4CDB7563-3086-4ABD-92D9-3DBC7F307403}\MpKsl595ec118.sys 16:01:47.0789 0x2478 MpKsl595ec118 - ok 16:01:47.0792 0x2478 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:01:47.0811 0x2478 mpsdrv - ok 16:01:47.0825 0x2478 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:01:47.0856 0x2478 MpsSvc - ok 16:01:47.0861 0x2478 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:01:47.0872 0x2478 MRxDAV - ok 16:01:47.0877 0x2478 [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:01:47.0885 0x2478 mrxsmb - ok 16:01:47.0891 0x2478 [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:01:47.0902 0x2478 mrxsmb10 - ok 16:01:47.0906 0x2478 [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:01:47.0914 0x2478 mrxsmb20 - ok 16:01:47.0916 0x2478 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 16:01:47.0921 0x2478 msahci - ok 16:01:47.0925 0x2478 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:01:47.0932 0x2478 msdsm - ok 16:01:47.0936 0x2478 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 16:01:47.0944 0x2478 MSDTC - ok 16:01:47.0948 0x2478 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:01:47.0965 0x2478 Msfs - ok 16:01:47.0968 0x2478 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 16:01:47.0986 0x2478 mshidkmdf - ok 16:01:47.0988 0x2478 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:01:47.0994 0x2478 msisadrv - ok 16:01:47.0998 0x2478 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:01:48.0018 0x2478 MSiSCSI - ok 16:01:48.0020 0x2478 msiserver - ok 16:01:48.0021 0x2478 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:01:48.0039 0x2478 MSKSSRV - ok 16:01:48.0042 0x2478 [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3, 6A462DAC110015F3E59610202714120C557674019A0196680B72031C50D7C474 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 16:01:48.0050 0x2478 MsMpSvc - ok 16:01:48.0052 0x2478 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:01:48.0069 0x2478 MSPCLOCK - ok 16:01:48.0071 0x2478 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:01:48.0091 0x2478 MSPQM - ok 16:01:48.0098 0x2478 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:01:48.0109 0x2478 MsRPC - ok 16:01:48.0112 0x2478 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:01:48.0118 0x2478 mssmbios - ok 16:01:48.0119 0x2478 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:01:48.0136 0x2478 MSTEE - ok 16:01:48.0139 0x2478 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 16:01:48.0145 0x2478 MTConfig - ok 16:01:48.0147 0x2478 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 16:01:48.0153 0x2478 Mup - ok 16:01:48.0162 0x2478 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 16:01:48.0186 0x2478 napagent - ok 16:01:48.0192 0x2478 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:01:48.0205 0x2478 NativeWifiP - ok 16:01:48.0221 0x2478 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 16:01:48.0240 0x2478 NDIS - ok 16:01:48.0243 0x2478 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 16:01:48.0261 0x2478 NdisCap - ok 16:01:48.0263 0x2478 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:01:48.0280 0x2478 NdisTapi - ok 16:01:48.0283 0x2478 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:01:48.0300 0x2478 Ndisuio - ok 16:01:48.0304 0x2478 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:01:48.0323 0x2478 NdisWan - ok 16:01:48.0326 0x2478 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:01:48.0345 0x2478 NDProxy - ok 16:01:48.0347 0x2478 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:01:48.0366 0x2478 NetBIOS - ok 16:01:48.0371 0x2478 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 16:01:48.0381 0x2478 NetBT - ok 16:01:48.0383 0x2478 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon C:\Windows\system32\lsass.exe 16:01:48.0389 0x2478 Netlogon - ok 16:01:48.0396 0x2478 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 16:01:48.0419 0x2478 Netman - ok 16:01:48.0423 0x2478 [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:01:48.0432 0x2478 NetMsmqActivator - ok 16:01:48.0435 0x2478 [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:01:48.0443 0x2478 NetPipeActivator - ok 16:01:48.0451 0x2478 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 16:01:48.0476 0x2478 netprofm - ok 16:01:48.0480 0x2478 [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:01:48.0487 0x2478 NetTcpActivator - ok 16:01:48.0491 0x2478 [ 2635C2A431F5F04DFFE23C2678BBA410, D6F6973B57D2ED4DC4BF097CBBECFDA3045CED2C7E970CF7E127961F196893BD ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:01:48.0498 0x2478 NetTcpPortSharing - ok 16:01:48.0500 0x2478 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:01:48.0506 0x2478 nfrd960 - ok 16:01:48.0510 0x2478 [ CE5F6E635FE4506AE6F2D6EB87425128, 3DB5ECF7CD2F2C3C010AA40CE57F1B3856E284BBA359FBC41A1B340E3180FD5F ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 16:01:48.0518 0x2478 NisDrv - ok 16:01:48.0525 0x2478 [ D630B510E1E3FF6BA12B705F47F115D9, 05D76065D5D9A82E53EA18CD2D0184338681A7BBD3CD5D6C44D1FA5CB1C63640 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 16:01:48.0537 0x2478 NisSrv - ok 16:01:48.0544 0x2478 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 16:01:48.0555 0x2478 NlaSvc - ok 16:01:48.0557 0x2478 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:01:48.0575 0x2478 Npfs - ok 16:01:48.0577 0x2478 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 16:01:48.0595 0x2478 nsi - ok 16:01:48.0598 0x2478 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:01:48.0615 0x2478 nsiproxy - ok 16:01:48.0642 0x2478 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:01:48.0673 0x2478 Ntfs - ok 16:01:48.0676 0x2478 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 16:01:48.0694 0x2478 Null - ok 16:01:48.0699 0x2478 [ 67B51A97733B10D716B366C2ED126763, C34B889D39A4443A82BCDF6B9A0BF637D2ECC37BBB1AAE21143EC9E3DC495D90 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 16:01:48.0709 0x2478 NVHDA - ok 16:01:48.0901 0x2478 [ 6F6F94E2D41B5B89375D6214D155577F, 8721D5AB1220E0A7AA360089F176F8D2CFEDDFC2F078DDAC2FA8CD3AB6A30AFF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:01:49.0126 0x2478 nvlddmkm - ok 16:01:49.0168 0x2478 [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 16:01:49.0202 0x2478 NvNetworkService - ok 16:01:49.0207 0x2478 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:01:49.0215 0x2478 nvraid - ok 16:01:49.0218 0x2478 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:01:49.0226 0x2478 nvstor - ok 16:01:49.0228 0x2478 [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 16:01:49.0234 0x2478 NvStreamKms - ok 16:01:49.0283 0x2478 [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 16:01:49.0344 0x2478 NvStreamNetworkSvc - ok 16:01:49.0382 0x2478 [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 16:01:49.0426 0x2478 NvStreamSvc - ok 16:01:49.0449 0x2478 [ 8BA4C4A4E3F72A43B5E3CBC59FA33422, 353660E61B88BE939F3C1E47B9D5CD8A8C6A556F09A63A4C83FE91EACF81D0EE ] nvsvc C:\Windows\system32\nvvsvc.exe 16:01:49.0476 0x2478 nvsvc - ok 16:01:49.0480 0x2478 [ 38175904276F86EA4704EC13B77FB4B0, 4965BCF17E3D9EE4CE2E4DC158C5E7179C3ABBAE9D640FBCFFBCA973F21DDDF6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 16:01:49.0487 0x2478 nvvad_WaveExtensible - ok 16:01:49.0490 0x2478 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:01:49.0497 0x2478 nv_agp - ok 16:01:49.0500 0x2478 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 16:01:49.0507 0x2478 ohci1394 - ok 16:01:49.0512 0x2478 [ 2E66B6C7A68D5A72870AE7C4AFC837BD, D2A198BB97C5A0000F933E693E60539396AF58173B6CD8B184700F2C860915DE ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:01:49.0522 0x2478 ose64 - ok 16:01:49.0593 0x2478 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:01:49.0676 0x2478 osppsvc - ok 16:01:49.0689 0x2478 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 16:01:49.0703 0x2478 p2pimsvc - ok 16:01:49.0711 0x2478 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 16:01:49.0723 0x2478 p2psvc - ok 16:01:49.0726 0x2478 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 16:01:49.0733 0x2478 Parport - ok 16:01:49.0736 0x2478 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:01:49.0743 0x2478 partmgr - ok 16:01:49.0747 0x2478 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll 16:01:49.0759 0x2478 PcaSvc - ok 16:01:49.0764 0x2478 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 16:01:49.0771 0x2478 pci - ok 16:01:49.0773 0x2478 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 16:01:49.0778 0x2478 pciide - ok 16:01:49.0783 0x2478 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:01:49.0791 0x2478 pcmcia - ok 16:01:49.0793 0x2478 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 16:01:49.0799 0x2478 pcw - ok 16:01:49.0810 0x2478 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:01:49.0826 0x2478 PEAUTH - ok 16:01:49.0848 0x2478 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 16:01:49.0879 0x2478 PeerDistSvc - ok 16:01:49.0889 0x2478 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:01:49.0896 0x2478 PerfHost - ok 16:01:49.0919 0x2478 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 16:01:49.0958 0x2478 pla - ok 16:01:49.0968 0x2478 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:01:49.0980 0x2478 PlugPlay - ok 16:01:49.0982 0x2478 PnkBstrA - ok 16:01:49.0984 0x2478 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 16:01:49.0990 0x2478 PNRPAutoReg - ok 16:01:49.0997 0x2478 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 16:01:50.0007 0x2478 PNRPsvc - ok 16:01:50.0017 0x2478 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:01:50.0033 0x2478 PolicyAgent - ok 16:01:50.0038 0x2478 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 16:01:50.0059 0x2478 Power - ok 16:01:50.0063 0x2478 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:01:50.0082 0x2478 PptpMiniport - ok 16:01:50.0084 0x2478 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 16:01:50.0092 0x2478 Processor - ok 16:01:50.0097 0x2478 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 16:01:50.0109 0x2478 ProfSvc - ok 16:01:50.0112 0x2478 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe 16:01:50.0117 0x2478 ProtectedStorage - ok 16:01:50.0121 0x2478 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 16:01:50.0138 0x2478 Psched - ok 16:01:50.0162 0x2478 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:01:50.0190 0x2478 ql2300 - ok 16:01:50.0195 0x2478 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:01:50.0202 0x2478 ql40xx - ok 16:01:50.0207 0x2478 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 16:01:50.0219 0x2478 QWAVE - ok 16:01:50.0221 0x2478 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:01:50.0230 0x2478 QWAVEdrv - ok 16:01:50.0232 0x2478 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:01:50.0249 0x2478 RasAcd - ok 16:01:50.0251 0x2478 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 16:01:50.0269 0x2478 RasAgileVpn - ok 16:01:50.0273 0x2478 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 16:01:50.0292 0x2478 RasAuto - ok 16:01:50.0296 0x2478 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:01:50.0315 0x2478 Rasl2tp - ok 16:01:50.0321 0x2478 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 16:01:50.0343 0x2478 RasMan - ok 16:01:50.0346 0x2478 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:01:50.0366 0x2478 RasPppoe - ok 16:01:50.0369 0x2478 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:01:50.0387 0x2478 RasSstp - ok 16:01:50.0391 0x2478 [ 5332223C0D4CEC95787607906B53E861, EA1FB6373EFA303D0A69DB49D4B05BA489D1FB428E9AF948FA4FAFB94264AE4E ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 16:01:50.0399 0x2478 Razer Game Scanner Service - ok 16:01:50.0405 0x2478 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:01:50.0426 0x2478 rdbss - ok 16:01:50.0428 0x2478 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 16:01:50.0435 0x2478 rdpbus - ok 16:01:50.0437 0x2478 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:01:50.0454 0x2478 RDPCDD - ok 16:01:50.0459 0x2478 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 16:01:50.0470 0x2478 RDPDR - ok 16:01:50.0473 0x2478 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:01:50.0490 0x2478 RDPENCDD - ok 16:01:50.0492 0x2478 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 16:01:50.0510 0x2478 RDPREFMP - ok 16:01:50.0515 0x2478 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:01:50.0524 0x2478 RDPWD - ok 16:01:50.0529 0x2478 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 16:01:50.0537 0x2478 rdyboost - ok 16:01:50.0541 0x2478 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:01:50.0561 0x2478 RemoteAccess - ok 16:01:50.0565 0x2478 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:01:50.0586 0x2478 RemoteRegistry - ok 16:01:50.0589 0x2478 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 16:01:50.0609 0x2478 RpcEptMapper - ok 16:01:50.0611 0x2478 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 16:01:50.0617 0x2478 RpcLocator - ok 16:01:50.0627 0x2478 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 16:01:50.0651 0x2478 RpcSs - ok 16:01:50.0654 0x2478 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:01:50.0672 0x2478 rspndr - ok 16:01:50.0675 0x2478 [ 5709A79EC6011BF109C7167DDC6EC603, BB6B939C5FD8CD3E88FD115C1D4ABF7E05FC33A03C041079CC7F078C8FA43FE7 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys 16:01:50.0681 0x2478 rzendpt - ok 16:01:50.0683 0x2478 [ 434A22267365AEF88B3AD451B65988AE, 75EFCFF52501E7E3E7B50C4D793DD55F085E378DA1C78772244AB27708409900 ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys 16:01:50.0689 0x2478 rzpmgrk - ok 16:01:50.0692 0x2478 [ F8A13D4413A93DD005FAD116CBD6B6F7, 8ED0C00920CE76E832701D45117ED00B12E20588CB6FE8039FBCCDFEF9841047 ] rzpnk C:\Windows\system32\drivers\rzpnk.sys 16:01:50.0698 0x2478 rzpnk - ok 16:01:50.0703 0x2478 [ E7E36EA112048AC5AC8AA15B6EC35109, 75AC0FF6E939FFCA1DB3E12E1CA2725AF9527867A25B3938AC5DF20620352F22 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys 16:01:50.0711 0x2478 rzudd - ok 16:01:50.0713 0x2478 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 16:01:50.0719 0x2478 s3cap - ok 16:01:50.0721 0x2478 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs C:\Windows\system32\lsass.exe 16:01:50.0727 0x2478 SamSs - ok 16:01:50.0730 0x2478 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:01:50.0736 0x2478 sbp2port - ok 16:01:50.0741 0x2478 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:01:50.0762 0x2478 SCardSvr - ok 16:01:50.0764 0x2478 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 16:01:50.0780 0x2478 scfilter - ok 16:01:50.0799 0x2478 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 16:01:50.0828 0x2478 Schedule - ok 16:01:50.0832 0x2478 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:01:50.0850 0x2478 SCPolicySvc - ok 16:01:50.0855 0x2478 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:01:50.0867 0x2478 SDRSVC - ok 16:01:50.0870 0x2478 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:01:50.0878 0x2478 secdrv - ok 16:01:50.0881 0x2478 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll 16:01:50.0890 0x2478 seclogon - ok 16:01:50.0893 0x2478 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 16:01:50.0912 0x2478 SENS - ok 16:01:50.0914 0x2478 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 16:01:50.0923 0x2478 SensrSvc - ok 16:01:50.0925 0x2478 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 16:01:50.0931 0x2478 Serenum - ok 16:01:50.0934 0x2478 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 16:01:50.0941 0x2478 Serial - ok 16:01:50.0944 0x2478 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:01:50.0950 0x2478 sermouse - ok 16:01:50.0955 0x2478 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 16:01:50.0974 0x2478 SessionEnv - ok 16:01:50.0976 0x2478 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:01:50.0984 0x2478 sffdisk - ok 16:01:50.0986 0x2478 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:01:50.0994 0x2478 sffp_mmc - ok 16:01:50.0996 0x2478 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:01:51.0003 0x2478 sffp_sd - ok 16:01:51.0005 0x2478 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:01:51.0012 0x2478 sfloppy - ok 16:01:51.0019 0x2478 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:01:51.0042 0x2478 SharedAccess - ok 16:01:51.0049 0x2478 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:01:51.0072 0x2478 ShellHWDetection - ok 16:01:51.0075 0x2478 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 16:01:51.0081 0x2478 SiSRaid2 - ok 16:01:51.0084 0x2478 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:01:51.0091 0x2478 SiSRaid4 - ok 16:01:51.0098 0x2478 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:01:51.0113 0x2478 SkypeUpdate - ok 16:01:51.0116 0x2478 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:01:51.0135 0x2478 Smb - ok 16:01:51.0139 0x2478 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:01:51.0145 0x2478 SNMPTRAP - ok 16:01:51.0148 0x2478 [ 7E5B0FED87F679CFE547B9CB784DE546, 84559C174E0664BEA8F3108157CEC266F8109D448D88A230A6050079ED9DF15E ] SoehnleComfort_x64 C:\Windows\system32\DRIVERS\SoehnleComfort_x64.sys 16:01:51.0166 0x2478 SoehnleComfort_x64 - ok 16:01:51.0168 0x2478 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 16:01:51.0173 0x2478 spldr - ok 16:01:51.0184 0x2478 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe 16:01:51.0209 0x2478 Spooler - ok 16:01:51.0261 0x2478 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 16:01:51.0332 0x2478 sppsvc - ok 16:01:51.0338 0x2478 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 16:01:51.0359 0x2478 sppuinotify - ok 16:01:51.0367 0x2478 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:01:51.0383 0x2478 srv - ok 16:01:51.0391 0x2478 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:01:51.0403 0x2478 srv2 - ok 16:01:51.0407 0x2478 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:01:51.0416 0x2478 srvnet - ok 16:01:51.0421 0x2478 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:01:51.0442 0x2478 SSDPSRV - ok 16:01:51.0445 0x2478 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:01:51.0465 0x2478 SstpSvc - ok 16:01:51.0488 0x2478 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 16:01:51.0518 0x2478 Steam Client Service - ok 16:01:51.0527 0x2478 [ 9ADBFF044BCC3546B5274EB59A67C93E, 87AA1C05BBBC631B82961AACC0FE467D5F504AFC8E9E19FAF12ABAE1497F9566 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe 16:01:51.0539 0x2478 Stereo Service - ok 16:01:51.0542 0x2478 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 16:01:51.0548 0x2478 stexstor - ok 16:01:51.0550 0x2478 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 16:01:51.0559 0x2478 StillCam - ok 16:01:51.0570 0x2478 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 16:01:51.0588 0x2478 stisvc - ok 16:01:51.0591 0x2478 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 16:01:51.0597 0x2478 storflt - ok 16:01:51.0599 0x2478 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 16:01:51.0609 0x2478 StorSvc - ok 16:01:51.0611 0x2478 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 16:01:51.0617 0x2478 storvsc - ok 16:01:51.0619 0x2478 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:01:51.0624 0x2478 swenum - ok 16:01:51.0633 0x2478 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 16:01:51.0659 0x2478 swprv - ok 16:01:51.0687 0x2478 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 16:01:51.0724 0x2478 SysMain - ok 16:01:51.0729 0x2478 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 16:01:51.0739 0x2478 TabletInputService - ok 16:01:51.0745 0x2478 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 16:01:51.0769 0x2478 TapiSrv - ok 16:01:51.0778 0x2478 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 16:01:51.0808 0x2478 TBS - ok 16:01:51.0835 0x2478 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:01:51.0869 0x2478 Tcpip - ok 16:01:51.0899 0x2478 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 16:01:51.0931 0x2478 TCPIP6 - ok 16:01:51.0936 0x2478 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:01:51.0954 0x2478 tcpipreg - ok 16:01:51.0956 0x2478 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:01:51.0966 0x2478 TDPIPE - ok 16:01:51.0968 0x2478 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:01:51.0974 0x2478 TDTCP - ok 16:01:51.0977 0x2478 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:01:51.0985 0x2478 tdx - ok 16:01:52.0084 0x2478 [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 16:01:52.0201 0x2478 TeamViewer - ok 16:01:52.0210 0x2478 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:01:52.0216 0x2478 TermDD - ok 16:01:52.0228 0x2478 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 16:01:52.0248 0x2478 TermService - ok 16:01:52.0251 0x2478 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 16:01:52.0261 0x2478 Themes - ok 16:01:52.0264 0x2478 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 16:01:52.0282 0x2478 THREADORDER - ok 16:01:52.0286 0x2478 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 16:01:52.0305 0x2478 TrkWks - ok 16:01:52.0310 0x2478 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:01:52.0329 0x2478 TrustedInstaller - ok 16:01:52.0332 0x2478 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:01:52.0338 0x2478 tssecsrv - ok 16:01:52.0341 0x2478 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 16:01:52.0350 0x2478 TsUsbFlt - ok 16:01:52.0352 0x2478 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 16:01:52.0358 0x2478 TsUsbGD - ok 16:01:52.0361 0x2478 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:01:52.0379 0x2478 tunnel - ok 16:01:52.0382 0x2478 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:01:52.0388 0x2478 uagp35 - ok 16:01:52.0394 0x2478 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:01:52.0416 0x2478 udfs - ok 16:01:52.0420 0x2478 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:01:52.0427 0x2478 UI0Detect - ok 16:01:52.0430 0x2478 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:01:52.0436 0x2478 uliagpkx - ok 16:01:52.0438 0x2478 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:01:52.0445 0x2478 umbus - ok 16:01:52.0447 0x2478 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 16:01:52.0453 0x2478 UmPass - ok 16:01:52.0458 0x2478 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 16:01:52.0468 0x2478 UmRdpService - ok 16:01:52.0475 0x2478 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 16:01:52.0499 0x2478 upnphost - ok 16:01:52.0503 0x2478 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 16:01:52.0513 0x2478 usbaudio - ok 16:01:52.0516 0x2478 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:01:52.0527 0x2478 usbccgp - ok 16:01:52.0530 0x2478 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 16:01:52.0540 0x2478 usbcir - ok 16:01:52.0543 0x2478 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 16:01:52.0550 0x2478 usbehci - ok 16:01:52.0557 0x2478 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:01:52.0567 0x2478 usbhub - ok 16:01:52.0569 0x2478 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 16:01:52.0575 0x2478 usbohci - ok 16:01:52.0578 0x2478 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 16:01:52.0585 0x2478 usbprint - ok 16:01:52.0588 0x2478 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS 16:01:52.0599 0x2478 USBSTOR - ok 16:01:52.0601 0x2478 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 16:01:52.0608 0x2478 usbuhci - ok 16:01:52.0613 0x2478 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 16:01:52.0621 0x2478 usbvideo - ok 16:01:52.0623 0x2478 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 16:01:52.0642 0x2478 UxSms - ok 16:01:52.0644 0x2478 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc C:\Windows\system32\lsass.exe 16:01:52.0650 0x2478 VaultSvc - ok 16:01:52.0652 0x2478 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 16:01:52.0658 0x2478 vdrvroot - ok 16:01:52.0667 0x2478 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 16:01:52.0692 0x2478 vds - ok 16:01:52.0695 0x2478 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:01:52.0703 0x2478 vga - ok 16:01:52.0705 0x2478 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 16:01:52.0723 0x2478 VgaSave - ok 16:01:52.0727 0x2478 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 16:01:52.0736 0x2478 vhdmp - ok 16:01:52.0738 0x2478 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 16:01:52.0743 0x2478 viaide - ok 16:01:52.0748 0x2478 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 16:01:52.0756 0x2478 vmbus - ok 16:01:52.0759 0x2478 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 16:01:52.0766 0x2478 VMBusHID - ok 16:01:52.0768 0x2478 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:01:52.0775 0x2478 volmgr - ok 16:01:52.0782 0x2478 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:01:52.0793 0x2478 volmgrx - ok 16:01:52.0799 0x2478 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:01:52.0809 0x2478 volsnap - ok 16:01:52.0813 0x2478 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:01:52.0820 0x2478 vsmraid - ok 16:01:52.0844 0x2478 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 16:01:52.0887 0x2478 VSS - ok 16:01:52.0891 0x2478 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 16:01:52.0899 0x2478 vwifibus - ok 16:01:52.0907 0x2478 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 16:01:52.0933 0x2478 W32Time - ok 16:01:52.0937 0x2478 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:01:52.0944 0x2478 WacomPen - ok 16:01:52.0948 0x2478 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 16:01:52.0968 0x2478 WANARP - ok 16:01:52.0970 0x2478 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:01:52.0988 0x2478 Wanarpv6 - ok 16:01:53.0017 0x2478 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 16:01:53.0050 0x2478 wbengine - ok 16:01:53.0056 0x2478 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 16:01:53.0068 0x2478 WbioSrvc - ok 16:01:53.0076 0x2478 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:01:53.0091 0x2478 wcncsvc - ok 16:01:53.0094 0x2478 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:01:53.0100 0x2478 WcsPlugInService - ok 16:01:53.0102 0x2478 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 16:01:53.0108 0x2478 Wd - ok 16:01:53.0122 0x2478 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:01:53.0140 0x2478 Wdf01000 - ok 16:01:53.0144 0x2478 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:01:53.0154 0x2478 WdiServiceHost - ok 16:01:53.0157 0x2478 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:01:53.0166 0x2478 WdiSystemHost - ok 16:01:53.0172 0x2478 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll 16:01:53.0183 0x2478 WebClient - ok 16:01:53.0188 0x2478 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:01:53.0211 0x2478 Wecsvc - ok 16:01:53.0214 0x2478 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:01:53.0234 0x2478 wercplsupport - ok 16:01:53.0237 0x2478 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 16:01:53.0256 0x2478 WerSvc - ok 16:01:53.0258 0x2478 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 16:01:53.0276 0x2478 WfpLwf - ok 16:01:53.0278 0x2478 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 16:01:53.0284 0x2478 WIMMount - ok 16:01:53.0286 0x2478 WinDefend - ok 16:01:53.0288 0x2478 WinHttpAutoProxySvc - ok 16:01:53.0295 0x2478 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:01:53.0317 0x2478 Winmgmt - ok 16:01:53.0345 0x2478 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll 16:01:53.0382 0x2478 WinRM - ok 16:01:53.0388 0x2478 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 16:01:53.0396 0x2478 WinUsb - ok 16:01:53.0410 0x2478 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 16:01:53.0433 0x2478 Wlansvc - ok 16:01:53.0436 0x2478 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 16:01:53.0442 0x2478 WmiAcpi - ok 16:01:53.0448 0x2478 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:01:53.0458 0x2478 wmiApSrv - ok 16:01:53.0459 0x2478 WMPNetworkSvc - ok 16:01:53.0462 0x2478 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:01:53.0468 0x2478 WPCSvc - ok 16:01:53.0471 0x2478 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:01:53.0486 0x2478 WPDBusEnum - ok 16:01:53.0488 0x2478 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:01:53.0506 0x2478 ws2ifsl - ok 16:01:53.0510 0x2478 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 16:01:53.0520 0x2478 wscsvc - ok 16:01:53.0523 0x2478 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 16:01:53.0530 0x2478 WSDPrintDevice - ok 16:01:53.0532 0x2478 WSearch - ok 16:01:53.0569 0x2478 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll 16:01:53.0618 0x2478 wuauserv - ok 16:01:53.0624 0x2478 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:01:53.0634 0x2478 WudfPf - ok 16:01:53.0639 0x2478 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:01:53.0648 0x2478 WUDFRd - ok 16:01:53.0651 0x2478 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:01:53.0658 0x2478 wudfsvc - ok 16:01:53.0664 0x2478 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll 16:01:53.0676 0x2478 WwanSvc - ok 16:01:53.0678 0x2478 ================ Scan global =============================== 16:01:53.0680 0x2478 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 16:01:53.0686 0x2478 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll 16:01:53.0693 0x2478 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll 16:01:53.0698 0x2478 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 16:01:53.0705 0x2478 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 16:01:53.0710 0x2478 [ Global ] - ok 16:01:53.0710 0x2478 ================ Scan MBR ================================== 16:01:53.0711 0x2478 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 16:01:53.0749 0x2478 \Device\Harddisk0\DR0 - ok 16:01:53.0750 0x2478 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 16:01:53.0813 0x2478 \Device\Harddisk1\DR1 - ok 16:01:53.0813 0x2478 ================ Scan VBR ================================== 16:01:53.0814 0x2478 [ 3AD6880B39C99BB0074E274409149120 ] \Device\Harddisk0\DR0\Partition1 16:01:53.0815 0x2478 \Device\Harddisk0\DR0\Partition1 - ok 16:01:53.0816 0x2478 [ 436A6422D7ED551E93FF68B1DC9AFC91 ] \Device\Harddisk0\DR0\Partition2 16:01:53.0817 0x2478 \Device\Harddisk0\DR0\Partition2 - ok 16:01:53.0818 0x2478 [ E1FAD69165EA17329B3B94C0E8E80B30 ] \Device\Harddisk1\DR1\Partition1 16:01:53.0819 0x2478 \Device\Harddisk1\DR1\Partition1 - ok 16:01:53.0819 0x2478 ================ Scan generic autorun ====================== 16:01:53.0934 0x2478 [ E1026B2975D308D43E896A108C92F1BD, 562903C88BC3CBD86E9A813001C72576181F2470286040240BAC92E5BF1F1583 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 16:01:54.0050 0x2478 RTHDVCPL - ok 16:01:54.0089 0x2478 [ 94A8196066774252DF015EEDF02CCA44, AD2DFDA427E3CCB5C8404F0AFAFE71C64B862D2E26A67E1BFC2B40738FD0B873 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 16:01:54.0130 0x2478 NvBackend - ok 16:01:54.0150 0x2478 [ 7A727248EBC065BD2BB94A9B2892D190, B1E12ED3D07963EF0FA09B3ECD8AC3FBD316733D968A99C958DF7026B1BDFD99 ] C:\Program Files\Microsoft Security Client\msseces.exe 16:01:54.0178 0x2478 MSC - ok 16:01:54.0185 0x2478 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 16:01:54.0193 0x2478 USB3MON - ok 16:01:54.0211 0x2478 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 16:01:54.0240 0x2478 Sidebar - ok 16:01:54.0244 0x2478 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 16:01:54.0254 0x2478 mctadmin - ok 16:01:54.0271 0x2478 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 16:01:54.0292 0x2478 Sidebar - ok 16:01:54.0296 0x2478 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 16:01:54.0305 0x2478 mctadmin - ok 16:01:54.0397 0x2478 [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] D:\Programme\Steam\steam.exe 16:01:54.0438 0x2478 Steam - ok 16:01:54.0464 0x2478 [ B2C5237118425BF96D71CA9264673CF7, A39DEA103D0D7CD732013CF816BDB05E0B7FB7C5FF1099D7CD773CCC60DE5F32 ] C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe 16:01:54.0492 0x2478 Spotify Web Helper - ok 16:01:54.0586 0x2478 [ D628895B765C16EC9DC9371BEC7964C6, 3E2B8206DB657A38E513061687F81175D78E1D2CDCB2568C2923DB44150568C1 ] C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe 16:01:54.0679 0x2478 Spotify - ok 16:01:54.0721 0x2478 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe 16:01:54.0765 0x2478 HP Deskjet 3050A J611 series (NET) - ok 16:01:54.0791 0x2478 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Sandra\AppData\Local\Microsoft\OneDrive\OneDrive.exe 16:01:54.0821 0x2478 OneDrive - ok 16:01:54.0824 0x2478 Discord - ok 16:01:54.0825 0x2478 Waiting for KSN requests completion. In queue: 109 16:01:55.0832 0x2478 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x61000 ( enabled : updated ) 16:01:55.0833 0x2478 Win FW state via NFP2: enabled ( trusted ) 16:01:55.0942 0x2478 ============================================================ 16:01:55.0942 0x2478 Scan finished 16:01:55.0942 0x2478 ============================================================ 16:01:55.0945 0x25f0 Detected object count: 0 16:01:55.0945 0x25f0 Actual detected object count: 0 |
01.06.2017, 19:06 | #4 |
/// TB-Ausbilder | Unsicher was los ist, Win7 Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
02.06.2017, 12:37 | #5 |
| Unsicher was los ist, Win7 ADW Code:
ATTFilter # AdwCleaner v6.047 - Bericht erstellt am 02/06/2017 um 13:29:41 # Aktualisiert am 19/05/2017 von Malwarebytes # Datenbank : 2017-06-02.1 [Server] # Betriebssystem : Windows 7 Professional Service Pack 1 (X64) # Benutzername : Sandra - CASTLE # Gestartet von : C:\Users\Sandra\Desktop\adwcleaner_6.047(1).exe # Modus: Löschen # Unterstützung : https://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt :: "Image File Execution Options" Schlüssel gelöscht :: "Prefetch" Dateien gelöscht :: Proxy Einstellungen zurückgesetzt :: Firewall Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1377 Bytes] - [01/06/2017 00:40:42] C:\AdwCleaner\AdwCleaner[C2].txt - [1154 Bytes] - [02/06/2017 13:29:41] C:\AdwCleaner\AdwCleaner[S0].txt - [1554 Bytes] - [01/06/2017 00:39:57] C:\AdwCleaner\AdwCleaner[S1].txt - [1509 Bytes] - [02/06/2017 13:29:25] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1373 Bytes] ########## Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 02.06.17 Scan-Zeit: 13:33 Protokolldatei: mbam.txt Administrator: Ja -Softwaredaten- Version: 3.1.2.1733 Komponentenversion: 1.0.139 Version des Aktualisierungspakets: 1.0.2071 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Castle\Sandra -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 319846 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 1 Min., 6 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2017 durchgeführt von Sandra (Administrator) auf CASTLE (02-06-2017 13:35:40) Gestartet von C:\Users\Sandra\Desktop Geladene Profile: Sandra (Verfügbare Profile: Sandra) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Logitech Inc.) C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\LWS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\CameraHelperShell.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Sandra\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Valve Corporation) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\ DisallowedCertificates: 1916A2AF346D399F50313C393200F14140456616 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 2A83E9020591A55FC6DDAD3FB102794C52B24E70 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 3A850044D8A195CD401A680C012CB0A3B5F8DC08 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 40AA38731BD189F9CDB5B9DC35E2136F38777AF4 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 43D9BCB568E039D073A74A71D8511F7476089CC3 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 471C949A8143DB5AD5CDF1C972864A2504FA23C9 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 61793FCBFA4F9008309BBA5FF12D2CB29CD4151A (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 6431723036FD26DEA502792FA595922493030F97 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 7D7F4414CCEF168ADF6BF40753B5BECD78375931 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 80962AE4D6C5B442894E95A13E4A699E07D694CF (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 86E817C81A5CA672FE000F36F878C19518D6F844 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 8E5BD50D6AE686D65252F843A9D4B96D197730AB (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 9845A431D51959CAF225322B4A4FE9F223CE6D15 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: B533345D06F64516403C00DA03187D3BFEF59156 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: C060ED44CBD881BD0EF86C0BA287DDCF8167478C (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: CEA586B2CE593EC7D939898337C57814708AB2BE (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: D018B62DC518907247DF50925BB09ACF4A5CB3AD (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: F8A54E03AADC5692B850496A4C4630FFEAA29D83 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: FA6660A94AB45F6A88C0D7874D89A863D74DEE97 (Avast Antivirus/Software) <==== ACHTUNG HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Steam] => D:\Programme\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Spotify Web Helper] => C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-23] (Spotify Ltd) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Spotify] => C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-23] (Spotify Ltd) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Discord] => C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-18\...\Run: [script_fcbd] => D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat [333 2016-11-09] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-09] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{926621DC-B258-477C-BB1F-963C260A2860}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-170210240-1311727065-2204501080-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-05-29] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-05-29] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-29] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-29] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-05-29] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-29] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6581jtl4.default FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default [2017-06-02] FF Extension: (Lightbeam) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-03-23] FF Extension: (Pin It button) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2016-11-13] FF Extension: (Garmin Communicator) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-09-11] FF Extension: (WOT) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-05-09] FF Extension: (Adblock Plus) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-29] FF Extension: (DownThemAll!) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-29] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default [2017-06-02] CHR Extension: (YouTube) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11] CHR Extension: (Adobe Acrobat) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Google Mail) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11] CHR Extension: (Chrome Media Router) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-06-18] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-06-18] () [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-11-19] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-11-15] (Hi-Rez Studios) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-22] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] () S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-06-18] () R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658) R3 ElgatoVAD; C:\Windows\System32\DRIVERS\ElgatoVAD.sys [28800 2016-08-16] (Elgato Systems GmbH) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-05-31] () R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-12-08] (REALiX(tm)) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188312 2017-06-02] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-02] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-02] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-02] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-06-02] (Malwarebytes) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) S3 SoehnleComfort_x64; C:\Windows\System32\DRIVERS\SoehnleComfort_x64.sys [38400 2012-10-01] () ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-02 13:35 - 2017-06-02 13:35 - 00001395 _____ C:\Users\Sandra\Desktop\mbam.txt 2017-06-02 13:35 - 2017-06-02 13:35 - 00000000 ____D C:\Users\Sandra\Desktop\FRST-OlderVersion 2017-06-02 13:32 - 2017-06-02 13:33 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-06-02 13:32 - 2017-06-02 13:33 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-06-02 13:32 - 2017-06-02 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-06-02 13:32 - 2017-06-02 13:32 - 00000000 ____D C:\Program Files\Malwarebytes 2017-06-02 13:32 - 2017-05-31 11:09 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-06-02 13:31 - 2017-06-02 13:31 - 00001455 _____ C:\Users\Sandra\Desktop\AdwCleaner[C2].txt 2017-06-02 13:26 - 2017-06-02 13:26 - 04110280 _____ C:\Users\Sandra\Desktop\adwcleaner_6.047(1).exe 2017-06-01 16:01 - 2017-06-01 16:03 - 00210268 _____ C:\TDSSKiller.3.1.0.15_01.06.2017_16.01.13_log.txt 2017-06-01 16:00 - 2017-06-01 16:00 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Sandra\Desktop\tdsskiller.exe 2017-06-01 13:51 - 2017-06-01 13:52 - 00000000 ____D C:\Users\Sandra\Desktop\Neue logs 2017-06-01 13:46 - 2017-06-01 13:46 - 00050150 _____ C:\Users\Sandra\Desktop\Addition.txt 2017-06-01 13:45 - 2017-06-02 13:35 - 00023341 _____ C:\Users\Sandra\Desktop\FRST.txt 2017-06-01 01:11 - 2017-06-01 01:11 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2017-06-01 01:11 - 2017-06-01 01:11 - 00000000 ____D C:\Program Files\Microsoft Security Client 2017-06-01 01:11 - 2017-06-01 01:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2017-06-01 00:49 - 2017-06-02 13:35 - 02433536 _____ (Farbar) C:\Users\Sandra\Desktop\FRST64.exe 2017-06-01 00:49 - 2017-06-02 13:35 - 00000000 ____D C:\FRST 2017-06-01 00:45 - 2017-06-01 00:45 - 00003241 _____ C:\Users\Sandra\Desktop\JRT.txt 2017-06-01 00:39 - 2017-06-02 13:29 - 00000000 ____D C:\AdwCleaner 2017-06-01 00:16 - 2017-06-01 01:10 - 00000000 ____D C:\Program Files\Common Files\AV 2017-06-01 00:15 - 2017-06-01 01:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-06-01 00:11 - 2017-06-01 00:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2017-05-30 03:05 - 2017-05-30 03:44 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\discord 2017-05-30 03:05 - 2017-05-30 03:05 - 00002163 _____ C:\Users\Sandra\Desktop\Discord.lnk 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\SquirrelTemp 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\Discord 2017-05-29 18:07 - 2017-05-29 18:07 - 00000000 ____D C:\988d3cdb8da3941b84 2017-05-29 18:06 - 2017-05-29 18:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2017-05-22 18:52 - 2017-05-22 19:06 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2017-05-22 18:52 - 2017-05-22 18:52 - 00000000 ____D C:\Users\Sandra\AppData\Local\PunkBuster 2017-05-22 18:51 - 2017-05-22 19:06 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2017-05-22 18:51 - 2017-05-22 18:58 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2017-05-22 18:51 - 2017-05-22 18:51 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2017-05-22 18:51 - 2017-05-22 18:51 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2017-05-21 16:14 - 2017-05-21 16:14 - 00002591 _____ C:\Users\Public\Desktop\BodyBalanceComfortSelect.lnk 2017-05-21 16:14 - 2017-05-21 16:14 - 00000000 ____D C:\Users\Sandra\AppData\Local\Leifheit_Soehnle 2017-05-21 16:14 - 2017-05-21 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soehnle 2017-05-21 16:14 - 2012-10-01 14:27 - 00038400 _____ () C:\Windows\system32\Drivers\SoehnleComfort_x64.sys 2017-05-20 17:52 - 2017-05-20 17:52 - 00000911 _____ C:\Users\Sandra\Desktop\WizeBot App.lnk 2017-05-20 17:52 - 2017-05-20 17:52 - 00000000 ____D C:\Users\Sandra\AppData\Local\Wizebot.tv 2017-05-17 20:11 - 2017-05-19 21:09 - 00000000 ____D C:\Users\Sandra\Desktop\Stadtpark+Webweek 2017-05-16 18:19 - 2017-05-16 18:20 - 00000000 ____D C:\Users\Sandra\Desktop\webweek 2017-05-13 14:28 - 2017-05-13 14:28 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Google 2017-05-12 22:36 - 2017-05-12 22:36 - 00000000 ____D C:\637c73e1917518b955979b83 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-02 13:33 - 2016-11-01 15:12 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-06-02 13:33 - 2016-11-01 15:12 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-06-02 13:33 - 2016-10-31 14:15 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-02 13:32 - 2016-10-31 14:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-06-02 13:31 - 2016-11-18 22:20 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\Mozilla 2017-06-02 13:30 - 2016-09-11 17:54 - 00000000 ____D C:\Users\Sandra\AppData\Local\Spotify 2017-06-02 13:30 - 2016-09-11 17:53 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Spotify 2017-06-02 13:30 - 2016-09-10 21:55 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-02 13:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-02 13:22 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-02 13:22 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-02 04:35 - 2016-09-11 00:07 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\TS3Client 2017-06-02 04:30 - 2016-09-18 19:27 - 00000000 ____D C:\Users\Sandra\AppData\Local\CrashDumps 2017-06-02 03:46 - 2016-09-10 22:28 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\obs-studio 2017-06-02 02:00 - 2016-09-20 15:36 - 00000000 ____D C:\Users\Sandra\AppData\Local\Adobe 2017-06-01 01:12 - 2016-11-02 22:46 - 00001912 _____ C:\Windows\epplauncher.mif 2017-06-01 01:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-06-01 00:52 - 2017-05-01 23:37 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\Temp 2017-06-01 00:15 - 2016-09-23 01:37 - 00000000 ____D C:\Users\master 2017-05-31 15:49 - 2016-09-11 07:07 - 00698804 _____ C:\Windows\system32\perfh007.dat 2017-05-31 15:49 - 2016-09-11 07:07 - 00148944 _____ C:\Windows\system32\perfc007.dat 2017-05-31 15:49 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-30 14:17 - 2016-09-18 14:55 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Skype 2017-05-29 18:07 - 2017-01-02 19:58 - 00000000 ___HT C:\Windows\wusa.lock 2017-05-29 18:06 - 2016-09-14 17:00 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-29 18:06 - 2016-09-14 16:59 - 00000000 ____D C:\Program Files\Microsoft Office 2017-05-29 18:06 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-05-22 19:51 - 2016-09-10 22:23 - 00000000 ____D C:\Users\Sandra\AppData\Local\Ubisoft Game Launcher 2017-05-13 23:16 - 2016-10-10 22:03 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Audacity 2017-05-12 22:32 - 2016-09-14 21:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-12 22:32 - 2016-09-14 21:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-09 17:34 - 2016-10-23 13:05 - 00001198 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2017-05-09 15:39 - 2016-09-30 13:46 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-09 15:39 - 2016-09-20 15:37 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-05-09 15:39 - 2016-09-20 15:37 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-09 15:39 - 2016-09-20 15:37 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-09 15:39 - 2016-09-20 15:37 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-09 15:39 - 2016-09-20 15:37 - 00000000 ____D C:\Windows\system32\Macromed ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-10-23 00:46 - 2016-10-23 01:50 - 0007660 _____ () C:\Users\Sandra\AppData\Local\Resmon.ResmonCfg 2017-01-31 20:11 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Sandra\AppData\Local\TroubleshooterConfig.json 2016-09-24 10:22 - 2016-09-24 10:22 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-09-10 21:49 - 2016-09-10 21:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== 2017-06-01 01:13 - 2017-06-01 01:13 - 2893072 _____ (Microsoft Corporation) C:\Users\Sandra\AppData\Local\Temp\mpam-22f98529.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-04 16:18 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-06-2017 durchgeführt von Sandra (02-06-2017 13:35:54) Gestartet von C:\Users\Sandra\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-09-10 19:17:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-170210240-1311727065-2204501080-500 - Administrator - Disabled) Gast (S-1-5-21-170210240-1311727065-2204501080-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-170210240-1311727065-2204501080-1002 - Limited - Enabled) Sandra (S-1-5-21-170210240-1311727065-2204501080-1000 - Administrator - Enabled) => C:\Users\Sandra ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) Ansel (Version: 372.70 - NVIDIA Corporation) Hidden Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version: - Ubisoft) Body Balance Comfort Select Software (HKLM-x32\...\{F873D7A3-94D8-4B6D-B567-A56AB38AC1C0}) (Version: 1.1.4 - Leifheit AG) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.) Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) Discord (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs) Elgato Game Capture HD (HKLM\...\{879C5944-7B88-444B-A6B0-509CBC72B48D}) (Version: 3.20.33.1533 - Elgato Systems GmbH) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft) Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft) Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems) Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems) Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems) Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Support Solutions Framework (HKLM-x32\...\{D549B5E2-DBE8-4190-ABA5-71106264398C}) (Version: 12.6.14.19 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HWiNFO64 Version 5.40 (HKLM\...\HWiNFO64_is1) (Version: 5.40 - Martin Malík - REALiX) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan) Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft .NET Framework 4.6.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Moobot Assistant (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\40790fab0e175d6b) (Version: 1.0.0.1 - Knudsen Apps) Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla) Mozilla Firefox 53.0.3 (x86 de) (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 45.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 de)) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 52.1.1 (x86 de) (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Mozilla Thunderbird 52.1.1 (x86 de)) (Version: 52.1.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden osu! (HKLM-x32\...\{f1ce1bae-e14e-4c0a-8542-1c70c385ecb3}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft) The Sims(TM) 3 (HKLM\...\Steam App 47890) (Version: - The Sims Studio) The Way of Life Free Edition (HKLM\...\Steam App 310370) (Version: - Fabio Ferrara) Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 4.FFD.2016 - Thrustmaster) Tomb Raider (HKLM\...\Steam App 203160) (Version: - Crystal Dynamics) Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Warface (HKLM\...\Steam App 291480) (Version: - Crytek) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WizeBot.tv App (HKLM-x32\...\WizeBot.tv App) (Version: V1.1 - WizeBot.tv) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Sandra\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Program Files (x86)\Google\Update\1.3.31.5\psmachine_64.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {030541F0-B768-4F2A-8747-93484D79F086} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-29] () Task: {20F5F719-3E38-499A-BE41-5E74BF4912CE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {226F4FFD-61EC-44DD-8D24-9C5C1234F0C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {42FE1C37-17C7-4F94-9784-C79D140BFA30} - System32\Tasks\AdobeAAMUpdater-1.0-Castle-Sandra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {4DDD6B8A-9D04-41C9-8C7C-8A307D2CD02E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {611773C4-A794-4BBD-8CD9-BAAB830EE6EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated) Task: {630D0C5E-C5CB-428E-8153-9A9B48F13D02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {6529DB75-F9E2-4AC3-BD2F-CE36FC9079EE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-29] (Microsoft Corporation) Task: {7809FD34-864B-4680-B569-C7773538EC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.) Task: {8A57B12A-51B0-4DDF-BF45-A567B54043DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.) Task: {8FDC7AFA-4BD7-437F-BB1E-553DEA5466B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-29] () Task: {A435AE87-616B-42A7-A993-C6958CF3D383} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-29] (Microsoft Corporation) Task: {DA30241B-CAC7-4868-AFE3-3F397DAC668F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {E2AF3C6C-4397-4DD3-81FA-36853E1A498B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {E98D8BE8-C388-4ED4-B938-1C3D820236DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-29] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1cdcadec15321c01\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-09-10 21:55 - 2016-08-25 23:10 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-10 21:48 - 2014-06-18 07:54 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2017-05-22 18:51 - 2017-05-22 18:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-09-18 16:00 - 2016-08-26 01:28 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\CameraHelperShell.exe 2016-08-08 05:37 - 2016-08-08 05:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2017-06-02 13:32 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-11 13:55 - 2017-05-17 03:54 - 00678176 _____ () D:\Programme\Steam\SDL2.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 04969248 _____ () D:\Programme\Steam\v8.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 01563936 _____ () D:\Programme\Steam\icui18n.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 01195296 _____ () D:\Programme\Steam\icuuc.dll 2016-09-11 13:55 - 2017-06-01 21:50 - 02485536 _____ () D:\Programme\Steam\video.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 02549760 _____ () D:\Programme\Steam\libavcodec-56.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll 2016-09-11 13:55 - 2017-06-01 21:50 - 00877856 _____ () D:\Programme\Steam\bin\chromehtml.DLL 2016-09-11 13:55 - 2016-07-05 00:17 - 00266560 _____ () D:\Programme\Steam\openvr_api.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 67117168 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libcef.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-05-30 03:05 - 2017-05-30 03:05 - 01082880 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-05-30 03:05 - 2017-05-30 03:05 - 03750400 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-05-30 03:05 - 2017-05-30 03:05 - 00914432 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2016-08-29 10:09 - 2016-08-29 10:09 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtCore4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtGui4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtXml4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 02253424 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libglesv2.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 00086640 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libegl.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 50656768 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-06-02 13:30 - 2017-06-02 13:30 - 00148992 _____ () \\?\C:\Users\Sandra\AppData\Local\Temp\7C6F.tmp.node 2017-05-30 03:05 - 2017-05-30 03:05 - 02658296 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-05-30 03:06 - 2017-05-30 03:06 - 02665976 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node 2016-09-11 00:04 - 2015-10-06 21:26 - 01874944 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 00075264 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-12-13 14:42 - 2017-05-08 21:45 - 69516064 _____ () D:\Programme\Steam\bin\cef\cef.win7\libcef.dll 2016-09-11 13:55 - 2017-06-01 21:50 - 00385312 _____ () D:\Programme\Steam\steam.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: asComSvc => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe MSCONFIG\startupreg: Elgato Sound Capture => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe -hide_settings MSCONFIG\startupreg: PDFPrint => "D:\Programme\PDF24\pdf24.exe" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{D7819B9F-2B1C-4400-8A10-1C86701C2A1C}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{EB96D93C-F35D-45FD-B2D6-FCF19E6E31B8}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [TCP Query User{A73A09E1-6C0A-4967-951D-5FA7F0E58A24}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{82B41B8A-5A28-4708-8185-D3F33D64CB75}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{1295E0E4-9A1D-450A-B670-E0935ECE33A3}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{4242FCCB-05A2-4472-83A5-D406AC9A91C9}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [{0676917C-9BE8-429B-9E41-7C6D3E1ADD16}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{CDF7CB05-C862-438E-BCD9-434B31208713}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{B2B525BA-E365-4765-9ED7-775E0162E10C}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AF3C2F39-6B92-400E-B200-B92FBBAA9651}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{0256CCF1-AA7B-4A42-9225-972384C0E5BD}] => (Block) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [{344682ED-EDBE-4344-A446-511FD2100D7C}] => (Block) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/02/2017 01:31:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/02/2017 01:16:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/02/2017 04:30:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: cef-bootstrap.exe, Version: 0.0.0.0, Zeitstempel: 0x591ca392 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c0b4 Ausnahmecode: 0xe0000008 Fehleroffset: 0x000000000001a06d ID des fehlerhaften Prozesses: 0x20c4 Startzeit der fehlerhaften Anwendung: 0x01d2db3ed2c67583 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 8104194a-473b-11e7-b2b5-1cb72caa10b4 Error: (06/02/2017 03:26:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm obs64.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 478 Startzeit: 01d2db225b29986c Endzeit: 46 Anwendungspfad: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe Berichts-ID: 83699c0c-4732-11e7-b2b5-1cb72caa10b4 Error: (06/01/2017 11:56:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/01/2017 05:02:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SndVol.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7aced Name des fehlerhaften Moduls: SndVol.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7aced Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001d612 ID des fehlerhaften Prozesses: 0x29b8 Startzeit der fehlerhaften Anwendung: 0x01d2dae13e6154e4 Pfad der fehlerhaften Anwendung: C:\Windows\system32\SndVol.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\SndVol.exe Berichtskennung: 57b30b8e-46db-11e7-b0dd-1cb72caa10b4 Error: (06/01/2017 03:21:27 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Eigene Dateien\Downloads\vcredist_arm.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (06/01/2017 12:13:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/01/2017 01:07:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 53.0.3.6347, Zeitstempel: 0x591d5a0c Name des fehlerhaften Moduls: xul.dll, Version: 53.0.3.6347, Zeitstempel: 0x591d59fb Ausnahmecode: 0x80000003 Fehleroffset: 0x007ffe99 ID des fehlerhaften Prozesses: 0x15c4 Startzeit der fehlerhaften Anwendung: 0x01d2da61530f8d23 Pfad der fehlerhaften Anwendung: D:\Programme\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: D:\Programme\Mozilla Firefox\xul.dll Berichtskennung: eed15eb0-4655-11e7-bcfd-1cb72caa10b4 Error: (06/01/2017 12:54:35 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Systemfehler: ============= Error: (06/02/2017 01:31:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} und APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error: (06/02/2017 01:29:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.245.305.0 Aktualisierungsquelle: Microsoft Update Server Aktualisierungsphase: Suchen Quellpfad: hxxp://www.microsoft.com Signaturtyp: AntiVirus Aktualisierungstyp: Vollständig Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.13804.0 Fehlercode: 0x8024001e Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". Error: (06/02/2017 01:29:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/02/2017 01:29:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/02/2017 01:29:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/02/2017 01:29:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/02/2017 01:29:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/02/2017 01:29:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/02/2017 01:29:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/02/2017 01:29:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) PROSet Monitoring Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 8132.24 MB Verfügbarer physikalischer RAM: 4209.19 MB Summe virtueller Speicher: 16262.67 MB Verfügbarer virtueller Speicher: 11813.15 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:111.25 GB) (Free:30.13 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:800.94 GB) NTFS Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DC39A4D3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC39A4DC) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
02.06.2017, 19:54 | #6 |
/// TB-Ausbilder | Unsicher was los ist, Win7 Servus, Schritt 1
Schritt 2
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche? Bitte poste mit deiner nächsten Antwort
|
04.06.2017, 13:18 | #7 |
| Unsicher was los ist, Win7 fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017 durchgeführt von Sandra (04-06-2017 14:14:37) Run:3 Gestartet von C:\Users\Sandra\Desktop Geladene Profile: Sandra (Verfügbare Profile: Sandra) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: HKLM\ DisallowedCertificates: 1916A2AF346D399F50313C393200F14140456616 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 2A83E9020591A55FC6DDAD3FB102794C52B24E70 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 3A850044D8A195CD401A680C012CB0A3B5F8DC08 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 40AA38731BD189F9CDB5B9DC35E2136F38777AF4 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 43D9BCB568E039D073A74A71D8511F7476089CC3 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 471C949A8143DB5AD5CDF1C972864A2504FA23C9 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 61793FCBFA4F9008309BBA5FF12D2CB29CD4151A (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 6431723036FD26DEA502792FA595922493030F97 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 7D7F4414CCEF168ADF6BF40753B5BECD78375931 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 80962AE4D6C5B442894E95A13E4A699E07D694CF (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 86E817C81A5CA672FE000F36F878C19518D6F844 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 8E5BD50D6AE686D65252F843A9D4B96D197730AB (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: 9845A431D51959CAF225322B4A4FE9F223CE6D15 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: B533345D06F64516403C00DA03187D3BFEF59156 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: C060ED44CBD881BD0EF86C0BA287DDCF8167478C (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: CEA586B2CE593EC7D939898337C57814708AB2BE (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: D018B62DC518907247DF50925BB09ACF4A5CB3AD (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: F8A54E03AADC5692B850496A4C4630FFEAA29D83 (Avast Antivirus/Software) <==== ACHTUNG HKLM\ DisallowedCertificates: FA6660A94AB45F6A88C0D7874D89A863D74DEE97 (Avast Antivirus/Software) <==== ACHTUNG CMD: dir "%ProgramFiles%" CMD: dir "%ProgramFiles(x86)%" CMD: dir "%ProgramData%" CMD: dir "%Appdata%" CMD: dir "%LocalAppdata%" CMD: dir "C:\" RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: ***************** Prozesse erfolgreich geschlossen. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 => Schlüssel nicht gefunden. HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 => Schlüssel nicht gefunden. ========= dir "%ProgramFiles%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 8CF3-70E3 Verzeichnis von C:\Program Files 02.06.2017 13:32 <DIR> . 02.06.2017 13:32 <DIR> .. 14.11.2016 15:50 <DIR> Adobe 10.09.2016 21:50 <DIR> ASUS 01.06.2017 00:16 <DIR> Common Files 11.09.2016 07:07 <DIR> DVD Maker 17.02.2017 00:06 <DIR> Elgato 24.09.2016 10:22 <DIR> HP 10.09.2016 21:34 <DIR> Intel 14.11.2016 15:11 <DIR> Internet Explorer 02.06.2017 13:32 <DIR> Malwarebytes 29.05.2017 18:06 <DIR> Microsoft Office 14.09.2016 16:59 <DIR> Microsoft Office 15 14.09.2016 16:36 <DIR> Microsoft Office 15_x 01.06.2017 01:11 <DIR> Microsoft Security Client 14.07.2009 07:32 <DIR> MSBuild 18.09.2016 16:00 <DIR> NVIDIA Corporation 10.09.2016 21:49 <DIR> Realtek 14.07.2009 07:32 <DIR> Reference Assemblies 11.09.2016 07:07 <DIR> Windows Defender 11.09.2016 07:07 <DIR> Windows Journal 11.09.2016 07:07 <DIR> Windows Mail 13.10.2016 16:08 <DIR> Windows Media Player 10.09.2016 21:17 <DIR> Windows NT 11.09.2016 07:07 <DIR> Windows Photo Viewer 21.11.2010 05:31 <DIR> Windows Portable Devices 11.09.2016 07:07 <DIR> Windows Sidebar 0 Datei(en), 0 Bytes 27 Verzeichnis(se), 33.136.672.768 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramFiles(x86)%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 8CF3-70E3 Verzeichnis von C:\Program Files (x86) 02.06.2017 13:32 <DIR> . 02.06.2017 13:32 <DIR> .. 14.11.2016 15:35 <DIR> Adobe 10.09.2016 21:48 <DIR> ASUS 10.03.2017 00:25 <DIR> Common Files 17.02.2017 00:05 <DIR> Elgato 14.09.2016 21:41 <DIR> Google 24.09.2016 10:20 <DIR> Hewlett-Packard 24.09.2016 10:22 <DIR> HP 11.09.2016 14:14 <DIR> Intel 14.11.2016 15:11 <DIR> Internet Explorer 11.09.2016 14:44 <DIR> Logitech Cam 03.11.2016 02:48 <DIR> Microsoft ASP.NET 11.09.2016 15:21 <DIR> Microsoft OneDrive 01.06.2017 01:11 <DIR> Microsoft Security Client 14.09.2016 17:07 <DIR> Microsoft.NET 11.09.2016 14:49 <DIR> Mozilla Maintenance Service 14.07.2009 07:32 <DIR> MSBuild 18.09.2016 16:00 <DIR> NVIDIA Corporation 23.04.2017 14:29 <DIR> OBS 23.10.2016 13:05 <DIR> obs-studio 10.09.2016 22:17 <DIR> Razer 10.09.2016 21:48 <DIR> Realtek 14.07.2009 07:32 <DIR> Reference Assemblies 10.03.2017 00:25 <DIR> Skype 08.03.2017 21:31 <DIR> TeamViewer 09.11.2016 22:10 <DIR> Thrustmaster 18.09.2016 15:59 <DIR> VulkanRT 11.09.2016 07:07 <DIR> Windows Defender 11.09.2016 07:07 <DIR> Windows Mail 13.10.2016 16:08 <DIR> Windows Media Player 14.07.2009 07:32 <DIR> Windows NT 11.09.2016 07:07 <DIR> Windows Photo Viewer 21.11.2010 05:31 <DIR> Windows Portable Devices 11.09.2016 07:07 <DIR> Windows Sidebar 0 Datei(en), 0 Bytes 35 Verzeichnis(se), 33.136.615.424 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramData%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 8CF3-70E3 Verzeichnis von C:\ProgramData 14.11.2016 15:50 <DIR> Adobe 24.09.2016 10:22 57 Ament.ini 10.09.2016 22:54 <DIR> AVS4YOU 18.11.2016 01:25 <DIR> Battle.net 18.11.2016 01:27 <DIR> Blizzard Entertainment 03.02.2017 15:07 <DIR> BlueStacksSetup 17.03.2017 14:30 <DIR> boost_interprocess 23.11.2016 01:18 <DIR> GFACE 25.09.2016 14:18 <DIR> Hewlett-Packard 23.11.2016 02:02 <DIR> Hi-Rez Studios 24.09.2016 10:22 <DIR> HP 01.06.2017 01:10 <DIR> Kaspersky Lab 01.06.2017 00:11 <DIR> Kaspersky Lab Setup Files 11.09.2016 14:44 <DIR> LogiShrd 02.06.2017 13:32 <DIR> Malwarebytes 31.10.2016 21:59 <DIR> Malwarebytes' Anti-Malware (portable) 11.09.2016 15:21 <DIR> Microsoft OneDrive 01.06.2017 00:15 262.144 ntuser.dat 04.06.2017 14:11 <DIR> NVIDIA 01.11.2016 14:45 <DIR> NVIDIA Corporation 01.05.2017 03:17 <DIR> Package Cache 10.09.2016 22:17 <DIR> Razer 29.05.2017 18:06 <DIR> regid.1991-06.com.microsoft 10.09.2016 22:37 <DIR> Riot Games 10.03.2017 00:25 <DIR> Skype 09.11.2016 22:19 <DIR> X360CE 2 Datei(en), 262.201 Bytes 24 Verzeichnis(se), 33.136.562.176 Bytes frei ========= Ende von CMD: ========= ========= dir "%Appdata%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 8CF3-70E3 Verzeichnis von C:\Users\Sandra\AppData\Roaming 01.06.2017 13:46 <DIR> . 01.06.2017 13:46 <DIR> .. 15.11.2016 00:21 <DIR> Adobe 23.04.2017 19:27 <DIR> AnkhHeart 13.05.2017 23:16 <DIR> Audacity 10.09.2016 22:54 <DIR> AVS4YOU 18.11.2016 01:28 <DIR> Battle.net 30.05.2017 03:44 <DIR> discord 26.02.2017 17:55 <DIR> Elgato 04.11.2016 17:42 <DIR> Godot 13.05.2017 14:28 <DIR> Google 01.10.2016 12:56 <DIR> HpUpdate 10.09.2016 21:17 <DIR> Identities 11.09.2016 23:29 <DIR> IrfanView 11.09.2016 14:44 <DIR> Leadertech 10.09.2016 22:38 <DIR> LolClient 10.09.2016 22:38 <DIR> Macromedia 21.11.2010 09:16 <DIR> Media Center Programs 10.09.2016 22:00 <DIR> Mozilla 23.11.2016 01:21 <DIR> NVIDIA 23.10.2016 12:24 <DIR> OBS 04.06.2017 01:56 <DIR> obs-studio 15.01.2017 22:37 <DIR> PDAppFlex 04.06.2017 12:25 <DIR> Skype 04.06.2017 14:12 <DIR> Spotify 12.10.2016 18:15 <DIR> TeamViewer 11.09.2016 14:49 <DIR> Thunderbird 02.06.2017 04:35 <DIR> TS3Client 17.09.2016 01:13 <DIR> WinRAR 0 Datei(en), 0 Bytes 29 Verzeichnis(se), 33.136.496.640 Bytes frei ========= Ende von CMD: ========= ========= dir "%LocalAppdata%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 8CF3-70E3 Verzeichnis von C:\Users\Sandra\AppData\Local 04.06.2017 14:11 <DIR> . 04.06.2017 14:11 <DIR> .. 04.06.2017 02:00 <DIR> Adobe 23.04.2017 14:29 <DIR> Apps 11.09.2016 14:39 <DIR> assembly 10.10.2016 22:03 <DIR> Audacity 22.11.2016 02:44 <DIR> Battle.net 18.11.2016 01:27 <DIR> Blizzard Entertainment 03.02.2017 15:14 <DIR> Bluestacks 10.09.2016 22:28 <DIR> CEF 13.12.2016 14:43 <DIR> Chromium 03.10.2016 18:36 <DIR> Craft'n'Build 02.06.2017 04:30 <DIR> CrashDumps 23.11.2016 01:21 <DIR> CrashRpt 20.09.2016 02:47 <DIR> DeadByDaylight 24.04.2017 01:29 <DIR> Deployment 14.11.2016 19:14 <DIR> Diagnostics 30.05.2017 03:05 <DIR> Discord 10.10.2016 21:53 <DIR> Downloaded Installations 15.10.2016 13:14 <DIR> ElevatedDiagnostics 13.10.2016 16:09 112.184 GDIPFONTCACHEV1.DAT 02.11.2016 00:33 <DIR> Google 24.09.2016 10:20 <DIR> Hewlett-Packard 23.11.2016 01:59 <DIR> HirezLauncherUI 24.09.2016 10:23 <DIR> HP 17.02.2017 00:06 <DIR> IsolatedStorage 21.05.2017 16:14 <DIR> Leifheit_Soehnle 11.09.2016 14:46 <DIR> Logitech© Webcam-Software 20.09.2016 15:44 <DIR> Macromedia 02.05.2017 21:10 <DIR> Microsoft 10.09.2016 22:13 <DIR> Mozilla 18.09.2016 16:00 <DIR> NVIDIA 18.09.2016 16:00 <DIR> NVIDIA Corporation 03.11.2016 19:18 <DIR> PDF24 10.09.2016 22:53 <DIR> Programs 22.05.2017 18:52 <DIR> PunkBuster 11.09.2016 00:04 <DIR> Razer 23.10.2016 01:50 7.660 Resmon.ResmonCfg 11.09.2016 00:21 <DIR> RzStats 04.06.2017 12:19 <DIR> Spotify 30.05.2017 03:05 <DIR> SquirrelTemp 13.12.2016 14:43 <DIR> Steam 02.06.2017 14:07 <DIR> TeamViewer 04.06.2017 14:14 <DIR> Temp 15.01.2017 22:37 <DIR> Tempzxpsign2a042ad500a87df1 15.01.2017 22:37 <DIR> Tempzxpsign2fbf2bb04121316d 15.11.2016 01:26 <DIR> Tempzxpsign4eaef444b1a205b2 14.11.2016 15:51 <DIR> Tempzxpsign612182ee4832aaf8 15.01.2017 22:37 <DIR> Tempzxpsign65a4bb5afd65ad35 14.11.2016 15:51 <DIR> Tempzxpsignc1215ccb36056663 14.11.2016 15:51 <DIR> Tempzxpsigne38eaa03eb080553 11.09.2016 14:57 <DIR> Thunderbird 23.11.2016 15:37 570 TroubleshooterConfig.json 26.02.2017 16:24 <DIR> ub65x 18.09.2016 15:52 <DIR> Ubisoft 22.05.2017 19:51 <DIR> Ubisoft Game Launcher 01.05.2017 03:18 <DIR> UnrealEngine 10.09.2016 21:17 <DIR> VirtualStore 23.11.2016 01:29 <DIR> wf-launcher 20.05.2017 17:52 <DIR> Wizebot.tv 3 Datei(en), 120.414 Bytes 57 Verzeichnis(se), 33.136.447.488 Bytes frei ========= Ende von CMD: ========= ========= dir "C:\" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 8CF3-70E3 Verzeichnis von C:\ 02.03.2017 15:03 <DIR> 0dcd7d507ee9481323fecb97b243 02.01.2017 19:58 <DIR> 14dbf7121797f45ec3b9c23fcd 02.05.2017 14:28 <DIR> 3d20728df97b20f7aecc862c793a 03.04.2017 21:54 <DIR> 54b79286075e70427c76d11117 12.05.2017 22:36 <DIR> 637c73e1917518b955979b83 22.03.2017 19:09 <DIR> 6589ccd5e8339d8a2e3fac5c09df 22.03.2017 12:01 <DIR> 6d481ef1eaed81ceefd5af419954 29.05.2017 18:07 <DIR> 988d3cdb8da3941b84 12.01.2017 15:28 <DIR> a8107a508f9f72029f 02.06.2017 13:29 <DIR> AdwCleaner 24.09.2015 23:06 206 audio.log 28.06.2016 19:18 <DIR> Dead by Daylight 02.11.2016 22:42 1.077 DelFix.txt 11.09.2016 07:07 <DIR> Drivers 04.06.2017 14:14 <DIR> FRST 10.09.2016 21:03 <DIR> Hotfix 08.09.2016 16:47 <DIR> inetpub 24.09.2015 22:59 <DIR> Intel 27.09.2015 16:01 <DIR> NVIDIA 14.07.2009 05:20 <DIR> PerfLogs 02.06.2017 13:32 <DIR> Program Files 02.06.2017 13:32 <DIR> Program Files (x86) 27.09.2015 16:35 <DIR> Riot Games 08.06.2016 00:46 95 SILENT 19.11.2015 16:19 <DIR> System.sav 01.06.2017 16:03 210.268 TDSSKiller.3.1.0.15_01.06.2017_16.01.13_log.txt 18.09.2016 16:00 <DIR> Temp 23.09.2016 01:37 <DIR> Users 01.06.2017 01:10 <DIR> Windows 4 Datei(en), 211.646 Bytes 25 Verzeichnis(se), 33.136.365.568 Bytes frei ========= Ende von CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-170210240-1311727065-2204501080-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-170210240-1311727065-2204501080-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zurckgesetzt. Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen. ========= Ende von CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8026056 B Java, Flash, Steam htmlcache => 138240 B Windows/system/drivers => 32110 B Edge => 0 B Chrome => 0 B Firefox => 7105209 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B Sandra => 2729402 B RecycleBin => 0 B EmptyTemp: => 17.2 MB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 14:14:40 ==== frst Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017 durchgeführt von Sandra (Administrator) auf CASTLE (04-06-2017 14:16:17) Gestartet von C:\Users\Sandra\Desktop Geladene Profile: Sandra (Verfügbare Profile: Sandra) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Logitech Inc.) C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\LWS.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\CameraHelperShell.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe (Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Hammer & Chisel, Inc.) C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe (Razer, Inc.) C:\Users\Sandra\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Valve Corporation) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_25_0_0_171.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_25_0_0_171.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Steam] => D:\Programme\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Spotify Web Helper] => C:\Users\Sandra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-23] (Spotify Ltd) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Spotify] => C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-23] (Spotify Ltd) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Run: [Discord] => C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-18\...\Run: [script_fcbd] => D:\Programme\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat [333 2016-11-09] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-09] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{926621DC-B258-477C-BB1F-963C260A2860}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-170210240-1311727065-2204501080-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-05-29] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-05-29] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-29] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-29] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-05-29] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-29] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-29] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6581jtl4.default FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default [2017-06-04] FF Extension: (Lightbeam) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2017-03-23] FF Extension: (Pin It button) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2016-11-13] FF Extension: (Garmin Communicator) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-09-11] FF Extension: (WOT) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-05-09] FF Extension: (Adblock Plus) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-29] FF Extension: (DownThemAll!) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\6581jtl4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-29] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default [2017-06-04] CHR Extension: (YouTube) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11] CHR Extension: (Adobe Acrobat) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Google Mail) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11] CHR Extension: (Chrome Media Router) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-06-18] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-06-18] () [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-11-19] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-11-15] (Hi-Rez Studios) [Datei ist nicht signiert] S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-22] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] () S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-06-18] () R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658) R3 ElgatoVAD; C:\Windows\System32\DRIVERS\ElgatoVAD.sys [28800 2016-08-16] (Elgato Systems GmbH) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-05-31] () R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-12-08] (REALiX(tm)) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188312 2017-06-02] (Malwarebytes) R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-04] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-04] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-04] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-06-04] (Malwarebytes) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) S3 SoehnleComfort_x64; C:\Windows\System32\DRIVERS\SoehnleComfort_x64.sys [38400 2012-10-01] () ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-04 14:11 - 2017-06-04 14:14 - 00021458 _____ C:\Users\Sandra\Desktop\Fixlog.txt 2017-06-04 14:11 - 2017-06-04 14:11 - 00021594 _____ C:\Users\Sandra\Desktop\Fixlogohnefixlist.txt 2017-06-02 14:07 - 2017-06-02 14:07 - 00000000 ____D C:\Users\Sandra\AppData\Local\TeamViewer 2017-06-02 13:35 - 2017-06-04 14:11 - 00000000 ____D C:\Users\Sandra\Desktop\FRST-OlderVersion 2017-06-02 13:35 - 2017-06-02 13:35 - 00001395 _____ C:\Users\Sandra\Desktop\mbam.txt 2017-06-02 13:32 - 2017-06-04 14:15 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-06-02 13:32 - 2017-06-02 13:33 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-06-02 13:32 - 2017-06-02 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-06-02 13:32 - 2017-06-02 13:32 - 00000000 ____D C:\Program Files\Malwarebytes 2017-06-02 13:32 - 2017-05-31 11:09 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-06-02 13:31 - 2017-06-02 13:31 - 00001455 _____ C:\Users\Sandra\Desktop\AdwCleaner[C2].txt 2017-06-02 13:26 - 2017-06-02 13:26 - 04110280 _____ C:\Users\Sandra\Desktop\adwcleaner_6.047(1).exe 2017-06-01 16:01 - 2017-06-01 16:03 - 00210268 _____ C:\TDSSKiller.3.1.0.15_01.06.2017_16.01.13_log.txt 2017-06-01 16:00 - 2017-06-01 16:00 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Sandra\Desktop\tdsskiller.exe 2017-06-01 13:51 - 2017-06-01 13:52 - 00000000 ____D C:\Users\Sandra\Desktop\Neue logs 2017-06-01 13:46 - 2017-06-02 13:36 - 00040115 _____ C:\Users\Sandra\Desktop\Addition.txt 2017-06-01 13:45 - 2017-06-04 14:16 - 00020708 _____ C:\Users\Sandra\Desktop\FRST.txt 2017-06-01 01:11 - 2017-06-01 01:11 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2017-06-01 01:11 - 2017-06-01 01:11 - 00000000 ____D C:\Program Files\Microsoft Security Client 2017-06-01 01:11 - 2017-06-01 01:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2017-06-01 00:49 - 2017-06-04 14:16 - 00000000 ____D C:\FRST 2017-06-01 00:49 - 2017-06-04 14:11 - 02433536 _____ (Farbar) C:\Users\Sandra\Desktop\FRST64.exe 2017-06-01 00:45 - 2017-06-01 00:45 - 00003241 _____ C:\Users\Sandra\Desktop\JRT.txt 2017-06-01 00:39 - 2017-06-02 13:29 - 00000000 ____D C:\AdwCleaner 2017-06-01 00:16 - 2017-06-01 01:10 - 00000000 ____D C:\Program Files\Common Files\AV 2017-06-01 00:15 - 2017-06-01 01:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-06-01 00:11 - 2017-06-01 00:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2017-05-30 03:05 - 2017-05-30 03:44 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\discord 2017-05-30 03:05 - 2017-05-30 03:05 - 00002163 _____ C:\Users\Sandra\Desktop\Discord.lnk 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\SquirrelTemp 2017-05-30 03:05 - 2017-05-30 03:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\Discord 2017-05-29 18:07 - 2017-05-29 18:07 - 00000000 ____D C:\988d3cdb8da3941b84 2017-05-29 18:06 - 2017-05-29 18:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2017-05-22 18:52 - 2017-05-22 19:06 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2017-05-22 18:52 - 2017-05-22 18:52 - 00000000 ____D C:\Users\Sandra\AppData\Local\PunkBuster 2017-05-22 18:51 - 2017-05-22 19:06 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2017-05-22 18:51 - 2017-05-22 18:58 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2017-05-22 18:51 - 2017-05-22 18:51 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2017-05-22 18:51 - 2017-05-22 18:51 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2017-05-21 16:14 - 2017-05-21 16:14 - 00002591 _____ C:\Users\Public\Desktop\BodyBalanceComfortSelect.lnk 2017-05-21 16:14 - 2017-05-21 16:14 - 00000000 ____D C:\Users\Sandra\AppData\Local\Leifheit_Soehnle 2017-05-21 16:14 - 2017-05-21 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soehnle 2017-05-21 16:14 - 2012-10-01 14:27 - 00038400 _____ () C:\Windows\system32\Drivers\SoehnleComfort_x64.sys 2017-05-20 17:52 - 2017-05-20 17:52 - 00000911 _____ C:\Users\Sandra\Desktop\WizeBot App.lnk 2017-05-20 17:52 - 2017-05-20 17:52 - 00000000 ____D C:\Users\Sandra\AppData\Local\Wizebot.tv 2017-05-17 20:11 - 2017-05-19 21:09 - 00000000 ____D C:\Users\Sandra\Desktop\Stadtpark+Webweek 2017-05-16 18:19 - 2017-05-16 18:20 - 00000000 ____D C:\Users\Sandra\Desktop\webweek 2017-05-13 14:28 - 2017-05-13 14:28 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Google 2017-05-12 22:36 - 2017-05-12 22:36 - 00000000 ____D C:\637c73e1917518b955979b83 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-04 14:15 - 2016-11-18 22:20 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\Mozilla 2017-06-04 14:15 - 2016-11-01 15:12 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-06-04 14:15 - 2016-11-01 15:12 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-06-04 14:15 - 2016-10-31 14:15 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-04 14:15 - 2016-09-11 17:53 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Spotify 2017-06-04 14:15 - 2016-09-10 21:55 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-04 14:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-04 14:14 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-04 14:14 - 2009-07-14 06:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-04 12:25 - 2016-09-18 14:55 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Skype 2017-06-04 12:19 - 2016-09-11 17:54 - 00000000 ____D C:\Users\Sandra\AppData\Local\Spotify 2017-06-04 02:00 - 2016-09-20 15:36 - 00000000 ____D C:\Users\Sandra\AppData\Local\Adobe 2017-06-04 01:56 - 2016-09-10 22:28 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\obs-studio 2017-06-02 13:32 - 2016-10-31 14:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-06-02 04:35 - 2016-09-11 00:07 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\TS3Client 2017-06-02 04:30 - 2016-09-18 19:27 - 00000000 ____D C:\Users\Sandra\AppData\Local\CrashDumps 2017-06-01 01:12 - 2016-11-02 22:46 - 00001912 _____ C:\Windows\epplauncher.mif 2017-06-01 01:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-06-01 00:52 - 2017-05-01 23:37 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\Temp 2017-06-01 00:15 - 2016-09-23 01:37 - 00000000 ____D C:\Users\master 2017-05-31 15:49 - 2016-09-11 07:07 - 00698804 _____ C:\Windows\system32\perfh007.dat 2017-05-31 15:49 - 2016-09-11 07:07 - 00148944 _____ C:\Windows\system32\perfc007.dat 2017-05-31 15:49 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-29 18:07 - 2017-01-02 19:58 - 00000000 ___HT C:\Windows\wusa.lock 2017-05-29 18:06 - 2016-09-14 17:00 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-29 18:06 - 2016-09-14 16:59 - 00000000 ____D C:\Program Files\Microsoft Office 2017-05-29 18:06 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-05-22 19:51 - 2016-09-10 22:23 - 00000000 ____D C:\Users\Sandra\AppData\Local\Ubisoft Game Launcher 2017-05-13 23:16 - 2016-10-10 22:03 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Audacity 2017-05-12 22:32 - 2016-09-14 21:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-12 22:32 - 2016-09-14 21:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-09 17:34 - 2016-10-23 13:05 - 00001198 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2017-05-09 15:39 - 2016-09-30 13:46 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-09 15:39 - 2016-09-20 15:37 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-05-09 15:39 - 2016-09-20 15:37 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-09 15:39 - 2016-09-20 15:37 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-09 15:39 - 2016-09-20 15:37 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-09 15:39 - 2016-09-20 15:37 - 00000000 ____D C:\Windows\system32\Macromed ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-10-23 00:46 - 2016-10-23 01:50 - 0007660 _____ () C:\Users\Sandra\AppData\Local\Resmon.ResmonCfg 2017-01-31 20:11 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Sandra\AppData\Local\TroubleshooterConfig.json 2016-09-24 10:22 - 2016-09-24 10:22 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-09-10 21:49 - 2016-09-10 21:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-04 16:18 ==================== Ende von FRST.txt ============================ addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017 durchgeführt von Sandra (04-06-2017 14:16:32) Gestartet von C:\Users\Sandra\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-09-10 19:17:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-170210240-1311727065-2204501080-500 - Administrator - Disabled) Gast (S-1-5-21-170210240-1311727065-2204501080-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-170210240-1311727065-2204501080-1002 - Limited - Enabled) Sandra (S-1-5-21-170210240-1311727065-2204501080-1000 - Administrator - Enabled) => C:\Users\Sandra ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) Ansel (Version: 372.70 - NVIDIA Corporation) Hidden Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version: - Ubisoft) Body Balance Comfort Select Software (HKLM-x32\...\{F873D7A3-94D8-4B6D-B567-A56AB38AC1C0}) (Version: 1.1.4 - Leifheit AG) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.) Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) Discord (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs) Elgato Game Capture HD (HKLM\...\{879C5944-7B88-444B-A6B0-509CBC72B48D}) (Version: 3.20.33.1533 - Elgato Systems GmbH) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft) Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft) Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems) Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems) Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems) Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Support Solutions Framework (HKLM-x32\...\{D549B5E2-DBE8-4190-ABA5-71106264398C}) (Version: 12.6.14.19 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HWiNFO64 Version 5.40 (HKLM\...\HWiNFO64_is1) (Version: 5.40 - Martin Malík - REALiX) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan) Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft .NET Framework 4.6.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Moobot Assistant (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\40790fab0e175d6b) (Version: 1.0.0.1 - Knudsen Apps) Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla) Mozilla Firefox 53.0.3 (x86 de) (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 45.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 de)) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 52.1.1 (x86 de) (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Mozilla Thunderbird 52.1.1 (x86 de)) (Version: 52.1.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden osu! (HKLM-x32\...\{f1ce1bae-e14e-4c0a-8542-1c70c385ecb3}) (Version: latest - ppy Pty Ltd) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-170210240-1311727065-2204501080-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft) The Sims(TM) 3 (HKLM\...\Steam App 47890) (Version: - The Sims Studio) The Way of Life Free Edition (HKLM\...\Steam App 310370) (Version: - Fabio Ferrara) Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 4.FFD.2016 - Thrustmaster) Tomb Raider (HKLM\...\Steam App 203160) (Version: - Crystal Dynamics) Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Warface (HKLM\...\Steam App 291480) (Version: - Crytek) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WizeBot.tv App (HKLM-x32\...\WizeBot.tv App) (Version: V1.1 - WizeBot.tv) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Sandra\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-170210240-1311727065-2204501080-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Program Files (x86)\Google\Update\1.3.31.5\psmachine_64.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {030541F0-B768-4F2A-8747-93484D79F086} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-29] () Task: {226F4FFD-61EC-44DD-8D24-9C5C1234F0C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {26D6C10D-A463-4E6C-8D53-5D5C328C2EB6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {42FE1C37-17C7-4F94-9784-C79D140BFA30} - System32\Tasks\AdobeAAMUpdater-1.0-Castle-Sandra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {4DDD6B8A-9D04-41C9-8C7C-8A307D2CD02E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {611773C4-A794-4BBD-8CD9-BAAB830EE6EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated) Task: {630D0C5E-C5CB-428E-8153-9A9B48F13D02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {6529DB75-F9E2-4AC3-BD2F-CE36FC9079EE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-29] (Microsoft Corporation) Task: {7809FD34-864B-4680-B569-C7773538EC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.) Task: {8A57B12A-51B0-4DDF-BF45-A567B54043DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.) Task: {8FDC7AFA-4BD7-437F-BB1E-553DEA5466B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-29] () Task: {A435AE87-616B-42A7-A993-C6958CF3D383} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-29] (Microsoft Corporation) Task: {DA30241B-CAC7-4868-AFE3-3F397DAC668F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {E2AF3C6C-4397-4DD3-81FA-36853E1A498B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {E98D8BE8-C388-4ED4-B938-1C3D820236DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-05-29] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1cdcadec15321c01\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-09-10 21:55 - 2016-08-25 23:10 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-09-10 21:48 - 2014-06-18 07:54 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2016-09-18 16:00 - 2016-08-26 01:28 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2017-05-22 18:51 - 2017-05-22 18:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-06-02 13:32 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\CameraHelperShell.exe 2016-08-08 05:37 - 2016-08-08 05:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-09-18 16:00 - 2016-08-26 01:28 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-09-18 16:00 - 2016-08-26 01:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-11 13:55 - 2017-05-17 03:54 - 00678176 _____ () D:\Programme\Steam\SDL2.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 04969248 _____ () D:\Programme\Steam\v8.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 01563936 _____ () D:\Programme\Steam\icui18n.dll 2016-09-11 13:55 - 2016-09-01 03:02 - 01195296 _____ () D:\Programme\Steam\icuuc.dll 2016-09-11 13:55 - 2017-06-01 21:50 - 02485536 _____ () D:\Programme\Steam\video.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 02549760 _____ () D:\Programme\Steam\libavcodec-56.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll 2016-09-11 13:55 - 2016-01-27 09:49 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll 2016-09-11 13:55 - 2017-06-01 21:50 - 00877856 _____ () D:\Programme\Steam\bin\chromehtml.DLL 2016-09-11 13:55 - 2016-07-05 00:17 - 00266560 _____ () D:\Programme\Steam\openvr_api.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 67117168 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libcef.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-05-30 03:05 - 2017-05-30 03:05 - 01082880 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-05-30 03:05 - 2017-05-30 03:05 - 03750400 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-05-30 03:05 - 2017-05-30 03:05 - 00914432 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2016-08-29 10:09 - 2016-08-29 10:09 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtCore4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtGui4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\QtXml4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech Cam\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 02253424 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libglesv2.dll 2016-09-11 17:54 - 2017-05-23 19:34 - 00086640 _____ () C:\Users\Sandra\AppData\Roaming\Spotify\libegl.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-05-30 03:05 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Sandra\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-06-04 14:15 - 2017-06-04 14:15 - 00148992 _____ () \\?\C:\Users\Sandra\AppData\Local\Temp\56E5.tmp.node 2017-05-30 03:05 - 2017-05-30 03:05 - 02658296 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-05-30 03:06 - 2017-05-30 03:06 - 02665976 _____ () \\?\C:\Users\Sandra\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node 2016-09-11 00:04 - 2015-10-06 21:26 - 50656768 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 01874944 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2016-09-11 00:04 - 2015-10-06 21:26 - 00075264 _____ () C:\Users\Sandra\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-12-13 14:42 - 2017-05-08 21:45 - 69516064 _____ () D:\Programme\Steam\bin\cef\cef.win7\libcef.dll 2016-09-11 13:55 - 2017-06-01 21:50 - 00385312 _____ () D:\Programme\Steam\steam.dll 2017-05-09 15:39 - 2017-05-09 15:39 - 19700728 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-170210240-1311727065-2204501080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: asComSvc => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe MSCONFIG\startupreg: Elgato Sound Capture => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe -hide_settings MSCONFIG\startupreg: PDFPrint => "D:\Programme\PDF24\pdf24.exe" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{D7819B9F-2B1C-4400-8A10-1C86701C2A1C}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{EB96D93C-F35D-45FD-B2D6-FCF19E6E31B8}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [TCP Query User{A73A09E1-6C0A-4967-951D-5FA7F0E58A24}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{82B41B8A-5A28-4708-8185-D3F33D64CB75}C:\users\sandra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sandra\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{1295E0E4-9A1D-450A-B670-E0935ECE33A3}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{4242FCCB-05A2-4472-83A5-D406AC9A91C9}C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [{0676917C-9BE8-429B-9E41-7C6D3E1ADD16}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{CDF7CB05-C862-438E-BCD9-434B31208713}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{B2B525BA-E365-4765-9ED7-775E0162E10C}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AF3C2F39-6B92-400E-B200-B92FBBAA9651}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{0256CCF1-AA7B-4A42-9225-972384C0E5BD}] => (Block) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [{344682ED-EDBE-4344-A446-511FD2100D7C}] => (Block) C:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe FirewallRules: [TCP Query User{05EB01C6-D043-46CE-BE13-BF7330706509}C:\program files (x86)\teamviewer\teamviewer.exe] => (Allow) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [UDP Query User{B4EBE9E5-0062-42EA-B8CC-FF699979C3A4}C:\program files (x86)\teamviewer\teamviewer.exe] => (Allow) C:\program files (x86)\teamviewer\teamviewer.exe FirewallRules: [TCP Query User{716C2543-F026-4CAE-9583-DBF759065B2E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{628FF22F-1B75-4EB9-834B-6590B48C86D2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{64281E45-EC8F-4802-B0E2-C0C6C5D51BC3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{03DD4541-5989-4CBE-83F3-56FDD82DB9B3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/04/2017 02:15:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x1054 Startzeit der fehlerhaften Anwendung: 0x01d2dd2c39958009 Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 7825c3f1-491f-11e7-a477-1cb72caa10b4 Error: (06/04/2017 02:13:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/04/2017 02:12:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x1e28 Startzeit der fehlerhaften Anwendung: 0x01d2dd2bd7e69683 Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 15d82a4f-491f-11e7-af9b-1cb72caa10b4 Error: (06/04/2017 02:12:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x1db4 Startzeit der fehlerhaften Anwendung: 0x01d2dd2bd1d1a507 Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 0fd365af-491f-11e7-af9b-1cb72caa10b4 Error: (06/04/2017 02:12:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x1b44 Startzeit der fehlerhaften Anwendung: 0x01d2dd2bcb80bb1a Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 09bb3fd7-491f-11e7-af9b-1cb72caa10b4 Error: (06/04/2017 02:12:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x112c Startzeit der fehlerhaften Anwendung: 0x01d2dd2bc2e77b4d Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 0287aa05-491f-11e7-af9b-1cb72caa10b4 Error: (06/04/2017 12:20:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/03/2017 07:55:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (06/03/2017 07:54:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x1fc4 Startzeit der fehlerhaften Anwendung: 0x01d2dc926edd0a54 Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: accb42b3-4885-11e7-a57a-1cb72caa10b4 Error: (06/03/2017 07:54:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7c06e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004da56 ID des fehlerhaften Prozesses: 0x1dd4 Startzeit der fehlerhaften Anwendung: 0x01d2dc9268705a9f Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: a6db65f2-4885-11e7-a57a-1cb72caa10b4 Systemfehler: ============= Error: (06/04/2017 02:16:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} und APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error: (06/04/2017 02:14:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Razer Game Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: Die Pipe wurde beendet. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/04/2017 02:14:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Hi-Rez Studios Authenticate and Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 8132.24 MB Verfügbarer physikalischer RAM: 4187.38 MB Summe virtueller Speicher: 16262.67 MB Verfügbarer virtueller Speicher: 11849.96 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:111.25 GB) (Free:30.84 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:800.94 GB) NTFS Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DC39A4D3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC39A4DC) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ ich wollte sicher gehen ob alles ok ist und ob es nun etwas gab, dass dafür verantworlich sein könnte, dass passwörter nach aussen gedrungen sind? ich gehe davon aus, dass dies nicht der fall ist. gab es denn etwas anderes sonst? vielen dank für deine hilfe! hier läuft ansonsten alles sauber und rund. |
05.06.2017, 08:51 | #8 |
/// TB-Ausbilder | Unsicher was los ist, Win7 Servus, bisher habe ich nichts gefunden. Wir kontrollieren ein letztes Mal. Schritt 1 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 2 ESET Online Scanner
Bitte poste mit deiner nächsten Antwort
|
08.06.2017, 22:07 | #9 |
/// TB-Ausbilder | Unsicher was los ist, Win7 Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. Profilnachricht inklusive Link zum Thema an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
Themen zu Unsicher was los ist, Win7 |
.dll, adobe, cpu, defender, down, explorer, firefox, flash player, kaspersky, mozilla, neustart, office 365, problem gelöst, programm, prozesse, realtek, registry, scan, security, services.exe, software, svchost.exe, system, udp, usb, windows, winlogon.exe |