Habe ich mir einen Virus eingefangen oder bloß Adware?

Gottel62 · 12.08.2017, 18:07

Hallo

Ich habe bei Chrome und Firefox den Adblocker installiert und trotzdem geht nach ein paar min eine unbekannte Seite auf.Immer wieder eine andere.Die schließe ich dann und nach ein paar min das selbe Spiel.Ich vermute das ich mir Adware eingefangen.Ich habe schon Malwarebytes und meinen Virenscanner drüber laufen lassen,aber die haben nichts gefunden.Bei edge ist das nicht so.Bitte um Hilfe,Danke im voraus.

M-K-D-B · 12.08.2017, 20:59

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Gottel62 · 13.08.2017, 19:38

[CODE]Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017
durchgeführt von Gotthard (Administrator) auf F94026-1 (13-08-2017 19:48:49)
Gestartet von C:\Users\Gotthard\Downloads
Geladene Profile: Gotthard (Verfügbare Profile: defaultuser0 & Gotthard)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Amazon Services LLC) C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-21] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-07-21] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-06-29] (Dolby Laboratories, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-21] (Intel Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2110584 2017-07-12] (Logitech, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-06-26] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-06-26] (CyberLink Corp.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe [411912 2016-12-22] ()
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Amazon Music] => C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe [3696104 2017-06-09] (Amazon Services LLC)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Spotify Web Helper] => C:\Users\Gotthard\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-03] (Spotify Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Spotify] => C:\Users\Gotthard\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-03-03] (Spotify Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [OpenOffice Updater] => C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-02] ()
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\killercontrolcenter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\killerdiagnostics.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ksdeui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-02-26]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)
Startup: C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2017-03-20]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
Tcpip\..\Interfaces\{4d899b68-acd8-4e4f-8c23-96579e8402ab}: [DhcpNameServer] 62.117.1.25 89.16.129.25

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {01F38CF5-175C-4A4B-9FE5-A68C368393D2} URL =
SearchScopes: HKU\S-1-5-21-439399562-2122694152-2027062775-1001 -> DefaultScope {01F38CF5-175C-4A4B-9FE5-A68C368393D2} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\x64\ie_engine.dll [2016-12-22] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ie_engine.dll [2016-12-22] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default [2017-08-13]
FF Extension: (Stores your logins, passwords, notes and identities, protecting them with your master password.) - C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default\Extensions\kpm_win_add_on@kaspersky.xpi [2017-07-29]
FF Extension: (Adblock Plus) - C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-29]
FF Extension: (Site Deployment Checker) - C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default\features\{39902d07-0491-45a7-8fa8-098d8929e181}\deployment-checker@mozilla.org.xpi [2017-03-24]
FF Extension: (Click-to-Play staged rollout) - C:\Program Files\Mozilla Firefox\browser\features\clicktoplay-rollout@mozilla.org.xpi [2017-08-11] [ist nicht signiert]
FF Extension: (Follow-on Search Telemetry) - C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi [2017-08-03] [ist nicht signiert]
FF Extension: (Shield Recipe Client) - C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi [2017-08-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-08-03] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-439399562-2122694152-2027062775-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default [2017-08-13]
CHR Extension: (Google Präsentationen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-25]
CHR Extension: (Google Docs) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-25]
CHR Extension: (Google Drive) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-25]
CHR Extension: (YouTube) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13]
CHR Extension: (Google Tabellen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-25]
CHR Extension: (АdВIοсk РIus) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafikfgimmakopbgongibcbahghfcinl [2017-02-25]
CHR Extension: (Google Docs Offline) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-25]
CHR Extension: (Audio Verbinden) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2017-03-31]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaoblbjfmcalcjjaifickaoccjmhlal [2017-06-20]
CHR Extension: (Archive Extractor) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknadlalodfadgegkigkmbhofcmkhfnc [2017-03-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13]
CHR Extension: (Audio Converter) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2017-03-31]
CHR Extension: (Google Mail) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-25]
CHR Extension: (Chrome Media Router) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-439399562-2122694152-2027062775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mkaoblbjfmcalcjjaifickaoccjmhlal] - hxxps://chrome.google.com/webstore/detail/mkaoblbjfmcalcjjaifickaoccjmhlal
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-02-27] ()
R2 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [856536 2017-02-17] (ASUSTek Computer Inc.)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [348592 2017-06-28] (Windows (R) Win 7 DDK provider)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-01] ()
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-24] (CyberLink)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-07-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-05-28] (Intel Corporation)
S4 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2067168 2017-01-26] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S4 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-01] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-01] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [605616 2017-06-28] (Qualcomm)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-03-19] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-07-20] ()
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-02-27] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520152 2017-07-25] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-08-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-26] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-28] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-28] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-28] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-28] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R0 MBAMChameleon; C:\WINDOWS\System32\drivers\MBAMChameleon.sys [188352 2017-07-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-13] (Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-26] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2418096 2017-07-03] (Qualcomm Atheros, Inc.)
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [99680 2017-01-26] (Rivet Networks, LLC.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-13 19:48 - 2017-08-13 19:49 - 000031232 _____ C:\Users\Gotthard\Downloads\FRST.txt
2017-08-13 19:46 - 2017-08-13 19:48 - 000000000 ____D C:\FRST
2017-08-13 19:41 - 2017-08-13 19:41 - 002395648 _____ (Farbar) C:\Users\Gotthard\Downloads\FRST64.exe
2017-08-13 19:29 - 2017-08-13 19:30 - 000326192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-12 18:31 - 2017-08-12 18:31 - 000020322 _____ C:\Users\Gotthard\Documents\cc_20170812_183116.reg
2017-08-12 18:30 - 2017-08-12 18:30 - 000136116 _____ C:\Users\Gotthard\Documents\cc_20170812_183050.reg
2017-08-12 18:26 - 2017-08-12 18:26 - 001790024 _____ (Malwarebytes) C:\Users\Gotthard\Downloads\JRT.exe
2017-08-11 15:46 - 2017-08-11 15:52 - 000000000 ____D C:\ProgramData\HitmanPro
2017-08-11 15:46 - 2017-08-11 15:46 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-08-11 15:45 - 2017-08-11 15:45 - 011584088 _____ (SurfRight B.V.) C:\Users\Gotthard\Downloads\hitmanpro_x64.exe
2017-08-11 15:41 - 2017-08-11 15:41 - 000000000 ____D C:\ProgramData\Emsisoft
2017-08-11 15:40 - 2017-08-11 15:44 - 000000000 ____D C:\EEK
2017-08-11 15:39 - 2017-08-11 15:39 - 332366064 _____ C:\Users\Gotthard\Downloads\EmsisoftEmergencyKit.exe
2017-08-10 17:42 - 2017-08-10 17:42 - 000000000 ____D C:\Users\Gotthard\Screenshot
2017-08-10 17:30 - 2017-08-10 17:30 - 000000222 _____ C:\Users\Gotthard\Desktop\Shadow Warrior 2.url
2017-08-10 12:14 - 2017-08-10 12:14 - 001893405 _____ C:\Users\Gotthard\Downloads\sw2013v1x+7tr.rar
2017-08-10 12:14 - 2017-08-10 12:14 - 000000000 ____D C:\Users\Gotthard\Downloads\sw2013v1x+7tr
2017-08-09 14:01 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 14:01 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 14:01 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 14:01 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 14:01 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 14:01 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 14:01 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 14:01 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 14:01 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 14:01 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 14:01 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 14:01 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 14:01 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 14:01 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 14:01 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 14:01 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 14:01 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 14:01 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 14:01 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 14:01 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 14:01 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 14:01 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 14:01 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 14:01 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 14:01 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 14:01 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 14:01 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 14:01 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 14:01 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 14:01 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 14:01 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 14:01 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 14:01 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 14:01 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 14:01 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 14:01 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 14:01 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 14:01 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 14:01 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 14:01 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 14:01 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 14:01 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 14:01 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 14:01 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 14:01 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 14:01 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 14:01 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 14:01 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 14:01 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 14:01 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 14:01 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 14:01 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 14:01 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 14:01 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 14:01 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 14:01 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 14:01 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-05 16:49 - 2017-08-05 16:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\ProgramData\Dolby
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\Program Files\Dolby
2017-08-03 11:41 - 2017-07-21 04:58 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 072520704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-08-03 11:41 - 2017-07-21 04:57 - 012951320 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-08-03 11:41 - 2017-07-21 04:57 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-03 11:41 - 2017-07-21 04:57 - 003516984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003099544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 002210784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001159176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000154352 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-03 11:41 - 2016-07-22 02:19 - 000091088 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2017-08-03 11:41 - 2016-04-15 14:47 - 000080848 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2017-08-03 11:40 - 2017-08-03 11:40 - 000000000 ____D C:\Users\Gotthard\AppData\Local\Logishrd
2017-08-03 11:39 - 2017-08-03 11:39 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\sp6_log
2017-08-03 11:39 - 2017-07-03 05:32 - 001073824 _____ C:\WINDOWS\system32\Drivers\qca61x4_2_2.bin
2017-08-03 11:39 - 2017-07-03 05:32 - 000097210 _____ C:\WINDOWS\system32\Drivers\Data61x4_2_2.msc
2017-08-03 11:38 - 2017-08-03 11:38 - 000000000 ____D C:\Program Files (x86)\ASM104xUSB3
2017-08-03 11:38 - 2017-06-28 05:50 - 000348592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\AdminService.exe
2017-08-03 11:38 - 2017-06-28 02:48 - 000058488 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000200.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000057624 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000300.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000041112 _____ C:\WINDOWS\system32\Drivers\AthrBT_TF_0x00000302.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000037208 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000302.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000001982 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48_NFA435_10dbm.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000001982 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48.dfu
2017-08-03 11:35 - 2017-08-12 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2017-08-03 10:51 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-03 10:51 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-03 10:51 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-03 10:51 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-03 10:51 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-03 10:51 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-03 10:51 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-03 10:51 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-03 10:51 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-03 10:51 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-03 10:51 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-03 10:51 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-03 10:51 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-03 10:51 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-03 10:51 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-03 10:51 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-03 10:51 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-03 10:51 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-03 10:51 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-03 10:51 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-03 10:51 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-03 10:51 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-03 10:51 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-03 10:51 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-03 10:51 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-03 10:51 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-03 10:51 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-03 10:51 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-03 10:51 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-03 10:51 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-03 10:51 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-03 10:51 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-03 10:51 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-03 10:51 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-03 10:51 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-03 10:51 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-03 10:51 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-03 10:51 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-03 10:51 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-03 10:51 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-03 10:51 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-03 10:51 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-03 10:51 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-03 10:51 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-03 10:51 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-03 10:51 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-03 10:51 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-03 10:51 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-03 10:51 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-03 10:51 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-03 10:51 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-03 10:51 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-03 10:51 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-03 10:51 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-03 10:51 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-07-25 16:36 - 2017-07-25 16:36 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-25 16:36 - 2017-07-19 00:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-25 16:36 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-25 16:36 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-25 16:36 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-25 16:36 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-25 16:34 - 2017-07-19 02:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-07-22 10:31 - 2017-07-22 10:31 - 000000000 ____D C:\Users\Gotthard\Documents\Shadow Warrior DX11
2017-07-21 10:35 - 2017-07-21 10:35 - 000000000 ____D C:\Users\Gotthard\AppData\Local\SkinSoft
2017-07-21 10:25 - 2017-01-07 21:39 - 000000000 ____D C:\Users\Gotthard\Desktop\JustCause3+23Tr-LNG
2017-07-20 16:50 - 2017-07-20 16:50 - 000000000 ____D C:\Users\Gotthard\Documents\Square Enix
2017-07-20 16:18 - 2017-07-20 16:18 - 000000222 _____ C:\Users\Gotthard\Desktop\Just Cause 3.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-13 19:45 - 2017-02-25 18:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-13 19:44 - 2017-04-06 17:04 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-08-13 19:36 - 2017-04-06 17:07 - 007744342 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-13 19:36 - 2017-03-29 07:41 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-13 19:36 - 2017-03-20 06:41 - 003968878 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-13 19:36 - 2017-03-20 06:41 - 001074406 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-13 19:35 - 2017-03-14 05:43 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater
2017-08-13 19:34 - 2017-04-06 16:59 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-13 19:30 - 2017-05-19 13:37 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-13 19:30 - 2017-05-19 13:37 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-13 19:30 - 2017-05-19 13:36 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-13 19:30 - 2017-02-28 18:14 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2017-08-13 19:29 - 2017-04-06 17:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-12 19:58 - 2017-06-07 17:59 - 000003134 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-08-12 19:58 - 2017-04-06 17:00 - 000000000 ____D C:\Users\Gotthard
2017-08-12 19:58 - 2017-03-18 13:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-08-12 19:58 - 2017-02-25 19:13 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-12 18:20 - 2017-04-06 17:04 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D56A6EBC-6126-4119-8BFD-8B0E03E1E2C3}
2017-08-12 15:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-12 10:49 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-11 15:56 - 2017-02-26 08:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-11 15:11 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-10 20:35 - 2017-02-26 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-08-10 20:35 - 2017-02-26 07:44 - 000000000 ____D C:\Program Files\Logitech
2017-08-10 20:18 - 2017-04-06 17:04 - 000003250 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
2017-08-10 17:32 - 2017-02-25 19:18 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-10 17:09 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-10 13:55 - 2017-02-26 07:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-10 10:59 - 2017-02-26 07:57 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-10 10:59 - 2017-02-26 07:57 - 000001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-10 10:59 - 2017-02-26 07:57 - 000000000 ____D C:\Users\Gotthard\AppData\LocalLow\Mozilla
2017-08-10 10:51 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-09 16:45 - 2017-02-25 18:17 - 000000000 ____D C:\Users\Gotthard\AppData\Local\Packages
2017-08-09 16:42 - 2017-02-28 08:10 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-08-09 14:04 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-09 14:03 - 2017-02-01 11:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 14:02 - 2017-02-01 11:26 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-09 11:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-09 11:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-05 17:45 - 2017-05-17 18:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-05 17:45 - 2017-02-25 18:40 - 000001492 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-05 16:49 - 2017-02-23 11:24 - 000000000 ____D C:\Program Files\Intel
2017-08-05 16:49 - 2017-02-23 11:24 - 000000000 ____D C:\Program Files (x86)\Intel
2017-08-03 16:26 - 2017-03-02 05:05 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-03 16:26 - 2017-03-02 05:05 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-08-03 11:41 - 2017-03-14 15:19 - 000005097 _____ C:\WINDOWS\SysWOW64\Saved_Config.txt
2017-08-03 11:41 - 2017-03-14 15:19 - 000000410 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt
2017-08-03 11:41 - 2017-02-26 07:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-08-03 11:41 - 2017-02-26 07:46 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2017-08-03 11:40 - 2017-04-06 17:04 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-08-03 11:40 - 2017-04-06 17:00 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-08-03 11:40 - 2017-02-26 08:45 - 000000000 ____D C:\Users\Public\Documents\Logishrd
2017-08-03 11:40 - 2017-02-26 07:44 - 000000000 ____D C:\ProgramData\Logishrd
2017-08-03 11:02 - 2017-05-05 20:00 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-03 10:56 - 2016-11-20 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-03 10:54 - 2017-04-06 17:23 - 000000000 ____D C:\Program Files\Hyper-V
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 20:05 - 2017-03-18 11:00 - 000000000 ____D C:\Program Files\Recuva
2017-07-28 16:12 - 2017-02-27 20:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-26 19:09 - 2017-06-30 13:26 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-26 19:09 - 2017-06-30 13:26 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-26 19:09 - 2017-03-21 15:33 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-26 19:09 - 2017-02-25 18:40 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-26 15:40 - 2017-04-07 07:10 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-26 15:36 - 2017-04-06 16:59 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-07-25 16:36 - 2017-02-23 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-25 16:14 - 2017-03-18 13:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-07-25 16:14 - 2017-02-25 18:35 - 001021624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-07-25 16:14 - 2017-02-25 18:35 - 000197312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-07-25 16:14 - 2016-06-14 18:47 - 000199640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2017-07-25 16:13 - 2016-12-26 23:03 - 000520152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-07-21 19:21 - 2017-01-17 18:31 - 000897032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2017-07-21 04:57 - 2017-03-29 16:35 - 005874144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-07-21 04:57 - 2017-03-29 16:35 - 000378376 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-07-21 04:57 - 2017-03-29 16:35 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-07-20 16:41 - 2017-05-19 13:37 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-20 16:41 - 2017-05-19 13:36 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-19 02:40 - 2017-03-21 15:33 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-19 02:40 - 2017-03-21 15:33 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-19 02:40 - 2017-03-21 15:33 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-07-19 01:24 - 2017-04-06 17:00 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-27 18:51 - 2017-02-27 18:51 - 000000017 _____ () C:\Users\Gotthard\AppData\Local\resmon.resmoncfg
2017-04-03 16:33 - 2017-04-03 16:33 - 000046816 _____ () C:\ProgramData\agent.1491229982.bdinstall.bin
2017-04-03 16:56 - 2017-04-03 16:56 - 000029157 _____ () C:\ProgramData\agent.1491231411.bdinstall.bin
2017-04-06 16:59 - 2017-04-06 16:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-06 16:59 - 2017-04-06 16:59 - 000000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
2017-08-12 18:19 - 2017-04-28 03:16 - 000599576 _____ (Microsoft Corporation) C:\Users\Gotthard\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-12 10:49

==================== Ende von FRST.txt ============================[CODE]

Gottel62 · 13.08.2017, 19:40

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-08-2017
durchgeführt von Gotthard (13-08-2017 19:49:10)
Gestartet von C:\Users\Gotthard\Downloads
Windows 10 Pro Version 1703 (X64) (2017-04-06 15:07:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-439399562-2122694152-2027062775-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-439399562-2122694152-2027062775-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-439399562-2122694152-2027062775-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-439399562-2122694152-2027062775-501 - Limited - Disabled)
Gotthard (S-1-5-21-439399562-2122694152-2027062775-1001 - Administrator - Enabled) => C:\Users\Gotthard

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Amazon Amazon Music) (Version: 5.5.1.1028 - Amazon Services LLC)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
Ashampoo Photo Commander 14 (HKLM-x32\...\{0A11EA01-616B-A905-B3D2-3B7C238851DC}_is1) (Version: 14.0.6 - Ashampoo GmbH & Co. KG)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.48.1 - Asmedia Technology)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.) Hidden
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 0.0.369099031.18949936 - Audible, Inc.)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.04.29 - ASUSTeK Computer Inc.)
AURA(GRAPHICS CARD) (HKLM-x32\...\{AF1004E7-4602-4E68-96F0-5668285D2AF0}) (Version: 0.0.4.1 - )
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{EF9495BF-843A-4F81-ACC5-40F51748D462}) (Version: 0.8.4.73 - Dolby Laboratories, Inc.)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1027 - Intel Corporation)
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Just Cause 3 (HKLM\...\Steam App 225540) (Version:  - Avalanche Studios)
Kaspersky Password Manager (HKLM-x32\...\{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Killer Performance Suite (HKLM\...\{D0950353-F0CC-441B-B0FA-045A4BFD9F6E}) (Version: 1.0.1026 - Rivet Networks)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.8 - Electronic Arts)
Media Go (HKLM-x32\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.105.05220 (HKLM-x32\...\{77B3BF4C-1376-60BA-DBE7-932199ED6219}) (Version: 2.20.105.05220 - Sony)
Microsoft OneDrive (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 55.0.1 (x64 de) (HKLM\...\Mozilla Firefox 55.0.1 (x64 de)) (Version: 55.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Music Recorder (HKLM-x32\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
Music Recorder (HKLM-x32\...\{F5EF0BCC-8370-431F-B73E-AC6405C2DA1D}) (Version: 14.1.15600.0 - Audials AG)
Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero 2017 Content Pack (HKLM-x32\...\{4E6D3A36-4558-466D-83CC-AE2DCAC06C53}) (Version: 18.0.00600 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0011 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OCCT 4.5.0 (HKLM-x32\...\OCCT) (Version: 4.5.0 - Ocbase.com)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
oPlayer (HKLM-x32\...\{A7D541EA-C319-4964-9F48-B1AA9058777E}) (Version: 1.1.38 - I-SMART CITIES(Zhuhai) Co.,Ltd )
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
Spotify (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 28.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Websuche (HKLM-x32\...\Websuche) (Version:  - Websuche)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {073DE77D-DE3A-45D9-B121-18B2DD008275} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {09D1669A-3DC5-4FC7-B0E8-91833119D848} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {0CF0CBA3-96AD-4462-9C97-3AECA50F5783} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {1819FA23-43C0-4B6C-97DA-EFDD16D6EB36} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-24] (Samsung Electronics Co. Ltd.)
Task: {227FFF73-A683-4F3F-B41C-3A2C4E0816B5} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {319C3BC1-47AF-44B5-86E1-85EB9710B576} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {3B9264A3-DA65-4AFD-ADB5-A47732E2250F} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-22] (CyberLink Corp.)
Task: {3F641E17-74AA-4743-8824-1E702015D0E3} - System32\Tasks\Amazon Music Helper => C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe [2017-06-09] (Amazon Services LLC)
Task: {3FF7F4A2-1620-4101-8D45-36791438B053} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {490922DA-2308-4C3B-88E1-33374A6AE283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {4D63A57A-50ED-4806-9F13-6DC4029949F2} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {578F5BFB-8F4B-4113-8E2C-28C45CA2012C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-02] (Google Inc.)
Task: {5CB03C4A-8677-47B2-A232-3C1B2149B453} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-11-16] (TODO: <Company name>)
Task: {69E64FF2-D32F-4848-8D67-FA357B90199F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {7099998E-A6BE-4AB4-97AB-40AF13523619} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated)
Task: {74FA8313-B2CB-4C4B-B04A-4229B8537C1C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {79C35159-141D-4AB2-B705-BA74FB2F1812} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {876F335E-23A1-49C6-B9C7-31C7EAE6AF9B} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-26] (Nero AG)
Task: {88FC3817-F06C-467F-B40A-50D6987D9392} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {8EAEA82B-298A-4243-8FD9-356558A884E9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {98469EBB-B56C-4A03-B854-E8A49D9A64BE} - System32\Tasks\S-1-5-21-439399562-2122694152-2027062775-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {A5A97027-FF1E-4A1C-810E-CBA0A64523E7} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {BDA0F406-5023-4E81-A351-A1C83F59EFF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-02] (Google Inc.)
Task: {C758B265-3378-4021-B456-A58C297ACC6F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {C9F2D408-5597-4B37-8DD7-311CA3639952} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [2017-02-17] ()
Task: {E14DFF35-585C-4C60-847B-0AADFEC2BBF2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {FF25BC62-D488-4843-93F9-1C1C580FF375} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-27 20:10 - 2017-02-27 20:10 - 000933840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
2017-02-25 18:40 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-05-19 13:36 - 2017-07-20 16:41 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-24 14:19 - 2017-04-24 14:19 - 000428608 ____R () C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2016-10-24 12:03 - 2016-10-24 12:03 - 000589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-02-27 20:11 - 2017-02-17 20:07 - 000247256 _____ () C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 15:24 - 2017-07-18 15:24 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2016-12-22 23:58 - 2016-12-22 23:58 - 000411912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-10-04 18:09 - 2016-10-04 18:09 - 000253664 _____ () c:\program files\intel\intel(r) online connect\CSLibWrapper.dll
2017-08-03 16:26 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-03 16:26 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2016-12-22 23:59 - 2016-12-22 23:59 - 000108072 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\plugin-nm-server.exe
2017-02-27 20:10 - 2017-08-13 19:30 - 000044328 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll
2017-02-27 20:10 - 2017-02-27 20:10 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 001746432 _____ () C:\Program Files (x86)\ASUS\AURA\Vender.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\ClaymoreProtocol.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\RogNewmouseProtocol.dll
2017-02-26 09:04 - 2017-04-21 08:59 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-05-28 09:45 - 2017-05-28 09:45 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2017-02-25 18:40 - 2017-07-26 19:08 - 069820864 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-02-25 18:40 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-05 14:03 - 2016-12-05 14:03 - 000600160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\dblite.dll
2016-12-22 23:24 - 2016-12-22 23:24 - 000513960 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ipm_service.dll
2016-12-22 23:26 - 2016-12-22 23:26 - 000362344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ucp_meta.dll
2016-12-22 23:58 - 2016-12-22 23:58 - 000237416 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\infra.dll
2017-02-26 07:34 - 2017-02-26 07:33 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-02-28 18:12 - 2014-12-08 09:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:0507A16B [141]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.

IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2017-05-18 17:04 - 000454512 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15600 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-439399562-2122694152-2027062775-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.117.1.25 - 89.16.129.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "Killer Control Center.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4AEDE23B-F0ED-46C6-BB38-CDD537DB563F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E55175D9-3A9B-40A2-A4BE-8C6C5809094A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2DC7F296-453D-4599-AA56-61125FDE3B90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B1EB837F-F141-46DF-B4E0-73E098003E6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ADD7DE6E-551D-4C63-99C3-08AF4C5503B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC828FB5-3582-4FC5-9C4C-A3BCC630DC13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59B7F543-BE4F-4F2B-92E0-B45B5E84AFCB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F6ABE05-4DBA-43E5-9F42-8481E83E8DC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CDA0EF12-4C03-47C1-B0F6-A2A982ECD07E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DED8FB28-7812-4C80-A4EB-C35BE5311DC3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{39D689A6-DB5F-42FF-B41B-7E0D7E17006C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{FB27B845-63EF-4E56-97F4-9BA2C28939EE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{068DC589-7C08-4A64-ACC4-0D772F45299A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{D0C29ED0-EB77-425C-905C-394574455371}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{97B75051-0F8A-45AB-AD83-CC35F1F2CD42}] => (Allow) C:\Program Files (x86)\Music Recorder\Music Recorder 2016\Audials.exe
FirewallRules: [{914667BE-5A3E-4979-8891-1DB84EF70BD1}] => (Allow) LPort=12972
FirewallRules: [{7C091C59-3AED-4EC6-9112-950E4DE6F294}] => (Allow) LPort=14714
FirewallRules: [{F8CFCBFE-6421-48A1-985A-76F07786DE0E}] => (Allow) LPort=31931
FirewallRules: [{882D0D1F-FC29-487E-AFC3-D5DBD83EAE75}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{9B539642-AB62-4002-9DCC-15C9D77F44B9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{169BFE53-5E32-4702-99B2-629A875CD6B7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{E740DF33-292D-4E63-9ACA-14033B55A5C9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{E073E10F-B885-4023-8C3F-CABD9555779D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{296136DE-20B3-4FA6-867D-70C586C79582}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{288C96CA-B76A-4CD3-93FB-2C4A825D6ABA}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{DA1F03A8-36BA-4DDD-B340-7CB3E279A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{50BB7512-5B16-4D28-A783-2A8FBD1CDA1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{5B058E5E-607C-4513-8288-8F69B9D8F190}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1E37DEC9-BE9E-4B80-B937-3C9B3801C0CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DEA66579-F75F-4D13-8DD4-787155EFB8FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{496071A6-49B1-4F0B-A62E-AC90AB3A179D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7BCE9A5A-36D1-4118-A17C-0FF27A4AE191}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7708364-A93E-40D8-B0C8-01713B607893}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FD4E3A0-306E-45FB-9AF8-303205B95298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{7EE2B74E-AA89-478A-8044-340217FD340F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{FF11C487-3787-47F1-8FDA-F6CA329B4121}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE

==================== Wiederherstellungspunkte =========================

05-08-2017 16:49:27 IIF_MSI
09-08-2017 14:02:00 Windows Update
09-08-2017 14:02:12 Windows Update
11-08-2017 15:51:00 Prüfpunkt von HitmanPro
11-08-2017 15:51:54 Prüfpunkt von HitmanPro
12-08-2017 18:26:42 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/13/2017 07:34:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: F94026-1)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/12/2017 07:14:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 07:14:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 06:30:11 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 06:30:11 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 04:00:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: F94026-1)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "Adobe Acrobat Reader DC
 (17.012.20093)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/12/2017 04:00:17 PM) (Source: MsiInstaller) (EventID: 11722) (User: F94026-1)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch -- Fehler 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action InstallWebResources, location: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe, command: 17.012.20093 17.009.20058.0

Error: (08/12/2017 03:59:41 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 03:59:41 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 03:59:38 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.


Systemfehler:
=============
Error: (08/13/2017 07:34:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Intel(R) Online Connect Helper erreicht.

Error: (08/13/2017 07:29:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/12/2017 06:26:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/12/2017 06:26:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/12/2017 06:18:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Intel(R) Online Connect Helper erreicht.

Error: (08/12/2017 06:10:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/12/2017 04:00:20 PM) (Source: DCOM) (EventID: 10010) (User: F94026-1)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/12/2017 04:00:20 PM) (Source: DCOM) (EventID: 10010) (User: F94026-1)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/12/2017 04:00:20 PM) (Source: DCOM) (EventID: 10010) (User: F94026-1)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/12/2017 04:00:20 PM) (Source: DCOM) (EventID: 10010) (User: F94026-1)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-08-12 15:59:28.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:59:28.386
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:59:28.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:51:09.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:49:24.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:46:39.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:42:42.496
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:41:34.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:40:28.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:39:57.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 32698.55 MB
Verfügbarer physikalischer RAM: 28325.21 MB
Summe virtueller Speicher: 37562.55 MB
Verfügbarer virtueller Speicher: 32593.55 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:461.37 GB) (Free:267.5 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1786.78 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 80B70726)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 80B70620)

Partition: GPT.

==================== Ende von Addition.txt ============================

Gottel62 · 13.08.2017, 20:04

Code:

ATTFilter

20:41:12.0429 0x2448  OS Version: 10.0.15063 ServicePack: 0.0
20:41:12.0429 0x2448  Product type: Workstation
20:41:12.0429 0x2448  ComputerName: F94026-1
20:41:12.0430 0x2448  UserName: Gotthard
20:41:12.0430 0x2448  Windows directory: C:\WINDOWS
20:41:12.0430 0x2448  System windows directory: C:\WINDOWS
20:41:12.0430 0x2448  Running under WOW64
20:41:12.0430 0x2448  Processor architecture: Intel x64
20:41:12.0430 0x2448  Number of processors: 8
20:41:12.0430 0x2448  Page size: 0x1000
20:41:12.0430 0x2448  Boot type: Normal boot
20:41:12.0430 0x2448  CodeIntegrityOptions = 0x00000001
20:41:12.0430 0x2448  ============================================================
20:41:12.0477 0x2448  KLMD registered as C:\WINDOWS\system32\drivers\85980437.sys
20:41:12.0477 0x2448  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
20:41:12.0569 0x2448  System UUID: {8572649F-E304-1B0A-BF3F-D0D2284B3EDE}
20:41:12.0872 0x2448  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:41:13.0388 0x2448  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:41:13.0417 0x2448  ============================================================
20:41:13.0417 0x2448  \Device\Harddisk0\DR0:
20:41:13.0418 0x2448  GPT partitions:
20:41:13.0418 0x2448  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4521C1A4-07DC-4A7E-8491-F16AB571F987}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x2EE000
20:41:13.0418 0x2448  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {29FEE062-8147-4D58-AD44-2514B5847D58}, Name: Microsoft reserved partition, StartLBA 0x2EE800, BlocksNum 0x3E8000
20:41:13.0418 0x2448  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B21B9DD8-2736-4F70-940F-B3C6749E703D}, Name: Basic data partition, StartLBA 0x6D6800, BlocksNum 0x1F4000
20:41:13.0418 0x2448  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EE2EC51F-C43F-4AA5-8197-B16CA140D8B9}, Name: Basic data partition, StartLBA 0x8CA800, BlocksNum 0x39ABB800
20:41:13.0418 0x2448  MBR partitions:
20:41:13.0418 0x2448  \Device\Harddisk1\DR1:
20:41:13.0418 0x2448  GPT partitions:
20:41:13.0419 0x2448  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3B205874-AFCD-42F6-8AEF-255F3046A899}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE8E08000
20:41:13.0419 0x2448  MBR partitions:
20:41:13.0419 0x2448  ============================================================
20:41:13.0419 0x2448  C: <-> \Device\Harddisk0\DR0\Partition4
20:41:13.0439 0x2448  D: <-> \Device\Harddisk1\DR1\Partition1
20:41:13.0439 0x2448  ============================================================
20:41:13.0439 0x2448  Initialize success
20:41:13.0439 0x2448  ============================================================
20:41:22.0677 0x2b24  ============================================================
20:41:22.0677 0x2b24  Scan started
20:41:22.0677 0x2b24  Mode: Manual; SigCheck; TDLFS; 
20:41:22.0677 0x2b24  ============================================================
20:41:22.0677 0x2b24  KSN ping started
20:41:22.0791 0x2b24  KSN ping finished: true
20:41:23.0059 0x2b24  ================ Scan system memory ========================
20:41:23.0059 0x2b24  System memory - ok
20:41:23.0059 0x2b24  ================ Scan services =============================
20:41:23.0081 0x2b24  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:41:23.0113 0x2b24  1394ohci - ok
20:41:23.0121 0x2b24  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:41:23.0128 0x2b24  3ware - ok
20:41:23.0138 0x2b24  [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:41:23.0153 0x2b24  ACPI - ok
20:41:23.0156 0x2b24  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
20:41:23.0163 0x2b24  AcpiDev - ok
20:41:23.0166 0x2b24  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:41:23.0173 0x2b24  acpiex - ok
20:41:23.0175 0x2b24  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:41:23.0183 0x2b24  acpipagr - ok
20:41:23.0185 0x2b24  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:41:23.0192 0x2b24  AcpiPmi - ok
20:41:23.0194 0x2b24  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:41:23.0200 0x2b24  acpitime - ok
20:41:23.0204 0x2b24  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:41:23.0209 0x2b24  AdobeARMservice - ok
20:41:23.0220 0x2b24  [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:41:23.0227 0x2b24  AdobeFlashPlayerUpdateSvc - ok
20:41:23.0244 0x2b24  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:41:23.0265 0x2b24  ADP80XX - ok
20:41:23.0275 0x2b24  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:41:23.0289 0x2b24  AFD - ok
20:41:23.0294 0x2b24  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:41:23.0306 0x2b24  ahcache - ok
20:41:23.0308 0x2b24  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:41:23.0316 0x2b24  AJRouter - ok
20:41:23.0318 0x2b24  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
20:41:23.0327 0x2b24  ALG - ok
20:41:23.0331 0x2b24  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:41:23.0341 0x2b24  AmdK8 - ok
20:41:23.0345 0x2b24  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:41:23.0355 0x2b24  AmdPPM - ok
20:41:23.0358 0x2b24  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:41:23.0363 0x2b24  amdsata - ok
20:41:23.0368 0x2b24  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:41:23.0377 0x2b24  amdsbs - ok
20:41:23.0379 0x2b24  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:41:23.0384 0x2b24  amdxata - ok
20:41:23.0388 0x2b24  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:41:23.0396 0x2b24  AppID - ok
20:41:23.0399 0x2b24  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:41:23.0409 0x2b24  AppIDSvc - ok
20:41:23.0412 0x2b24  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:41:23.0422 0x2b24  Appinfo - ok
20:41:23.0424 0x2b24  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
20:41:23.0436 0x2b24  applockerfltr - ok
20:41:23.0441 0x2b24  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:41:23.0451 0x2b24  AppMgmt - ok
20:41:23.0460 0x2b24  [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:41:23.0477 0x2b24  AppReadiness - ok
20:41:23.0489 0x2b24  [ E3404B730D313C5EA99969ACF3B5436B, 02513749EE7C08E4079D2F8B976D53F3CFDD05735C2A813699B6CB9F742F5219 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
20:41:23.0506 0x2b24  AppVClient - ok
20:41:23.0510 0x2b24  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
20:41:23.0517 0x2b24  AppvStrm - ok
20:41:23.0524 0x2b24  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
20:41:23.0531 0x2b24  AppvVemgr - ok
20:41:23.0535 0x2b24  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
20:41:23.0542 0x2b24  AppvVfs - ok
20:41:23.0573 0x2b24  [ A61222D41CE44B0C3592CEB57AB20B71, F7A136EF4850D76AF1868A8C93C201B3B00FCA1D9EDE77F65BAD04530CC84221 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:41:23.0628 0x2b24  AppXSvc - ok
20:41:23.0633 0x2b24  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:41:23.0640 0x2b24  arcsas - ok
20:41:23.0652 0x2b24  [ 6F67EE24ECD5FCB6086323EE6CCBF9CD, 9C84877903CB64494D0222C9ADE79AD172B09B87FCCCE6176695B8F1F325D41E ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
20:41:23.0664 0x2b24  asComSvc - ok
20:41:23.0667 0x2b24  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
20:41:23.0674 0x2b24  AsIO - ok
20:41:23.0676 0x2b24  asmthub3 - ok
20:41:23.0678 0x2b24  asmtxhci - ok
20:41:23.0689 0x2b24  [ 733C53B5EBF05DD043917D1087F7E02C, 3A3DC544BE264EEC0B3BC587AFE1631472FA433B0AB6EE745B8442072A8EAF43 ] AsRogAuraService C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe
20:41:23.0701 0x2b24  AsRogAuraService - ok
20:41:23.0704 0x2b24  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
20:41:23.0712 0x2b24  AsyncMac - ok
20:41:23.0715 0x2b24  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:41:23.0720 0x2b24  atapi - ok
20:41:23.0726 0x2b24  [ F82B9CD9FA43E68DEAC1E3EDC82C40FC, 3604B5FBDA459BA5B636A7642DE6A7E57EDA4971F7EA69D9B6CE5D288B59B730 ] AtherosSvc      C:\WINDOWS\system32\DRIVERS\AdminService.exe
20:41:23.0733 0x2b24  AtherosSvc - ok
20:41:23.0742 0x2b24  [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:41:23.0761 0x2b24  AudioEndpointBuilder - ok
20:41:23.0778 0x2b24  [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:41:23.0809 0x2b24  Audiosrv - ok
20:41:23.0825 0x2b24  [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
20:41:23.0841 0x2b24  avgsvc - ok
20:41:23.0848 0x2b24  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
20:41:23.0854 0x2b24  AVP17.0.0 - ok
20:41:23.0858 0x2b24  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:41:23.0867 0x2b24  AxInstSV - ok
20:41:23.0875 0x2b24  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:41:23.0887 0x2b24  b06bdrv - ok
20:41:23.0890 0x2b24  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:41:23.0898 0x2b24  BasicDisplay - ok
20:41:23.0900 0x2b24  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:41:23.0907 0x2b24  BasicRender - ok
20:41:23.0910 0x2b24  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:41:23.0916 0x2b24  bcmfn2 - ok
20:41:23.0922 0x2b24  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:41:23.0936 0x2b24  BDESVC - ok
20:41:23.0938 0x2b24  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:41:23.0944 0x2b24  Beep - ok
20:41:23.0962 0x2b24  [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
20:41:23.0984 0x2b24  BEService - ok
20:41:23.0996 0x2b24  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
20:41:24.0017 0x2b24  BFE - ok
20:41:24.0032 0x2b24  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
20:41:24.0066 0x2b24  BITS - ok
20:41:24.0070 0x2b24  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:41:24.0078 0x2b24  bowser - ok
20:41:24.0089 0x2b24  [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:41:24.0111 0x2b24  BrokerInfrastructure - ok
20:41:24.0115 0x2b24  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
20:41:24.0125 0x2b24  Browser - ok
20:41:24.0133 0x2b24  [ C02D899D157732C9CE194318011C57CF, 445FC5C14660BFADAD18B711D6CB95D6BB32BA74730580686698D27CE3ACACCA ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:41:24.0145 0x2b24  BtFilter - ok
20:41:24.0148 0x2b24  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:41:24.0156 0x2b24  BthAvrcpTg - ok
20:41:24.0159 0x2b24  [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:41:24.0166 0x2b24  BthHFEnum - ok
20:41:24.0169 0x2b24  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:41:24.0176 0x2b24  bthhfhid - ok
20:41:24.0183 0x2b24  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:41:24.0198 0x2b24  BthHFSrv - ok
20:41:24.0201 0x2b24  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:41:24.0209 0x2b24  BTHMODEM - ok
20:41:24.0221 0x2b24  [ 27B7348B88DE2F93C4FB4D53EC469AB0, 6B36724956C6A8AC453F279AF4CF70FD12BD57DFC68D880EBD84DFFDABF499BD ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
20:41:24.0245 0x2b24  BTHPORT - ok
20:41:24.0249 0x2b24  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:41:24.0259 0x2b24  bthserv - ok
20:41:24.0262 0x2b24  [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
20:41:24.0269 0x2b24  BTHUSB - ok
20:41:24.0272 0x2b24  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
20:41:24.0279 0x2b24  buttonconverter - ok
20:41:24.0282 0x2b24  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
20:41:24.0287 0x2b24  CAD - ok
20:41:24.0290 0x2b24  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
20:41:24.0298 0x2b24  CapImg - ok
20:41:24.0301 0x2b24  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:41:24.0309 0x2b24  cdfs - ok
20:41:24.0322 0x2b24  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
20:41:24.0346 0x2b24  CDPSvc - ok
20:41:24.0355 0x2b24  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
20:41:24.0371 0x2b24  CDPUserSvc - ok
20:41:24.0378 0x2b24  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:41:24.0386 0x2b24  cdrom - ok
20:41:24.0390 0x2b24  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:41:24.0400 0x2b24  CertPropSvc - ok
20:41:24.0406 0x2b24  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
20:41:24.0416 0x2b24  cht4iscsi - ok
20:41:24.0440 0x2b24  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
20:41:24.0475 0x2b24  cht4vbd - ok
20:41:24.0478 0x2b24  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:41:24.0485 0x2b24  circlass - ok
20:41:24.0487 0x2b24  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
20:41:24.0498 0x2b24  CldFlt - ok
20:41:24.0504 0x2b24  [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:41:24.0513 0x2b24  CLFS - ok
20:41:24.0525 0x2b24  [ F34283DE289AF82A97BCE6563D1E2BB4, 9725D041322AF70030E11EEF0FDB7D01FF2CF105FD90A4AF08F71E54725234C9 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
20:41:24.0542 0x2b24  ClipSVC - ok
20:41:24.0548 0x2b24  [ D29E6D1FA7022DED3D6DC4DC04D49FDC, 1FFFBE05752367672911B81D63303159F356D277519B1324CE5BCC9CA901BBEB ] CLKMSVC10_99E320F5 C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
20:41:24.0555 0x2b24  CLKMSVC10_99E320F5 - ok
20:41:24.0557 0x2b24  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
20:41:24.0565 0x2b24  clreg - ok
20:41:24.0570 0x2b24  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
20:41:24.0574 0x2b24  CLVirtualDrive - ok
20:41:24.0577 0x2b24  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:41:24.0583 0x2b24  CmBatt - ok
20:41:24.0588 0x2b24  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
20:41:24.0594 0x2b24  cm_km - ok
20:41:24.0603 0x2b24  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:41:24.0618 0x2b24  CNG - ok
20:41:24.0620 0x2b24  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:41:24.0626 0x2b24  cnghwassist - ok
20:41:24.0628 0x2b24  [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64    C:\WINDOWS\System32\drivers\lvbflt64.sys
20:41:24.0631 0x2b24  CompFilter64 - ok
20:41:24.0640 0x2b24  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
20:41:24.0647 0x2b24  CompositeBus - ok
20:41:24.0649 0x2b24  COMSysApp - ok
20:41:24.0651 0x2b24  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:41:24.0656 0x2b24  condrv - ok
20:41:24.0668 0x2b24  [ 9B7A6AD43CAA322C4E04B4E52FD7CDAD, D59F55602C273372F8787B35AC62192ED99CAD72BFF8BF03DF7BDD9E9BC37EE4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
20:41:24.0684 0x2b24  CoreMessagingRegistrar - ok
20:41:24.0688 0x2b24  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:41:24.0697 0x2b24  CryptSvc - ok
20:41:24.0705 0x2b24  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
20:41:24.0721 0x2b24  CSC - ok
20:41:24.0732 0x2b24  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\WINDOWS\System32\cscsvc.dll
20:41:24.0752 0x2b24  CscService - ok
20:41:24.0756 0x2b24  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:41:24.0762 0x2b24  dam - ok
20:41:24.0765 0x2b24  [ 91C6AE0AC957DF3DF234EAF69B29498B, B59B0524C117BE88D3E63560B52B7BAFBE0644DF898421D76B405DC8B9CD80C4 ] dc1-controller  C:\WINDOWS\System32\drivers\dc1-controller.sys
20:41:24.0772 0x2b24  dc1-controller - ok
20:41:24.0787 0x2b24  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:41:24.0813 0x2b24  DcomLaunch - ok
20:41:24.0821 0x2b24  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:41:24.0840 0x2b24  defragsvc - ok
20:41:24.0848 0x2b24  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:41:24.0863 0x2b24  DeviceAssociationService - ok
20:41:24.0866 0x2b24  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:41:24.0879 0x2b24  DeviceInstall - ok
20:41:24.0889 0x2b24  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
20:41:24.0909 0x2b24  DevicesFlowUserSvc - ok
20:41:24.0913 0x2b24  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:41:24.0920 0x2b24  DevQueryBroker - ok
20:41:24.0924 0x2b24  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:41:24.0938 0x2b24  Dfsc - ok
20:41:24.0942 0x2b24  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:41:24.0947 0x2b24  dg_ssudbus - ok
20:41:24.0954 0x2b24  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:41:24.0967 0x2b24  Dhcp - ok
20:41:24.0970 0x2b24  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:41:24.0978 0x2b24  diagnosticshub.standardcollector.service - ok
20:41:25.0006 0x2b24  [ 7AA8614A390EE2FB79BDD11154CF1A61, 32B27D6C010AAB3FF9E1FBCE2E750042A1EBB0736821B1EF3BB8D979892F85B5 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:41:25.0057 0x2b24  DiagTrack - ok
20:41:25.0061 0x2b24  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
20:41:25.0067 0x2b24  Disk - ok
20:41:25.0075 0x2b24  [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
20:41:25.0091 0x2b24  DmEnrollmentSvc - ok
20:41:25.0094 0x2b24  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:41:25.0101 0x2b24  dmvsc - ok
20:41:25.0103 0x2b24  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:41:25.0116 0x2b24  dmwappushservice - ok
20:41:25.0121 0x2b24  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:41:25.0133 0x2b24  Dnscache - ok
20:41:25.0137 0x2b24  [ 91746BC778124FF991074BDE75C32725, 9A6E11F9C3D58B7FFAA89686F7461380A00E492B13905123C7FD64910993636E ] Dolby DAX2 API Service C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
20:41:25.0143 0x2b24  Dolby DAX2 API Service - ok
20:41:25.0149 0x2b24  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:41:25.0161 0x2b24  dot3svc - ok
20:41:25.0165 0x2b24  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
20:41:25.0176 0x2b24  DPS - ok
20:41:25.0178 0x2b24  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
20:41:25.0183 0x2b24  drmkaud - ok
20:41:25.0188 0x2b24  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:41:25.0200 0x2b24  DsmSvc - ok
20:41:25.0203 0x2b24  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
20:41:25.0214 0x2b24  DsSvc - ok
20:41:25.0219 0x2b24  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
20:41:25.0236 0x2b24  DusmSvc - ok
20:41:25.0264 0x2b24  [ F1D8A5A6C39586717822C2AAB70663F4, 527CC5D18DF9B114352B49AC0645831C6C4F3FFA76692BDC2D9A90E9D14E5000 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:41:25.0303 0x2b24  DXGKrnl - ok
20:41:25.0313 0x2b24  [ B6897A89AEF6D88F87BEC49095D206EC, C76AFB527B8FDA64725F798D14FAE8193327F5219C1837D3A94915A640346A66 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
20:41:25.0324 0x2b24  e1dexpress - ok
20:41:25.0327 0x2b24  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:41:25.0341 0x2b24  EapHost - ok
20:41:25.0378 0x2b24  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:41:25.0431 0x2b24  ebdrv - ok
20:41:25.0436 0x2b24  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\WINDOWS\System32\lsass.exe
20:41:25.0441 0x2b24  EFS - ok
20:41:25.0444 0x2b24  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:41:25.0450 0x2b24  EhStorClass - ok
20:41:25.0453 0x2b24  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:41:25.0459 0x2b24  EhStorTcgDrv - ok
20:41:25.0463 0x2b24  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
20:41:25.0472 0x2b24  embeddedmode - ok
20:41:25.0478 0x2b24  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
20:41:25.0490 0x2b24  EntAppSvc - ok
20:41:25.0493 0x2b24  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:41:25.0499 0x2b24  ErrDev - ok
20:41:25.0503 0x2b24  [ 5C9CA030C451CB3553DB9094C68EE6E9, 0C2E6C874F4B19CA4A603B7767077378ABBDA325D9D73DB971D5DDF52C827745 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
20:41:25.0508 0x2b24  ESProtectionDriver - ok
20:41:25.0515 0x2b24  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
20:41:25.0529 0x2b24  EventSystem - ok
20:41:25.0534 0x2b24  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:41:25.0547 0x2b24  exfat - ok
20:41:25.0554 0x2b24  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:41:25.0564 0x2b24  fastfat - ok
20:41:25.0572 0x2b24  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:41:25.0591 0x2b24  Fax - ok
20:41:25.0594 0x2b24  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:41:25.0600 0x2b24  fdc - ok
20:41:25.0603 0x2b24  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:41:25.0610 0x2b24  fdPHost - ok
20:41:25.0612 0x2b24  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:41:25.0621 0x2b24  FDResPub - ok
20:41:25.0624 0x2b24  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:41:25.0634 0x2b24  fhsvc - ok
20:41:25.0637 0x2b24  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:41:25.0644 0x2b24  FileCrypt - ok
20:41:25.0646 0x2b24  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:41:25.0652 0x2b24  FileInfo - ok
20:41:25.0655 0x2b24  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:41:25.0664 0x2b24  Filetrace - ok
20:41:25.0666 0x2b24  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:41:25.0672 0x2b24  flpydisk - ok
20:41:25.0679 0x2b24  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:41:25.0689 0x2b24  FltMgr - ok
20:41:25.0710 0x2b24  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:41:25.0749 0x2b24  FontCache - ok
20:41:25.0753 0x2b24  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:41:25.0759 0x2b24  FontCache3.0.0.0 - ok
20:41:25.0767 0x2b24  [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
20:41:25.0784 0x2b24  FrameServer - ok
20:41:25.0787 0x2b24  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:41:25.0793 0x2b24  FsDepends - ok
20:41:25.0795 0x2b24  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:41:25.0800 0x2b24  Fs_Rec - ok
20:41:25.0811 0x2b24  [ 560AE7760EC108F92D2EA8638CC805CF, 6DA48D05641367477315B26A4466EF41BBB3896EF3DB0C050B86033C39C38C4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:41:25.0825 0x2b24  fvevol - ok
20:41:25.0828 0x2b24  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:41:25.0835 0x2b24  gencounter - ok
20:41:25.0837 0x2b24  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
20:41:25.0845 0x2b24  genericusbfn - ok
20:41:25.0847 0x2b24  [ 961136ACC7833732CC3A2722B10A10A1, 2F19AD65CC3686F4400D1784C8F77AEAE76F061999952190694E09AF1EF0488E ] GLCKIO          C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys
20:41:25.0851 0x2b24  GLCKIO - ok
20:41:25.0854 0x2b24  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:41:25.0861 0x2b24  GPIOClx0101 - ok
20:41:25.0878 0x2b24  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:41:25.0905 0x2b24  gpsvc - ok
20:41:25.0907 0x2b24  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:41:25.0919 0x2b24  GpuEnergyDrv - ok
20:41:25.0922 0x2b24  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:41:25.0927 0x2b24  gupdate - ok
20:41:25.0930 0x2b24  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:41:25.0934 0x2b24  gupdatem - ok
20:41:25.0937 0x2b24  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:41:25.0945 0x2b24  HDAudBus - ok
20:41:25.0947 0x2b24  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:41:25.0953 0x2b24  HidBatt - ok
20:41:25.0956 0x2b24  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:41:25.0964 0x2b24  HidBth - ok
20:41:25.0967 0x2b24  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:41:25.0973 0x2b24  hidi2c - ok
20:41:25.0976 0x2b24  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
20:41:25.0981 0x2b24  hidinterrupt - ok
20:41:25.0983 0x2b24  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:41:25.0990 0x2b24  HidIr - ok
20:41:25.0993 0x2b24  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:41:26.0000 0x2b24  hidserv - ok
20:41:26.0002 0x2b24  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:41:26.0009 0x2b24  HidUsb - ok
20:41:26.0014 0x2b24  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:41:26.0025 0x2b24  HomeGroupListener - ok
20:41:26.0032 0x2b24  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:41:26.0046 0x2b24  HomeGroupProvider - ok
20:41:26.0049 0x2b24  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:41:26.0055 0x2b24  HpSAMD - ok
20:41:26.0069 0x2b24  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:41:26.0089 0x2b24  HTTP - ok
20:41:26.0092 0x2b24  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
20:41:26.0098 0x2b24  HvHost - ok
20:41:26.0101 0x2b24  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
20:41:26.0107 0x2b24  hvservice - ok
20:41:26.0109 0x2b24  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:41:26.0114 0x2b24  hwpolicy - ok
20:41:26.0116 0x2b24  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:41:26.0122 0x2b24  hyperkbd - ok
20:41:26.0125 0x2b24  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:41:26.0133 0x2b24  i8042prt - ok
20:41:26.0135 0x2b24  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
20:41:26.0142 0x2b24  iagpio - ok
20:41:26.0145 0x2b24  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
20:41:26.0153 0x2b24  iai2c - ok
20:41:26.0156 0x2b24  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
20:41:26.0163 0x2b24  iaLPSS2i_GPIO2 - ok
20:41:26.0166 0x2b24  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
20:41:26.0174 0x2b24  iaLPSS2i_GPIO2_BXT_P - ok
20:41:26.0177 0x2b24  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
20:41:26.0187 0x2b24  iaLPSS2i_I2C - ok
20:41:26.0190 0x2b24  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
20:41:26.0199 0x2b24  iaLPSS2i_I2C_BXT_P - ok
20:41:26.0202 0x2b24  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:41:26.0206 0x2b24  iaLPSSi_GPIO - ok
20:41:26.0210 0x2b24  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:41:26.0218 0x2b24  iaLPSSi_I2C - ok
20:41:26.0230 0x2b24  [ 1D7340FD434178797DD77DCCBCF8C42F, E4C2488BAFC02832F29E85A6C2D7A9E57A598D2472CB57F801BC1AF8EB0CA104 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:41:26.0243 0x2b24  iaStorA - ok
20:41:26.0253 0x2b24  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:41:26.0268 0x2b24  iaStorAV - ok
20:41:26.0271 0x2b24  [ 71C0DF66C67DD99D645855D8F24F7124, 898E6FE4B8418232C1952656875180F8552BB6001C232EC716BBD8BAD516FF02 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:41:26.0277 0x2b24  IAStorDataMgrSvc - ok
20:41:26.0283 0x2b24  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:41:26.0294 0x2b24  iaStorV - ok
20:41:26.0302 0x2b24  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
20:41:26.0314 0x2b24  ibbus - ok
20:41:26.0319 0x2b24  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
20:41:26.0330 0x2b24  icssvc - ok
20:41:26.0342 0x2b24  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:41:26.0366 0x2b24  IKEEXT - ok
20:41:26.0369 0x2b24  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
20:41:26.0375 0x2b24  IndirectKmd - ok
20:41:26.0437 0x2b24  [ 9F2B5A4A22B59A9A19EDC7EDF2F0B64D, A1CCBEBFDD9FF15AFC129EC6CEE97AB50108D171F313A5E5E5F4E61880CB7F97 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:41:26.0512 0x2b24  IntcAzAudAddService - ok
20:41:26.0526 0x2b24  [ A0B66872DCF1BD5FDF5E26595D3A4A51, 76243493FB7CEAB10B540B693BB7E887F1F78B060FB339A99D4D5741A834B9D8 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:41:26.0542 0x2b24  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:41:26.0545 0x2b24  [ 77F8F2FF87EE24F2C028F819DBBF6D02, EA9C127C03747F8867A99D9F244722226E6697BF0018A6CFB2DE0D1E3D1C4D75 ] Intel(R) Online Connect C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
20:41:26.0549 0x2b24  Intel(R) Online Connect - ok
20:41:26.0551 0x2b24  [ 748C557130566EC181840D565C1B26BB, E998C0E779C731142C56BEAC42C8FE4BBF60AAC4D9A133572D0AF5018B005FE9 ] Intel(R) Online Connect Helper C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe
20:41:26.0555 0x2b24  Intel(R) Online Connect Helper - ok
20:41:26.0557 0x2b24  [ 5342C63C2E8540E123169377AD80C7CE, 8EE78A90DE0DA508569D9B03371381CC2A5DD91FE15D38FEB3559B7DD2E4E605 ] Intel(R) Online Connect Software Asset Manager C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
20:41:26.0562 0x2b24  Intel(R) Online Connect Software Asset Manager - ok
20:41:26.0570 0x2b24  [ C238848647F5F3BCCD600DD29ACFDB04, 84D5052AA91145CAF1B659577EAF063EE638DDEB9DA39036B3AC68A90B5461AD ] Intel(R) PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
20:41:26.0581 0x2b24  Intel(R) PROSet Monitoring Service - ok
20:41:26.0584 0x2b24  [ 380284CCAA213A086211700F00F86280, EA6D9602E7FF69FDABD32FD00AA92FBE5E7314F51B81C5B2B1A437A837F95FBE ] Intel(R) TechnologyAccessLegacyCSLoader C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
20:41:26.0591 0x2b24  Intel(R) TechnologyAccessLegacyCSLoader - ok
20:41:26.0598 0x2b24  [ D50232AC065B5FC0DB237A8D61801006, D6074EC8EFF8B2D43F8FC3B6251ACF554A6B9FFBA6131782F8B58152472E20E3 ] Intel(R) TechnologyAccessService C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
20:41:26.0608 0x2b24  Intel(R) TechnologyAccessService - ok
20:41:26.0615 0x2b24  [ D087B3CE15760ACEE7C09E99052DF197, 0C636DF08D58E319E570DFF961DD7D23985DD6A8E3008F13693A4BAA79B925F7 ] Intel(R) TPM Provisioning Service C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
20:41:26.0626 0x2b24  Intel(R) TPM Provisioning Service - ok
20:41:26.0628 0x2b24  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:41:26.0633 0x2b24  intelide - ok
20:41:26.0636 0x2b24  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:41:26.0642 0x2b24  intelpep - ok
20:41:26.0646 0x2b24  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:41:26.0655 0x2b24  intelppm - ok
20:41:26.0658 0x2b24  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
20:41:26.0663 0x2b24  iorate - ok
20:41:26.0666 0x2b24  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:41:26.0674 0x2b24  IpFilterDriver - ok
20:41:26.0686 0x2b24  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:41:26.0716 0x2b24  iphlpsvc - ok
20:41:26.0719 0x2b24  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:41:26.0725 0x2b24  IPMIDRV - ok
20:41:26.0729 0x2b24  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:41:26.0739 0x2b24  IPNAT - ok
20:41:26.0742 0x2b24  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
20:41:26.0754 0x2b24  IpxlatCfgSvc - ok
20:41:26.0758 0x2b24  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
20:41:26.0767 0x2b24  irda - ok
20:41:26.0769 0x2b24  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:41:26.0776 0x2b24  IRENUM - ok
20:41:26.0778 0x2b24  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
20:41:26.0786 0x2b24  irmon - ok
20:41:26.0788 0x2b24  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:41:26.0794 0x2b24  isapnp - ok
20:41:26.0799 0x2b24  [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:41:26.0807 0x2b24  iScsiPrt - ok
20:41:26.0811 0x2b24  [ 6B513F61BCCBA8BED259D8EF517872CC, 7401D473FC292D8DF7DB9CB06317A9E4A6255F6EE3F9CA1DA7CC2C57981BE13C ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:41:26.0819 0x2b24  jhi_service - ok
20:41:26.0822 0x2b24  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:41:26.0827 0x2b24  kbdclass - ok
20:41:26.0829 0x2b24  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:41:26.0836 0x2b24  kbdhid - ok
20:41:26.0838 0x2b24  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
20:41:26.0846 0x2b24  kdnic - ok
20:41:26.0848 0x2b24  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:41:26.0853 0x2b24  KeyIso - ok
20:41:26.0878 0x2b24  [ 26A1C53114FAA94FF7DBE761AD0821F8, B13056593C1D1C93933E13FD922E0DF9858B93514B9DB2DBF9A8AAD20FB96685 ] Killer Network Service C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
20:41:26.0912 0x2b24  Killer Network Service - ok
20:41:26.0921 0x2b24  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
20:41:26.0932 0x2b24  kl1 - ok
20:41:26.0935 0x2b24  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
20:41:26.0940 0x2b24  klbackupdisk - ok
20:41:26.0943 0x2b24  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
20:41:26.0947 0x2b24  klbackupflt - ok
20:41:26.0950 0x2b24  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
20:41:26.0955 0x2b24  kldisk - ok
20:41:26.0957 0x2b24  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
20:41:26.0963 0x2b24  klelam - ok
20:41:26.0967 0x2b24  [ 10F22365381D41EBD3BB08A7BEA15CDD, 02ACFF8E88307076AB97B937081296ABCDEF05BB1AEAA359E60148BA70B4A0BB ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
20:41:26.0973 0x2b24  klflt - ok
20:41:26.0982 0x2b24  [ 368E5BE52E16307F41C014EE850EE67F, 89125F851D75779535CAE46C9985FDA4AA23E6C5A1CA485A6195F950E730A018 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
20:41:26.0992 0x2b24  klhk - ok
20:41:26.0998 0x2b24  [ BD140112BE2AE22B9912206407AD76A4, 63BC0ADFE54BF101DC197C95168980E7E79C5280CB112400C5BD60DA904D7A10 ] klids           C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
20:41:27.0003 0x2b24  klids - ok
20:41:27.0017 0x2b24  [ A1DF9BDEDC9105F6085751CC2168F664, 61DC8F730A3721D5B5EF9440FED4E43EC651AB1D051535D9A2C960DD420B3C8A ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
20:41:27.0033 0x2b24  KLIF - ok
20:41:27.0036 0x2b24  [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
20:41:27.0040 0x2b24  KLIM6 - ok
20:41:27.0043 0x2b24  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
20:41:27.0048 0x2b24  klkbdflt - ok
20:41:27.0051 0x2b24  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:41:27.0056 0x2b24  klmouflt - ok
20:41:27.0058 0x2b24  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
20:41:27.0063 0x2b24  klpd - ok
20:41:27.0065 0x2b24  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\WINDOWS\System32\drivers\kltap.sys
20:41:27.0069 0x2b24  kltap - ok
20:41:27.0073 0x2b24  [ 097D722294B9C1FA6E514A088F2E6B6E, FB0492CAF45FDF7F656CFF6662309435679C946269577ECF76A3077B7D7F940B ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
20:41:27.0079 0x2b24  klupd_klif_arkmon - ok
20:41:27.0082 0x2b24  [ 34D207C9300529BE5E29267922483778, 6F2888A3E649B78477A568E8F8A2527493D9D0D1FD13822E5D90AE575D2041D2 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
20:41:27.0087 0x2b24  klupd_klif_kimul - ok
20:41:27.0092 0x2b24  [ 6A80ECDC10138AC34E48A4BE684E06F9, DF8BD9139B82614614D9E1B5DAEA74E4DF4D5CE95F11ED503FD3B8E07722A1CA ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
20:41:27.0098 0x2b24  klupd_klif_klark - ok
20:41:27.0101 0x2b24  [ EBC5ACF5F373981161752650BC17DD4E, 892A6758F5C7589D38A6A01D08F7B3F6D144591E0D3337C0E4B2CA9B66C70C37 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
20:41:27.0106 0x2b24  klupd_klif_klbg - ok
20:41:27.0110 0x2b24  [ D0B29808F37C6F6373AB16B716D9A1F8, 82E5760F0A313E43E3B9AF44E2A811021B84E7954CB5DC1462C7033AAEA8AF4B ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
20:41:27.0115 0x2b24  klupd_klif_mark - ok
20:41:27.0119 0x2b24  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe
20:41:27.0124 0x2b24  klvssbrigde64 - ok
20:41:27.0127 0x2b24  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
20:41:27.0132 0x2b24  klwfp - ok
20:41:27.0135 0x2b24  [ 4799405773BB400A2FF96663CF0EE4A2, F7650B80AC388675724D9A43D709FF9CCDE99374D7C5E3B900F61FC61D6816D2 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
20:41:27.0140 0x2b24  Klwtp - ok
20:41:27.0145 0x2b24  [ 2426B9215884C60F7E021AA94827DC57, 7030B40B3AD6012CB4B6B42D36F5A69C146A7A4B948FB2D29E9AFF6DF46202CA ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
20:41:27.0151 0x2b24  kneps - ok
20:41:27.0156 0x2b24  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
20:41:27.0163 0x2b24  KSDE1.0.0 - ok
20:41:27.0167 0x2b24  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:41:27.0174 0x2b24  KSecDD - ok
20:41:27.0178 0x2b24  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:41:27.0185 0x2b24  KSecPkg - ok
20:41:27.0187 0x2b24  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:41:27.0195 0x2b24  ksthunk - ok
20:41:27.0201 0x2b24  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:41:27.0214 0x2b24  KtmRm - ok
20:41:27.0219 0x2b24  [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:41:27.0231 0x2b24  LanmanServer - ok
20:41:27.0236 0x2b24  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:41:27.0249 0x2b24  LanmanWorkstation - ok
20:41:27.0255 0x2b24  [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:41:27.0262 0x2b24  LBTServ - ok
20:41:27.0266 0x2b24  [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb         C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
20:41:27.0271 0x2b24  LEqdUsb - ok
20:41:27.0273 0x2b24  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:41:27.0281 0x2b24  lfsvc - ok
20:41:27.0283 0x2b24  [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd         C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
20:41:27.0287 0x2b24  LHidEqd - ok
20:41:27.0290 0x2b24  [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:41:27.0294 0x2b24  LHidFilt - ok
20:41:27.0296 0x2b24  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
20:41:27.0304 0x2b24  LicenseManager - ok
20:41:27.0307 0x2b24  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:41:27.0319 0x2b24  lltdio - ok
20:41:27.0328 0x2b24  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:41:27.0343 0x2b24  lltdsvc - ok
20:41:27.0346 0x2b24  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:41:27.0353 0x2b24  lmhosts - ok
20:41:27.0356 0x2b24  [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:41:27.0360 0x2b24  LMouFilt - ok
20:41:27.0366 0x2b24  [ 3D8B6A2DE0DF3011E772ACD536B47233, 40E20028FF43086A03A62DA01EC475E60F344513E3EE28B2CAB6F0BE4A244321 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:41:27.0375 0x2b24  LMS - ok
20:41:27.0379 0x2b24  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:41:27.0385 0x2b24  LSI_SAS - ok
20:41:27.0389 0x2b24  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
20:41:27.0395 0x2b24  LSI_SAS2i - ok
20:41:27.0398 0x2b24  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
20:41:27.0404 0x2b24  LSI_SAS3i - ok
20:41:27.0407 0x2b24  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:41:27.0413 0x2b24  LSI_SSS - ok
20:41:27.0423 0x2b24  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
20:41:27.0442 0x2b24  LSM - ok
20:41:27.0446 0x2b24  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:41:27.0456 0x2b24  luafv - ok
20:41:27.0463 0x2b24  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
20:41:27.0470 0x2b24  lvrs64 - ok
20:41:27.0520 0x2b24  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
20:41:27.0582 0x2b24  LVUVC64 - ok
20:41:27.0587 0x2b24  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:41:27.0597 0x2b24  MapsBroker - ok
20:41:27.0603 0x2b24  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
20:41:27.0614 0x2b24  mausbhost - ok
20:41:27.0616 0x2b24  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
20:41:27.0621 0x2b24  mausbip - ok
20:41:27.0625 0x2b24  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
20:41:27.0631 0x2b24  MBAMChameleon - ok
20:41:27.0634 0x2b24  [ 19956478146DC7884812C24B74D7132E, D6795397398C942530B8618F15B7BE6FDB84BAD61DE1B61A9AB85EBCB29EAEF3 ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
20:41:27.0639 0x2b24  MBAMFarflt - ok
20:41:27.0642 0x2b24  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
20:41:27.0646 0x2b24  MBAMProtection - ok
20:41:27.0693 0x2b24  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
20:41:27.0742 0x2b24  MBAMService - ok
20:41:27.0750 0x2b24  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:41:27.0756 0x2b24  MBAMSwissArmy - ok
20:41:27.0760 0x2b24  [ 56D97EB1ACE0B76D500E7E1F1AB72023, 37A3103598CF739B36E370E2033BA208C499D6479F661820AA1708212D20FAFC ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
20:41:27.0764 0x2b24  MBAMWebProtection - ok
20:41:27.0767 0x2b24  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:41:27.0772 0x2b24  megasas - ok
20:41:27.0774 0x2b24  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
20:41:27.0779 0x2b24  megasas2i - ok
20:41:27.0788 0x2b24  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:41:27.0802 0x2b24  megasr - ok
20:41:27.0806 0x2b24  [ 0AC256421B38CEF110FD2C6A22421E65, 5D8AF9775DF9A1C3BA0AF87A042621B0587CA2F36BFCACEDF10F4CDCB0F0A2AB ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
20:41:27.0813 0x2b24  MEIx64 - ok
20:41:27.0816 0x2b24  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
20:41:27.0824 0x2b24  MessagingService - ok
20:41:27.0836 0x2b24  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
20:41:27.0853 0x2b24  mlx4_bus - ok
20:41:27.0856 0x2b24  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
20:41:27.0864 0x2b24  MMCSS - ok
20:41:27.0866 0x2b24  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:41:27.0874 0x2b24  Modem - ok
20:41:27.0876 0x2b24  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:41:27.0882 0x2b24  monitor - ok
20:41:27.0885 0x2b24  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:41:27.0890 0x2b24  mouclass - ok
20:41:27.0893 0x2b24  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:41:27.0900 0x2b24  mouhid - ok
20:41:27.0903 0x2b24  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:41:27.0910 0x2b24  mountmgr - ok
20:41:27.0913 0x2b24  [ 10867CC2A6FD56B3477BC5B6089DA70B, 18AADF3111F701F8428DBC1D66E4BE886C2124FFCD0223FA193C21F996752EE1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:41:27.0919 0x2b24  MozillaMaintenance - ok
20:41:27.0922 0x2b24  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:41:27.0930 0x2b24  mpsdrv - ok
20:41:27.0942 0x2b24  [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:41:27.0965 0x2b24  MpsSvc - ok
20:41:27.0969 0x2b24  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:41:27.0980 0x2b24  MRxDAV - ok
20:41:27.0987 0x2b24  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:41:27.0998 0x2b24  mrxsmb - ok
20:41:28.0003 0x2b24  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:41:28.0014 0x2b24  mrxsmb10 - ok
20:41:28.0019 0x2b24  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:41:28.0026 0x2b24  mrxsmb20 - ok
20:41:28.0030 0x2b24  [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:41:28.0038 0x2b24  MsBridge - ok
20:41:28.0042 0x2b24  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:41:28.0051 0x2b24  MSDTC - ok
20:41:28.0055 0x2b24  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:41:28.0062 0x2b24  Msfs - ok
20:41:28.0064 0x2b24  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:41:28.0069 0x2b24  msgpiowin32 - ok
20:41:28.0072 0x2b24  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:41:28.0078 0x2b24  mshidkmdf - ok
20:41:28.0080 0x2b24  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:41:28.0087 0x2b24  mshidumdf - ok
20:41:28.0089 0x2b24  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:41:28.0094 0x2b24  msisadrv - ok
20:41:28.0097 0x2b24  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:41:28.0107 0x2b24  MSiSCSI - ok
20:41:28.0109 0x2b24  msiserver - ok
20:41:28.0111 0x2b24  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
20:41:28.0119 0x2b24  MSKSSRV - ok
20:41:28.0122 0x2b24  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:41:28.0130 0x2b24  MsLldp - ok
20:41:28.0132 0x2b24  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
20:41:28.0144 0x2b24  MSPCLOCK - ok
20:41:28.0146 0x2b24  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
20:41:28.0158 0x2b24  MSPQM - ok
20:41:28.0164 0x2b24  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:41:28.0174 0x2b24  MsRPC - ok
20:41:28.0178 0x2b24  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
20:41:28.0186 0x2b24  MsSecFlt - ok
20:41:28.0189 0x2b24  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:41:28.0194 0x2b24  mssmbios - ok
20:41:28.0195 0x2b24  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
20:41:28.0207 0x2b24  MSTEE - ok
20:41:28.0213 0x2b24  [ 03B10F7E7244E6A41922394C3116929D, 2497D05048D4179F734092DA7A3D372B6F6E934E09E5C9DABDFA23C6DAD25E8A ] mt7612US        C:\WINDOWS\System32\drivers\mt7612US.sys
20:41:28.0226 0x2b24  mt7612US - ok
20:41:28.0228 0x2b24  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:41:28.0235 0x2b24  MTConfig - ok
20:41:28.0238 0x2b24  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:41:28.0244 0x2b24  Mup - ok
20:41:28.0247 0x2b24  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:41:28.0252 0x2b24  mvumis - ok
20:41:28.0255 0x2b24  [ B32497762D916DBA6C827E31205B67DD, 5F6547E9823F94C5B94AF1FB69A967C4902F72B6E0C783804835E6CE27F887B0 ] NAL             C:\WINDOWS\system32\Drivers\iqvw64e.sys
20:41:28.0259 0x2b24  NAL - ok
20:41:28.0269 0x2b24  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:41:28.0286 0x2b24  NativeWifiP - ok
20:41:28.0296 0x2b24  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
20:41:28.0320 0x2b24  NaturalAuthentication - ok
20:41:28.0331 0x2b24  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
20:41:28.0343 0x2b24  NAUpdate - ok
20:41:28.0347 0x2b24  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:41:28.0358 0x2b24  NcaSvc - ok
20:41:28.0364 0x2b24  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:41:28.0378 0x2b24  NcbService - ok
20:41:28.0381 0x2b24  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:41:28.0391 0x2b24  NcdAutoSetup - ok
20:41:28.0394 0x2b24  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
20:41:28.0400 0x2b24  ndfltr - ok
20:41:28.0416 0x2b24  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:41:28.0438 0x2b24  NDIS - ok
20:41:28.0440 0x2b24  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:41:28.0452 0x2b24  NdisCap - ok
20:41:28.0455 0x2b24  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
20:41:28.0468 0x2b24  NdisImPlatform - ok
20:41:28.0471 0x2b24  [ 7AAE5671C49AC344B1B83EC893D5B7CD, A4303F773E9FDF2BABFDB73223AF647EA25E26AF8155D0CC4A46D2199778E0D9 ] ndisrd          C:\WINDOWS\system32\DRIVERS\ndisrfl.sys
20:41:28.0476 0x2b24  ndisrd - ok
20:41:28.0478 0x2b24  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:41:28.0490 0x2b24  NdisTapi - ok
20:41:28.0492 0x2b24  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
20:41:28.0499 0x2b24  Ndisuio - ok
20:41:28.0504 0x2b24  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:41:28.0511 0x2b24  NdisVirtualBus - ok
20:41:28.0515 0x2b24  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
20:41:28.0530 0x2b24  NdisWan - ok
20:41:28.0534 0x2b24  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:41:28.0548 0x2b24  ndiswanlegacy - ok
20:41:28.0551 0x2b24  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
20:41:28.0564 0x2b24  ndproxy - ok
20:41:28.0567 0x2b24  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:41:28.0581 0x2b24  Ndu - ok
20:41:28.0584 0x2b24  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
20:41:28.0593 0x2b24  NetAdapterCx - ok
20:41:28.0595 0x2b24  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
20:41:28.0601 0x2b24  NetBIOS - ok
20:41:28.0607 0x2b24  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:41:28.0619 0x2b24  NetBT - ok
20:41:28.0621 0x2b24  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:41:28.0627 0x2b24  Netlogon - ok
20:41:28.0631 0x2b24  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
20:41:28.0643 0x2b24  Netman - ok
20:41:28.0651 0x2b24  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:41:28.0672 0x2b24  netprofm - ok
20:41:28.0677 0x2b24  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
20:41:28.0689 0x2b24  NetSetupSvc - ok
20:41:28.0694 0x2b24  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:28.0700 0x2b24  NetTcpPortSharing - ok
20:41:28.0703 0x2b24  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
20:41:28.0712 0x2b24  netvsc - ok
20:41:28.0721 0x2b24  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
20:41:28.0737 0x2b24  NgcCtnrSvc - ok
20:41:28.0751 0x2b24  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
20:41:28.0780 0x2b24  NgcSvc - ok
20:41:28.0787 0x2b24  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:41:28.0805 0x2b24  NlaSvc - ok
20:41:28.0807 0x2b24  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:41:28.0815 0x2b24  Npfs - ok
20:41:28.0817 0x2b24  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:41:28.0823 0x2b24  npsvctrig - ok
20:41:28.0825 0x2b24  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:41:28.0833 0x2b24  nsi - ok
20:41:28.0835 0x2b24  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:41:28.0842 0x2b24  nsiproxy - ok
20:41:28.0869 0x2b24  [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
20:41:28.0905 0x2b24  NTFS - ok
20:41:28.0908 0x2b24  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:41:28.0915 0x2b24  Null - ok
20:41:28.0922 0x2b24  [ C1F85D44C56DAD7545A1918BF421B30F, 612C59657D9FC548D2287E11032FCFB70F54362B4DD771CF3193C48BCD75A150 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
20:41:28.0931 0x2b24  NvContainerLocalSystem - ok
20:41:28.0937 0x2b24  [ C1F85D44C56DAD7545A1918BF421B30F, 612C59657D9FC548D2287E11032FCFB70F54362B4DD771CF3193C48BCD75A150 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
20:41:28.0946 0x2b24  NvContainerNetworkService - ok
20:41:28.0949 0x2b24  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
20:41:28.0957 0x2b24  nvdimmn - ok
20:41:28.0962 0x2b24  [ 4938CCA6E12A7FDA5324FFF0DF5DB8EC, 053D4D21014020C0D39F7BFC480EAE1458E1ABA1C40E11190204C4A2CB0D46EF ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
20:41:28.0969 0x2b24  NVHDA - ok
20:41:29.0133 0x2b24  [ C365345970E944050D98B25F5AF2829A, C82ACFAB625164DA3A4B3D7778BFB0A97B688AC230319C124F1ABDC6AE5C7BE7 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys
20:41:29.0325 0x2b24  nvlddmkm - ok
20:41:29.0337 0x2b24  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:41:29.0344 0x2b24  nvraid - ok
20:41:29.0348 0x2b24  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:41:29.0355 0x2b24  nvstor - ok
20:41:29.0357 0x2b24  [ D80133F0F0E1B01AB401EB8EDDED2401, 33AD733BCC62CF0741272FBA78B9FCCA26B63A80C869D78B1DB27E96C71311FE ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:41:29.0361 0x2b24  NvStreamKms - ok
20:41:29.0368 0x2b24  [ 9CAD9C932B4F8F8E3B50630C811815F7, 34ECE47CC59C41ECF48DE85D16022B8D03F399D603557B73D990EB01C8E07339 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
20:41:29.0375 0x2b24  NvTelemetryContainer - ok
20:41:29.0378 0x2b24  [ 3569074FE33A57E74A49E9B71A316714, 12EA5B1BAD6B535B4C8D822557712D13DF5EAD26CB4BC85B9309664BFB20200D ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:41:29.0382 0x2b24  nvvad_WaveExtensible - ok
20:41:29.0385 0x2b24  [ A7EA9AD2DEEECE2F1211261A34C480FB, ED5D324358044D5703D5E88150F9B407A4BF51742A6E574C132AB9E7E02C0C77 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
20:41:29.0389 0x2b24  nvvhci - ok
20:41:29.0395 0x2b24  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
20:41:29.0414 0x2b24  OneSyncSvc - ok
20:41:29.0440 0x2b24  [ D414CEA922A4D9039E0E15E886F4AB77, 02A0DE05ECF083E814A654B19BD6A060072D9D411AF9448CD99279708635A7DA ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:41:29.0470 0x2b24  Origin Client Service - ok
20:41:29.0506 0x2b24  [ AEB0EABD39BA46A99F79E18B89260493, E357C453E90AFE521330937D2F3C301D33E99BE9BC30817F3222E667E0BCB161 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
20:41:29.0541 0x2b24  Origin Web Helper Service - ok
20:41:29.0548 0x2b24  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:41:29.0561 0x2b24  p2pimsvc - ok
20:41:29.0568 0x2b24  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:41:29.0582 0x2b24  p2psvc - ok

Gottel62 · 13.08.2017, 20:10

Code:

ATTFilter

b24  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:41:29.0593 0x2b24  Parport - ok
20:41:29.0597 0x2b24  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:41:29.0603 0x2b24  partmgr - ok
20:41:29.0612 0x2b24  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:41:29.0625 0x2b24  PcaSvc - ok
20:41:29.0631 0x2b24  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:41:29.0640 0x2b24  pci - ok
20:41:29.0642 0x2b24  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:41:29.0647 0x2b24  pciide - ok
20:41:29.0650 0x2b24  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:41:29.0657 0x2b24  pcmcia - ok
20:41:29.0659 0x2b24  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:41:29.0664 0x2b24  pcw - ok
20:41:29.0667 0x2b24  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:41:29.0673 0x2b24  pdc - ok
20:41:29.0683 0x2b24  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:41:29.0707 0x2b24  PEAUTH - ok
20:41:29.0730 0x2b24  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
20:41:29.0773 0x2b24  PeerDistSvc - ok
20:41:29.0778 0x2b24  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
20:41:29.0783 0x2b24  percsas2i - ok
20:41:29.0786 0x2b24  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
20:41:29.0791 0x2b24  percsas3i - ok
20:41:29.0800 0x2b24  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:41:29.0812 0x2b24  PerfHost - ok
20:41:29.0825 0x2b24  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
20:41:29.0851 0x2b24  PhoneSvc - ok
20:41:29.0855 0x2b24  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
20:41:29.0865 0x2b24  PimIndexMaintenanceSvc - ok
20:41:29.0884 0x2b24  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
20:41:29.0915 0x2b24  pla - ok
20:41:29.0919 0x2b24  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:41:29.0931 0x2b24  PlugPlay - ok
20:41:29.0934 0x2b24  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
20:41:29.0942 0x2b24  pmem - ok
20:41:29.0944 0x2b24  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:41:29.0951 0x2b24  PNRPAutoReg - ok
20:41:29.0957 0x2b24  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:41:29.0968 0x2b24  PNRPsvc - ok
20:41:29.0975 0x2b24  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:41:29.0991 0x2b24  PolicyAgent - ok
20:41:29.0995 0x2b24  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
20:41:30.0004 0x2b24  Power - ok
20:41:30.0007 0x2b24  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
20:41:30.0020 0x2b24  PptpMiniport - ok
20:41:30.0053 0x2b24  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:41:30.0105 0x2b24  PrintNotify - ok
20:41:30.0110 0x2b24  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:41:30.0119 0x2b24  Processor - ok
20:41:30.0126 0x2b24  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:41:30.0141 0x2b24  ProfSvc - ok
20:41:30.0145 0x2b24  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
20:41:30.0152 0x2b24  Psched - ok
20:41:30.0179 0x2b24  [ B50E9C1FAED3E147D9B3ECFC91099067, 545E8D25BC65BE133E5B2545D4FBFFF190594722B1AA8784B1D71D39A8E976D0 ] Qcamain10x64    C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys
20:41:30.0216 0x2b24  Qcamain10x64 - ok
20:41:30.0224 0x2b24  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:41:30.0240 0x2b24  QWAVE - ok
20:41:30.0242 0x2b24  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:41:30.0253 0x2b24  QWAVEdrv - ok
20:41:30.0256 0x2b24  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:41:30.0262 0x2b24  RasAcd - ok
20:41:30.0266 0x2b24  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
20:41:30.0279 0x2b24  RasAgileVpn - ok
20:41:30.0282 0x2b24  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:41:30.0291 0x2b24  RasAuto - ok
20:41:30.0294 0x2b24  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
20:41:30.0308 0x2b24  Rasl2tp - ok
20:41:30.0319 0x2b24  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:41:30.0342 0x2b24  RasMan - ok
20:41:30.0345 0x2b24  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:41:30.0353 0x2b24  RasPppoe - ok
20:41:30.0356 0x2b24  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
20:41:30.0369 0x2b24  RasSstp - ok
20:41:30.0376 0x2b24  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:41:30.0387 0x2b24  rdbss - ok
20:41:30.0390 0x2b24  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:41:30.0397 0x2b24  rdpbus - ok
20:41:30.0401 0x2b24  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:41:30.0409 0x2b24  RDPDR - ok
20:41:30.0413 0x2b24  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:41:30.0418 0x2b24  RdpVideoMiniport - ok
20:41:30.0424 0x2b24  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:41:30.0432 0x2b24  rdyboost - ok
20:41:30.0453 0x2b24  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
20:41:30.0483 0x2b24  ReFS - ok
20:41:30.0497 0x2b24  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
20:41:30.0515 0x2b24  ReFSv1 - ok
20:41:30.0524 0x2b24  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:41:30.0540 0x2b24  RemoteAccess - ok
20:41:30.0544 0x2b24  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:41:30.0558 0x2b24  RemoteRegistry - ok
20:41:30.0566 0x2b24  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
20:41:30.0584 0x2b24  RetailDemo - ok
20:41:30.0588 0x2b24  [ 8A644F18C244520FC4D0B7863E98DDF5, 51A23A031842F4AF31FE94EEB0B28CF9C7EFFD5242CC09F6972C8784A7767783 ] RfeCoSvc        C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys
20:41:30.0592 0x2b24  RfeCoSvc - ok
20:41:30.0596 0x2b24  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
20:41:30.0611 0x2b24  RmSvc - ok
20:41:30.0613 0x2b24  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:41:30.0621 0x2b24  RpcEptMapper - ok
20:41:30.0624 0x2b24  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:41:30.0630 0x2b24  RpcLocator - ok
20:41:30.0644 0x2b24  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:41:30.0667 0x2b24  RpcSs - ok
20:41:30.0671 0x2b24  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:41:30.0682 0x2b24  rspndr - ok
20:41:30.0685 0x2b24  [ 6A094D8E4B00DD1D93EB494099E98478, D7DDF874304556F8A10942A29B3D387CB5155A7419F87813557FE728CB14806D ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
20:41:30.0689 0x2b24  RTCore64 - ok
20:41:30.0691 0x2b24  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:41:30.0697 0x2b24  s3cap - ok
20:41:30.0699 0x2b24  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\WINDOWS\system32\lsass.exe
20:41:30.0705 0x2b24  SamSs - ok
20:41:30.0708 0x2b24  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:41:30.0714 0x2b24  sbp2port - ok
20:41:30.0719 0x2b24  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:41:30.0730 0x2b24  SCardSvr - ok
20:41:30.0734 0x2b24  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:41:30.0744 0x2b24  ScDeviceEnum - ok
20:41:30.0747 0x2b24  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:41:30.0754 0x2b24  scfilter - ok
20:41:30.0765 0x2b24  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:41:30.0792 0x2b24  Schedule - ok
20:41:30.0796 0x2b24  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
20:41:30.0803 0x2b24  scmbus - ok
20:41:30.0806 0x2b24  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:41:30.0815 0x2b24  SCPolicySvc - ok
20:41:30.0820 0x2b24  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:41:30.0828 0x2b24  sdbus - ok
20:41:30.0831 0x2b24  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
20:41:30.0836 0x2b24  SDFRd - ok
20:41:30.0839 0x2b24  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
20:41:30.0849 0x2b24  SDRSVC - ok
20:41:30.0852 0x2b24  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:41:30.0858 0x2b24  sdstor - ok
20:41:30.0860 0x2b24  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:41:30.0872 0x2b24  seclogon - ok
20:41:30.0877 0x2b24  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
20:41:30.0887 0x2b24  SecurityHealthService - ok
20:41:30.0904 0x2b24  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
20:41:30.0933 0x2b24  SEMgrSvc - ok
20:41:30.0936 0x2b24  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
20:41:30.0945 0x2b24  SENS - ok
20:41:30.0947 0x2b24  Sense - ok
20:41:30.0963 0x2b24  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
20:41:30.0997 0x2b24  SensorDataService - ok
20:41:31.0006 0x2b24  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\WINDOWS\system32\SensorService.dll
20:41:31.0022 0x2b24  SensorService - ok
20:41:31.0027 0x2b24  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:41:31.0038 0x2b24  SensrSvc - ok
20:41:31.0041 0x2b24  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:41:31.0047 0x2b24  SerCx - ok
20:41:31.0050 0x2b24  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:41:31.0057 0x2b24  SerCx2 - ok
20:41:31.0059 0x2b24  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:41:31.0066 0x2b24  Serenum - ok
20:41:31.0069 0x2b24  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:41:31.0076 0x2b24  Serial - ok
20:41:31.0078 0x2b24  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:41:31.0085 0x2b24  sermouse - ok
20:41:31.0094 0x2b24  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:41:31.0107 0x2b24  SessionEnv - ok
20:41:31.0109 0x2b24  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:41:31.0115 0x2b24  sfloppy - ok
20:41:31.0123 0x2b24  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:41:31.0144 0x2b24  SharedAccess - ok
20:41:31.0155 0x2b24  [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:41:31.0173 0x2b24  ShellHWDetection - ok
20:41:31.0178 0x2b24  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
20:41:31.0189 0x2b24  shpamsvc - ok
20:41:31.0191 0x2b24  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:41:31.0197 0x2b24  SiSRaid2 - ok
20:41:31.0199 0x2b24  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:41:31.0204 0x2b24  SiSRaid4 - ok
20:41:31.0207 0x2b24  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
20:41:31.0222 0x2b24  smphost - ok
20:41:31.0230 0x2b24  [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
20:41:31.0248 0x2b24  SmsRouter - ok
20:41:31.0252 0x2b24  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:41:31.0259 0x2b24  SNMPTRAP - ok
20:41:31.0268 0x2b24  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:41:31.0281 0x2b24  spaceport - ok
20:41:31.0284 0x2b24  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
20:41:31.0289 0x2b24  SpatialGraphFilter - ok
20:41:31.0292 0x2b24  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:41:31.0298 0x2b24  SpbCx - ok
20:41:31.0310 0x2b24  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
20:41:31.0333 0x2b24  spectrum - ok
20:41:31.0344 0x2b24  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:41:31.0364 0x2b24  Spooler - ok
20:41:31.0412 0x2b24  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:41:31.0473 0x2b24  sppsvc - ok
20:41:31.0483 0x2b24  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:41:31.0497 0x2b24  srv - ok
20:41:31.0507 0x2b24  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:41:31.0526 0x2b24  srv2 - ok
20:41:31.0532 0x2b24  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:41:31.0546 0x2b24  srvnet - ok
20:41:31.0551 0x2b24  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:41:31.0567 0x2b24  SSDPSRV - ok
20:41:31.0572 0x2b24  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:41:31.0583 0x2b24  SstpSvc - ok
20:41:31.0587 0x2b24  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:41:31.0593 0x2b24  ssudmdm - ok
20:41:31.0649 0x2b24  [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
20:41:31.0719 0x2b24  StateRepository - ok
20:41:31.0741 0x2b24  [ 03404CCE10E4A207953E954C2AF8D41E, 380841C60C7730E14F81C2E2D011E944BE45CA082997B82A4859C2E49F812D01 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:41:31.0764 0x2b24  Steam Client Service - ok
20:41:31.0767 0x2b24  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:41:31.0773 0x2b24  stexstor - ok
20:41:31.0781 0x2b24  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:41:31.0800 0x2b24  stisvc - ok
20:41:31.0804 0x2b24  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:41:31.0811 0x2b24  storahci - ok
20:41:31.0814 0x2b24  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:41:31.0819 0x2b24  storflt - ok
20:41:31.0822 0x2b24  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:41:31.0828 0x2b24  stornvme - ok
20:41:31.0831 0x2b24  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
20:41:31.0838 0x2b24  storqosflt - ok
20:41:31.0849 0x2b24  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:41:31.0869 0x2b24  StorSvc - ok
20:41:31.0872 0x2b24  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
20:41:31.0877 0x2b24  storufs - ok
20:41:31.0880 0x2b24  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:41:31.0885 0x2b24  storvsc - ok
20:41:31.0887 0x2b24  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:41:31.0897 0x2b24  svsvc - ok
20:41:31.0899 0x2b24  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:41:31.0903 0x2b24  swenum - ok
20:41:31.0910 0x2b24  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
20:41:31.0927 0x2b24  swprv - ok
20:41:31.0930 0x2b24  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
20:41:31.0937 0x2b24  Synth3dVsc - ok
20:41:31.0950 0x2b24  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:41:31.0971 0x2b24  SysMain - ok
20:41:31.0977 0x2b24  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:41:31.0989 0x2b24  SystemEventsBroker - ok
20:41:31.0994 0x2b24  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:41:32.0003 0x2b24  TabletInputService - ok
20:41:32.0008 0x2b24  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:41:32.0022 0x2b24  TapiSrv - ok
20:41:32.0051 0x2b24  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:41:32.0093 0x2b24  Tcpip - ok
20:41:32.0123 0x2b24  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
20:41:32.0160 0x2b24  Tcpip6 - ok
20:41:32.0166 0x2b24  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:41:32.0173 0x2b24  tcpipreg - ok
20:41:32.0177 0x2b24  [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:41:32.0184 0x2b24  tdx - ok
20:41:32.0186 0x2b24  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:41:32.0191 0x2b24  terminpt - ok
20:41:32.0204 0x2b24  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:41:32.0228 0x2b24  TermService - ok
20:41:32.0231 0x2b24  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:41:32.0242 0x2b24  Themes - ok
20:41:32.0247 0x2b24  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
20:41:32.0261 0x2b24  TieringEngineService - ok
20:41:32.0270 0x2b24  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
20:41:32.0288 0x2b24  tiledatamodelsvc - ok
20:41:32.0293 0x2b24  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
20:41:32.0302 0x2b24  TimeBrokerSvc - ok
20:41:32.0315 0x2b24  [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
20:41:32.0340 0x2b24  TokenBroker - ok
20:41:32.0346 0x2b24  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:41:32.0353 0x2b24  TPM - ok
20:41:32.0357 0x2b24  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:41:32.0365 0x2b24  TrkWks - ok
20:41:32.0368 0x2b24  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:41:32.0376 0x2b24  TrustedInstaller - ok
20:41:32.0380 0x2b24  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:41:32.0388 0x2b24  TsUsbFlt - ok
20:41:32.0391 0x2b24  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:41:32.0397 0x2b24  TsUsbGD - ok
20:41:32.0401 0x2b24  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
20:41:32.0410 0x2b24  tsusbhub - ok
20:41:32.0473 0x2b24  [ A7727DAD653AFC812C154A8A3334914D, D760B98534A238FAB54D57C842CF21EF0634AA9652E160B4E861543A43AD2A65 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
20:41:32.0536 0x2b24  TuneUp.UtilitiesSvc - ok
20:41:32.0542 0x2b24  [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
20:41:32.0545 0x2b24  TuneUpUtilitiesDrv - ok
20:41:32.0549 0x2b24  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
20:41:32.0564 0x2b24  tunnel - ok
20:41:32.0567 0x2b24  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
20:41:32.0576 0x2b24  tzautoupdate - ok
20:41:32.0578 0x2b24  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:41:32.0584 0x2b24  UASPStor - ok
20:41:32.0588 0x2b24  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
20:41:32.0597 0x2b24  UcmCx0101 - ok
20:41:32.0601 0x2b24  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
20:41:32.0609 0x2b24  UcmTcpciCx0101 - ok
20:41:32.0612 0x2b24  [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
20:41:32.0619 0x2b24  UcmUcsi - ok
20:41:32.0624 0x2b24  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
20:41:32.0631 0x2b24  Ucx01000 - ok
20:41:32.0634 0x2b24  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
20:41:32.0641 0x2b24  UdeCx - ok
20:41:32.0646 0x2b24  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:41:32.0662 0x2b24  udfs - ok
20:41:32.0664 0x2b24  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:41:32.0669 0x2b24  UEFI - ok
20:41:32.0671 0x2b24  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
20:41:32.0677 0x2b24  UevAgentDriver - ok
20:41:32.0693 0x2b24  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
20:41:32.0721 0x2b24  UevAgentService - ok
20:41:32.0726 0x2b24  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
20:41:32.0735 0x2b24  Ufx01000 - ok
20:41:32.0738 0x2b24  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
20:41:32.0745 0x2b24  UfxChipidea - ok
20:41:32.0748 0x2b24  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
20:41:32.0755 0x2b24  ufxsynopsys - ok
20:41:32.0760 0x2b24  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:41:32.0768 0x2b24  UI0Detect - ok
20:41:32.0770 0x2b24  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:41:32.0778 0x2b24  umbus - ok
20:41:32.0780 0x2b24  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:41:32.0786 0x2b24  UmPass - ok
20:41:32.0791 0x2b24  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:41:32.0803 0x2b24  UmRdpService - ok
20:41:32.0818 0x2b24  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
20:41:32.0846 0x2b24  UnistoreSvc - ok
20:41:32.0854 0x2b24  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:41:32.0873 0x2b24  upnphost - ok
20:41:32.0875 0x2b24  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
20:41:32.0880 0x2b24  UrsChipidea - ok
20:41:32.0883 0x2b24  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:41:32.0889 0x2b24  UrsCx01000 - ok
20:41:32.0891 0x2b24  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
20:41:32.0896 0x2b24  UrsSynopsys - ok
20:41:32.0900 0x2b24  [ FC318082D0793B76C766A8DFD4C247C5, F547C643A16D580BD96BC20DC901A8210875812EDABD57DD65F20A915A877CB3 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:41:32.0909 0x2b24  usbaudio - ok
20:41:32.0912 0x2b24  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:41:32.0919 0x2b24  usbccgp - ok
20:41:32.0923 0x2b24  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:41:32.0932 0x2b24  usbcir - ok
20:41:32.0936 0x2b24  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:41:32.0942 0x2b24  usbehci - ok
20:41:32.0950 0x2b24  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:41:32.0961 0x2b24  usbhub - ok
20:41:32.0970 0x2b24  [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:41:32.0982 0x2b24  USBHUB3 - ok
20:41:32.0985 0x2b24  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:41:32.0991 0x2b24  usbohci - ok
20:41:32.0994 0x2b24  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:41:33.0001 0x2b24  usbprint - ok
20:41:33.0003 0x2b24  [ 96B48485A7CC2C0A63C196A16403C5F3, 4E364DE1FE19D14D5BA4F4360563BB49F4DEC90430771C12376C0B1BB70CFD37 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:41:33.0010 0x2b24  usbscan - ok
20:41:33.0013 0x2b24  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
20:41:33.0020 0x2b24  usbser - ok
20:41:33.0024 0x2b24  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:41:33.0030 0x2b24  USBSTOR - ok
20:41:33.0032 0x2b24  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:41:33.0039 0x2b24  usbuhci - ok
20:41:33.0046 0x2b24  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:41:33.0055 0x2b24  USBXHCI - ok
20:41:33.0076 0x2b24  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
20:41:33.0112 0x2b24  UserDataSvc - ok
20:41:33.0126 0x2b24  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
20:41:33.0154 0x2b24  UserManager - ok
20:41:33.0164 0x2b24  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
20:41:33.0181 0x2b24  UsoSvc - ok
20:41:33.0184 0x2b24  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:41:33.0189 0x2b24  VaultSvc - ok
20:41:33.0192 0x2b24  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:41:33.0197 0x2b24  vdrvroot - ok
20:41:33.0206 0x2b24  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
20:41:33.0226 0x2b24  vds - ok
20:41:33.0231 0x2b24  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:41:33.0239 0x2b24  VerifierExt - ok
20:41:33.0249 0x2b24  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:41:33.0264 0x2b24  vhdmp - ok
20:41:33.0267 0x2b24  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
20:41:33.0274 0x2b24  vhf - ok
20:41:33.0277 0x2b24  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:41:33.0283 0x2b24  vmbus - ok
20:41:33.0285 0x2b24  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:41:33.0292 0x2b24  VMBusHID - ok
20:41:33.0294 0x2b24  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
20:41:33.0301 0x2b24  vmgid - ok
20:41:33.0306 0x2b24  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
20:41:33.0317 0x2b24  vmicguestinterface - ok
20:41:33.0322 0x2b24  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
20:41:33.0332 0x2b24  vmicheartbeat - ok
20:41:33.0337 0x2b24  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
20:41:33.0347 0x2b24  vmickvpexchange - ok
20:41:33.0353 0x2b24  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
20:41:33.0365 0x2b24  vmicrdv - ok
20:41:33.0370 0x2b24  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
20:41:33.0380 0x2b24  vmicshutdown - ok
20:41:33.0385 0x2b24  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
20:41:33.0396 0x2b24  vmictimesync - ok
20:41:33.0400 0x2b24  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
20:41:33.0410 0x2b24  vmicvmsession - ok
20:41:33.0415 0x2b24  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
20:41:33.0426 0x2b24  vmicvss - ok
20:41:33.0429 0x2b24  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:41:33.0435 0x2b24  volmgr - ok
20:41:33.0441 0x2b24  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:41:33.0451 0x2b24  volmgrx - ok
20:41:33.0457 0x2b24  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:41:33.0468 0x2b24  volsnap - ok
20:41:33.0470 0x2b24  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
20:41:33.0475 0x2b24  volume - ok
20:41:33.0478 0x2b24  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:41:33.0483 0x2b24  vpci - ok
20:41:33.0487 0x2b24  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:41:33.0495 0x2b24  vsmraid - ok
20:41:33.0514 0x2b24  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
20:41:33.0551 0x2b24  VSS - ok
20:41:33.0556 0x2b24  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:41:33.0565 0x2b24  VSTXRAID - ok
20:41:33.0568 0x2b24  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:41:33.0580 0x2b24  vwifibus - ok
20:41:33.0582 0x2b24  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
20:41:33.0595 0x2b24  vwififlt - ok
20:41:33.0598 0x2b24  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
20:41:33.0610 0x2b24  vwifimp - ok
20:41:33.0618 0x2b24  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
20:41:33.0639 0x2b24  W32Time - ok
20:41:33.0641 0x2b24  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:41:33.0648 0x2b24  WacomPen - ok
20:41:33.0656 0x2b24  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
20:41:33.0671 0x2b24  WalletService - ok
20:41:33.0674 0x2b24  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:41:33.0687 0x2b24  wanarp - ok
20:41:33.0689 0x2b24  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:41:33.0702 0x2b24  wanarpv6 - ok
20:41:33.0720 0x2b24  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:41:33.0755 0x2b24  wbengine - ok
20:41:33.0768 0x2b24  [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:41:33.0791 0x2b24  WbioSrvc - ok
20:41:33.0796 0x2b24  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
20:41:33.0803 0x2b24  wcifs - ok
20:41:33.0813 0x2b24  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:41:33.0835 0x2b24  Wcmsvc - ok
20:41:33.0843 0x2b24  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:41:33.0858 0x2b24  wcncsvc - ok
20:41:33.0861 0x2b24  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
20:41:33.0868 0x2b24  wcnfs - ok
20:41:33.0871 0x2b24  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:41:33.0877 0x2b24  WdBoot - ok
20:41:33.0889 0x2b24  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:41:33.0905 0x2b24  Wdf01000 - ok
20:41:33.0911 0x2b24  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:41:33.0920 0x2b24  WdFilter - ok
20:41:33.0923 0x2b24  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:41:33.0933 0x2b24  WdiServiceHost - ok
20:41:33.0935 0x2b24  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:41:33.0945 0x2b24  WdiSystemHost - ok
20:41:33.0956 0x2b24  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
20:41:33.0976 0x2b24  wdiwifi - ok
20:41:33.0980 0x2b24  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:41:33.0986 0x2b24  WdNisDrv - ok
20:41:33.0988 0x2b24  WdNisSvc - ok
20:41:33.0992 0x2b24  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:41:34.0005 0x2b24  WebClient - ok
20:41:34.0009 0x2b24  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:41:34.0022 0x2b24  Wecsvc - ok
20:41:34.0024 0x2b24  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:41:34.0032 0x2b24  WEPHOSTSVC - ok
20:41:34.0035 0x2b24  [ 0941A50663B7F3BAB62687AC0E03A31B, 8AA98C22332217B3996028461747B88274D49B246FA432DB7B7C169527C75D14 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:41:34.0043 0x2b24  wercplsupport - ok
20:41:34.0048 0x2b24  [ 8DF4E4631338E8EE7CCDF7D6DC55D3A8, 043D0AF7FD1073603D8586E0BE9646FE3E8679A317AC18845811856A6E5027E1 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:41:34.0058 0x2b24  WerSvc - ok
20:41:34.0067 0x2b24  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
20:41:34.0084 0x2b24  WFDSConMgrSvc - ok
20:41:34.0088 0x2b24  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
20:41:34.0095 0x2b24  WFPLWFS - ok
20:41:34.0099 0x2b24  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:41:34.0107 0x2b24  WiaRpc - ok
20:41:34.0110 0x2b24  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:41:34.0114 0x2b24  WIMMount - ok
20:41:34.0116 0x2b24  WinDefend - ok
20:41:34.0121 0x2b24  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:41:34.0126 0x2b24  WindowsTrustedRT - ok
20:41:34.0129 0x2b24  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:41:34.0134 0x2b24  WindowsTrustedRTProxy - ok
20:41:34.0146 0x2b24  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:41:34.0162 0x2b24  WinHttpAutoProxySvc - ok
20:41:34.0165 0x2b24  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
20:41:34.0170 0x2b24  WinMad - ok
20:41:34.0176 0x2b24  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:41:34.0190 0x2b24  Winmgmt - ok
20:41:34.0195 0x2b24  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
20:41:34.0205 0x2b24  WinNat - ok
20:41:34.0236 0x2b24  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:41:34.0298 0x2b24  WinRM - ok
20:41:34.0304 0x2b24  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
20:41:34.0311 0x2b24  WINUSB - ok
20:41:34.0314 0x2b24  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
20:41:34.0320 0x2b24  WinVerbs - ok
20:41:34.0329 0x2b24  [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
20:41:34.0347 0x2b24  wisvc - ok
20:41:34.0375 0x2b24  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:41:34.0430 0x2b24  WlanSvc - ok
20:41:34.0456 0x2b24  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:41:34.0504 0x2b24  wlidsvc - ok
20:41:34.0520 0x2b24  [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
20:41:34.0550 0x2b24  wlpasvc - ok
20:41:34.0553 0x2b24  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:41:34.0559 0x2b24  WmiAcpi - ok
20:41:34.0564 0x2b24  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:41:34.0578 0x2b24  wmiApSrv - ok
20:41:34.0580 0x2b24  WMPNetworkSvc - ok
20:41:34.0585 0x2b24  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:41:34.0592 0x2b24  Wof - ok
20:41:34.0614 0x2b24  [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:41:34.0655 0x2b24  workfolderssvc - ok
20:41:34.0659 0x2b24  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:41:34.0668 0x2b24  WPDBusEnum - ok
20:41:34.0671 0x2b24  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:41:34.0676 0x2b24  WpdUpFltr - ok
20:41:34.0681 0x2b24  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
20:41:34.0694 0x2b24  WpnService - ok
20:41:34.0697 0x2b24  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
20:41:34.0706 0x2b24  WpnUserService - ok
20:41:34.0711 0x2b24  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:41:34.0722 0x2b24  ws2ifsl - ok
20:41:34.0726 0x2b24  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:41:34.0738 0x2b24  wscsvc - ok
20:41:34.0740 0x2b24  WSearch - ok
20:41:34.0768 0x2b24  [ E1E58C86AE73A95329696C675D8C03E6, EF1497AFA6C472EB6C0C0806F1A82B814FB4E9CDF441C155AEC95735384DF878 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:41:34.0819 0x2b24  wuauserv - ok
20:41:34.0823 0x2b24  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:41:34.0831 0x2b24  WudfPf - ok
20:41:34.0835 0x2b24  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:41:34.0846 0x2b24  WUDFRd - ok
20:41:34.0849 0x2b24  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:41:34.0859 0x2b24  wudfsvc - ok
20:41:34.0864 0x2b24  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
20:41:34.0873 0x2b24  WUDFWpdFs - ok
20:41:34.0877 0x2b24  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
20:41:34.0887 0x2b24  WUDFWpdMtp - ok
20:41:34.0904 0x2b24  [ 46D90B7476CDB119C548D970EF271D34, 0C47D8AB80CF55CC10747DFFB65CED1713160BE3AB1DAED234E9BBADACCBD6D5 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:41:34.0936 0x2b24  WwanSvc - ok
20:41:34.0942 0x2b24  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
20:41:34.0952 0x2b24  xbgm - ok
20:41:34.0966 0x2b24  [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
20:41:34.0991 0x2b24  XblAuthManager - ok
20:41:35.0008 0x2b24  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
20:41:35.0036 0x2b24  XblGameSave - ok
20:41:35.0042 0x2b24  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
20:41:35.0053 0x2b24  xboxgip - ok
20:41:35.0055 0x2b24  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
20:41:35.0062 0x2b24  XboxGipSvc - ok
20:41:35.0077 0x2b24  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
20:41:35.0104 0x2b24  XboxNetApiSvc - ok
20:41:35.0107 0x2b24  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
20:41:35.0114 0x2b24  xinputhid - ok
20:41:35.0115 0x2b24  ================ Scan global ===============================
20:41:35.0118 0x2b24  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
20:41:35.0121 0x2b24  [ 961599D817655AB85646C7D56684D2B0, 1614D9EE8F02B8253EF54F26B5EE631FF17ED6504713625DBD3554257C7C50F4 ] C:\WINDOWS\system32\winsrv.dll
20:41:35.0125 0x2b24  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
20:41:35.0133 0x2b24  [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\WINDOWS\system32\services.exe
20:41:35.0138 0x2b24  [ Global ] - ok
20:41:35.0138 0x2b24  ================ Scan MBR ==================================
20:41:35.0139 0x2b24  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:41:35.0157 0x2b24  \Device\Harddisk0\DR0 - ok
20:41:35.0158 0x2b24  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:41:35.0227 0x2b24  \Device\Harddisk1\DR1 - ok
20:41:35.0227 0x2b24  ================ Scan VBR ==================================
20:41:35.0229 0x2b24  [ 7D52ABB08519783BC9F1862BE9803A1E ] \Device\Harddisk0\DR0\Partition1
20:41:35.0230 0x2b24  \Device\Harddisk0\DR0\Partition1 - ok
20:41:35.0231 0x2b24  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
20:41:35.0231 0x2b24  \Device\Harddisk0\DR0\Partition2 - ok
20:41:35.0232 0x2b24  [ 931644374EC344A27002FA3EDD6E034C ] \Device\Harddisk0\DR0\Partition3
20:41:35.0233 0x2b24  \Device\Harddisk0\DR0\Partition3 - ok
20:41:35.0234 0x2b24  [ 2BDB05AC65A5C8BEAC8098F8120421B7 ] \Device\Harddisk0\DR0\Partition4
20:41:35.0235 0x2b24  \Device\Harddisk0\DR0\Partition4 - ok
20:41:35.0236 0x2b24  [ BB839ACA197F4CA045C0C18E0B48774A ] \Device\Harddisk1\DR1\Partition1
20:41:35.0236 0x2b24  \Device\Harddisk1\DR1\Partition1 - ok
20:41:35.0236 0x2b24  ================ Scan generic autorun ======================
20:41:35.0237 0x2b24  SecurityHealth - ok
20:41:35.0239 0x2b24  [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\Windows\system32\rundll32.exe
20:41:35.0249 0x2b24  Logitech Download Assistant - ok
20:41:35.0342 0x2b24  [ B8AA31DFB8F89056B7E1D435443199AC, 0E9512EBC012E9EA74E6953780D238B942C1A12932FEB920EA7000F11269E8B5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:41:35.0456 0x2b24  RTHDVCPL - ok
20:41:35.0463 0x2b24  [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\WINDOWS\system32\rundll32.exe
20:41:35.0472 0x2b24  ShadowPlay - ok
20:41:35.0489 0x2b24  [ DB8B3DEAF8A4EF82DEB3EE9AC87CCC37, FC6383ADD584FA3C17C61AFA7E3FCBF44F80C464682229FB5514ABD3B441CCD2 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:41:35.0511 0x2b24  RtHDVBg_Dolby - ok
20:41:35.0545 0x2b24  [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
20:41:35.0580 0x2b24  Malwarebytes TrayApp - ok
20:41:35.0616 0x2b24  [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
20:41:35.0649 0x2b24  EvtMgr6 - ok
20:41:35.0661 0x2b24  [ 5B156F68A1034B48268AC33C9BADAE8C, ABC15E0987B380B3181601546B05984F11855196288F213DA998065F401832E5 ] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
20:41:35.0673 0x2b24  DAX2_APP - ok
20:41:35.0676 0x2b24  [ CC22BCAFB53C2CFD7B183E2B05A5E8F8, 05275908D312B93FDCD1EB7909B623D916C2733E43CF5AAA6BDC053DF8DD5CAF ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:41:35.0681 0x2b24  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:41:35.0931 0x2b24  Detect skipped due to KSN trusted
20:41:35.0931 0x2b24  IAStorIcon - ok
20:41:35.0956 0x2b24  [ 81EA668757E3DBF8E08C7C54B3CEE1F8, E0851E3DCAFF6FD5512AC0E2DBA63ECD3187D1428728FB1E7509707D2C60B12B ] C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
20:41:35.0980 0x2b24  LogiOptions - ok
20:41:35.0984 0x2b24  [ 09EB6FF675B6B4D343679F340AAC1B6A, FDCEDC5DD58FE951EF454D0DE44723551060E2000DA688973536A29036654BD2 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
20:41:35.0990 0x2b24  AvgUi - ok
20:41:35.0994 0x2b24  [ 82DD6BBAE985B2FFFEED4BDDF8E134F7, CAF9555852FE23FC74E6351C2BF936812C8EE0FE4840996F955D9D98DE01B8BC ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
20:41:35.0998 0x2b24  CLMLServer_For_P2G8 - ok
20:41:36.0005 0x2b24  [ 0832A4F5ADBECC43BC8ADA124CD06C6B, 20289301C96785F97B710EC8EEA68D56AC84F65DE976923735CAA70F8150B010 ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
20:41:36.0013 0x2b24  CLVirtualDrive - ok
20:41:36.0017 0x2b24  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
20:41:36.0021 0x2b24  LWS - ok
20:41:36.0037 0x2b24  [ 8A32FF690135458F5563C836D6AC9A10, FDEF87A07B4AFCC0C8D230197A5D6E3313A82FCC3A7BE4EDDAF96E1C189213FF ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
20:41:36.0053 0x2b24  CanonQuickMenu - ok
20:41:36.0272 0x2b24  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:41:36.0527 0x2b24  OneDriveSetup - ok
20:41:36.0742 0x2b24  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:41:36.0957 0x2b24  OneDriveSetup - ok
20:41:37.0170 0x2b24  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:41:37.0385 0x2b24  OneDriveSetup - ok
20:41:37.0400 0x2b24  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
20:41:37.0416 0x2b24  WAB Migrate - ok
20:41:37.0435 0x2b24  [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Gotthard\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:41:37.0458 0x2b24  OneDrive - ok
20:41:37.0491 0x2b24  [ 5614A72C29D1BBEAD78FE507013B2488, 725BB9E65C18C83A7FD560242E72931358F4B7950F22DEC5FA434845B3221BD7 ] C:\Program Files (x86)\Steam\steam.exe
20:41:37.0531 0x2b24  Steam - ok
20:41:37.0539 0x2b24  [ 4F4BAD52DB9B89D7121FA9204104C19F, EAC12F74A4B6D1044315870B0F1E59E5270A45568BB954E51ED56FAC6ECEA875 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
20:41:37.0546 0x2b24  kpm.exe - ok
20:41:37.0647 0x2b24  [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
20:41:37.0746 0x2b24  CCleaner Monitoring - ok
20:41:37.0790 0x2b24  [ F712716848B3A3C71FFE4D913C48EA3F, C5C5032A0DD39C58957302A597823B66211245FD71FDE5BA186CD915FF30C125 ] C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe
20:41:37.0830 0x2b24  Amazon Music - ok
20:41:37.0850 0x2b24  [ 131410FC40F1AC25ECA8EF7C321C5DEE, 77BF2476C38A059E93A53A0EADC3163AA545915B7D37039EAA43E33E17D64673 ] C:\Users\Gotthard\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:41:37.0871 0x2b24  Spotify Web Helper - ok
20:41:37.0945 0x2b24  [ F975DF7AB2EB764A63DC9EFF5C29E1E9, 0DE17BAB7AA4EE769F62D2CBEDA3A25715ED718C23E0CD748AE8EBBF5F49469F ] C:\Users\Gotthard\AppData\Roaming\Spotify\Spotify.exe
20:41:38.0033 0x2b24  Spotify - ok
20:41:38.0042 0x2b24  [ E2DC4C95224222EEB3FCEE8EA554D413, EBC04A4E448911E6E4F2A5BB39E8E5374746FECEA078738ACEC36BE0BDE66642 ] C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater\Updater.exe
20:41:38.0050 0x2b24  OpenOffice Updater - ok
20:41:38.0063 0x2b24  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
20:41:38.0081 0x2b24  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
20:41:39.0318 0x2b24  Detect skipped due to KSN trusted
20:41:39.0318 0x2b24  SpybotPostWindows10UpgradeReInstall - ok
20:41:39.0318 0x2b24  Waiting for KSN requests completion. In queue: 17
20:41:39.0599 0x2e1c  Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
20:41:39.0806 0x2e1c  Object send P2P result: true
20:41:40.0329 0x2b24  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\wmiav.exe ( 17.0.0.783 ), 0x41000 ( enabled : updated )
20:41:40.0330 0x2b24  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
20:41:40.0330 0x2b24  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
20:41:40.0330 0x2b24  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\wmiav.exe ( 17.0.0.783 ), 0x41010 ( enabled )
20:41:40.0458 0x2b24  ============================================================
20:41:40.0458 0x2b24  Scan finished
20:41:40.0458 0x2b24  ============================================================
20:41:40.0461 0x28d0  Detected object count: 0
20:41:40.0461 0x28d0  Actual detected object count: 0

Vielen Dank für die schnelle Antwort.Ich hoffe ich habe alles richtig gemacht.

M-K-D-B · 13.08.2017, 20:15

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- IE Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

Gottel62 · 14.08.2017, 16:49

Code:

ATTFilter

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 14 15:35:33 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Audyssey Labs


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1315 B] - [2017/4/5 17:48:45]
C:/AdwCleaner/AdwCleaner[C2].txt - [1280 B] - [2017/4/5 18:12:31]
C:/AdwCleaner/AdwCleaner[C3].txt - [1427 B] - [2017/4/6 3:50:15]
C:/AdwCleaner/AdwCleaner[C4].txt - [1573 B] - [2017/4/6 4:25:40]
C:/AdwCleaner/AdwCleaner[C5].txt - [2530 B] - [2017/5/5 18:10:4]
C:/AdwCleaner/AdwCleaner[S0].txt - [1488 B] - [2017/4/5 17:47:3]
C:/AdwCleaner/AdwCleaner[S10].txt - [2442 B] - [2017/5/5 18:13:48]
C:/AdwCleaner/AdwCleaner[S11].txt - [2517 B] - [2017/5/18 14:21:37]
C:/AdwCleaner/AdwCleaner[S12].txt - [2591 B] - [2017/5/23 14:29:4]
C:/AdwCleaner/AdwCleaner[S13].txt - [2687 B] - [2017/6/29 11:36:50]
C:/AdwCleaner/AdwCleaner[S14].txt - [2738 B] - [2017/6/29 11:51:54]
C:/AdwCleaner/AdwCleaner[S15].txt - [2384 B] - [2017/8/14 15:34:9]
C:/AdwCleaner/AdwCleaner[S1].txt - [1510 B] - [2017/4/5 17:52:44]
C:/AdwCleaner/AdwCleaner[S2].txt - [1656 B] - [2017/4/6 3:49:51]
C:/AdwCleaner/AdwCleaner[S3].txt - [1802 B] - [2017/4/6 4:14:20]
C:/AdwCleaner/AdwCleaner[S4].txt - [1968 B] - [2017/4/6 4:35:39]
C:/AdwCleaner/AdwCleaner[S5].txt - [2041 B] - [2017/4/6 5:44:34]
C:/AdwCleaner/AdwCleaner[S6].txt - [2114 B] - [2017/4/6 15:32:27]
C:/AdwCleaner/AdwCleaner[S7].txt - [2168 B] - [2017/4/6 15:56:25]
C:/AdwCleaner/AdwCleaner[S8].txt - [2242 B] - [2017/4/7 4:1:41]
C:/AdwCleaner/AdwCleaner[S9].txt - [2872 B] - [2017/5/5 18:9:35]


########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 14.08.17
Scan-Zeit: 17:38
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2584
Lizenz: Premium

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.540)
CPU: x64
Dateisystem: NTFS
Benutzer: F94026-1\Gotthard

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 404932
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 1 Min., 15 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017
durchgeführt von Gotthard (Administrator) auf F94026-1 (14-08-2017 17:47:27)
Gestartet von C:\Users\Gotthard\Downloads
Geladene Profile: defaultuser0 & Gotthard (Verfügbare Profile: defaultuser0 & Gotthard)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Amazon Services LLC) C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
() C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
() C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\plugin-nm-server.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-21] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-07-21] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-06-29] (Dolby Laboratories, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-21] (Intel Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2110584 2017-07-12] (Logitech, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-06-26] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-06-26] (CyberLink Corp.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe [411912 2016-12-22] ()
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Amazon Music] => C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe [3696104 2017-06-09] (Amazon Services LLC)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Spotify Web Helper] => C:\Users\Gotthard\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-03] (Spotify Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Spotify] => C:\Users\Gotthard\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-03-03] (Spotify Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [OpenOffice Updater] => C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-02] ()
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\killercontrolcenter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\killerdiagnostics.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ksdeui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-02-26]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)
Startup: C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2017-03-20]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
Tcpip\..\Interfaces\{4d899b68-acd8-4e4f-8c23-96579e8402ab}: [DhcpNameServer] 62.117.1.25 89.16.129.25

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {01F38CF5-175C-4A4B-9FE5-A68C368393D2} URL = 
SearchScopes: HKU\S-1-5-21-439399562-2122694152-2027062775-1001 -> DefaultScope {01F38CF5-175C-4A4B-9FE5-A68C368393D2} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\x64\ie_engine.dll [2016-12-22] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ie_engine.dll [2016-12-22] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default [2017-08-14]
FF Extension: (Stores your logins, passwords, notes and identities, protecting them with your master password.) - C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default\Extensions\kpm_win_add_on@kaspersky.xpi [2017-07-29]
FF Extension: (Adblock Plus) - C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-29]
FF Extension: (Site Deployment Checker) - C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\wtqn1j50.default\features\{39902d07-0491-45a7-8fa8-098d8929e181}\deployment-checker@mozilla.org.xpi [2017-03-24]
FF Extension: (Click-to-Play staged rollout) - C:\Program Files\Mozilla Firefox\browser\features\clicktoplay-rollout@mozilla.org.xpi [2017-08-11] [ist nicht signiert]
FF Extension: (Follow-on Search Telemetry) - C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi [2017-08-03] [ist nicht signiert]
FF Extension: (Shield Recipe Client) - C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi [2017-08-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-08-03] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-439399562-2122694152-2027062775-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default [2017-08-14]
CHR Extension: (Google Präsentationen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-25]
CHR Extension: (Google Docs) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-25]
CHR Extension: (Google Drive) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-25]
CHR Extension: (YouTube) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13]
CHR Extension: (Google Tabellen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-25]
CHR Extension: (АdВIοсk РIus) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafikfgimmakopbgongibcbahghfcinl [2017-02-25]
CHR Extension: (Google Docs Offline) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-25]
CHR Extension: (Audio Verbinden) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2017-03-31]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaoblbjfmcalcjjaifickaoccjmhlal [2017-06-20]
CHR Extension: (Archive Extractor) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknadlalodfadgegkigkmbhofcmkhfnc [2017-03-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13]
CHR Extension: (Audio Converter) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2017-03-31]
CHR Extension: (Google Mail) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-25]
CHR Extension: (Chrome Media Router) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-439399562-2122694152-2027062775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mkaoblbjfmcalcjjaifickaoccjmhlal] - hxxps://chrome.google.com/webstore/detail/mkaoblbjfmcalcjjaifickaoccjmhlal
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-02-27] ()
R2 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [856536 2017-02-17] (ASUSTek Computer Inc.)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [348592 2017-06-28] (Windows (R) Win 7 DDK provider)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-01] ()
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-24] (CyberLink)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-07-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-05-28] (Intel Corporation)
S4 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2067168 2017-01-26] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S4 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-01] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-01] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [605616 2017-06-28] (Qualcomm)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-03-19] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-07-20] ()
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-02-27] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2015-05-18] (ASUSTeK Computer Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520152 2017-07-25] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-08-14] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-26] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-28] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-28] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-28] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-28] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R0 MBAMChameleon; C:\WINDOWS\System32\drivers\MBAMChameleon.sys [188352 2017-07-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-14] (Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-26] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2418096 2017-07-03] (Qualcomm Atheros, Inc.)
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [99680 2017-01-26] (Rivet Networks, LLC.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-14 17:41 - 2017-08-14 17:41 - 000001398 _____ C:\Users\Gotthard\Desktop\mbam.txt
2017-08-14 17:31 - 2017-08-14 17:31 - 008185288 _____ (Malwarebytes) C:\Users\Gotthard\Downloads\adwcleaner_7.0.1.0.exe
2017-08-14 17:22 - 2017-08-14 17:22 - 000326192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-13 20:40 - 2017-08-13 21:10 - 000309978 _____ C:\TDSSKiller.3.1.0.15_13.08.2017_20.40.59_log.txt
2017-08-13 20:02 - 2017-08-13 20:02 - 000007334 _____ C:\Users\Gotthard\Desktop\OpenDocument Text (neu).odt
2017-08-13 19:54 - 2017-08-13 20:19 - 000309980 _____ C:\TDSSKiller.3.1.0.15_13.08.2017_19.54.12_log.txt
2017-08-13 19:53 - 2017-08-13 19:53 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Gotthard\Downloads\tdsskiller.exe
2017-08-13 19:49 - 2017-08-13 19:49 - 000053273 _____ C:\Users\Gotthard\Downloads\Addition.txt
2017-08-13 19:48 - 2017-08-14 17:47 - 000031497 _____ C:\Users\Gotthard\Downloads\FRST.txt
2017-08-13 19:46 - 2017-08-14 17:47 - 000000000 ____D C:\FRST
2017-08-13 19:41 - 2017-08-13 19:41 - 002395648 _____ (Farbar) C:\Users\Gotthard\Downloads\FRST64.exe
2017-08-12 18:31 - 2017-08-12 18:31 - 000020322 _____ C:\Users\Gotthard\Documents\cc_20170812_183116.reg
2017-08-12 18:30 - 2017-08-12 18:30 - 000136116 _____ C:\Users\Gotthard\Documents\cc_20170812_183050.reg
2017-08-11 15:46 - 2017-08-11 15:52 - 000000000 ____D C:\ProgramData\HitmanPro
2017-08-11 15:46 - 2017-08-11 15:46 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-08-11 15:41 - 2017-08-11 15:41 - 000000000 ____D C:\ProgramData\Emsisoft
2017-08-11 15:40 - 2017-08-11 15:44 - 000000000 ____D C:\EEK
2017-08-10 17:42 - 2017-08-10 17:42 - 000000000 ____D C:\Users\Gotthard\Screenshot
2017-08-10 17:30 - 2017-08-10 17:30 - 000000222 _____ C:\Users\Gotthard\Desktop\Shadow Warrior 2.url
2017-08-09 14:01 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 14:01 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 14:01 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 14:01 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 14:01 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 14:01 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 14:01 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 14:01 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 14:01 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 14:01 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 14:01 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 14:01 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 14:01 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 14:01 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 14:01 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 14:01 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 14:01 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 14:01 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 14:01 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 14:01 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 14:01 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 14:01 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 14:01 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 14:01 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 14:01 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 14:01 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 14:01 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 14:01 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 14:01 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 14:01 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 14:01 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 14:01 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 14:01 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 14:01 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 14:01 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 14:01 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 14:01 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 14:01 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 14:01 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 14:01 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 14:01 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 14:01 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 14:01 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 14:01 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 14:01 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 14:01 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 14:01 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 14:01 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 14:01 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 14:01 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 14:01 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 14:01 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 14:01 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 14:01 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 14:01 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 14:01 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 14:01 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-05 16:49 - 2017-08-05 16:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\ProgramData\Dolby
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\Program Files\Dolby
2017-08-03 11:41 - 2017-07-21 04:58 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 072520704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-08-03 11:41 - 2017-07-21 04:57 - 012951320 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-08-03 11:41 - 2017-07-21 04:57 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-03 11:41 - 2017-07-21 04:57 - 003516984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003099544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 002210784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001159176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000154352 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-03 11:41 - 2016-07-22 02:19 - 000091088 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2017-08-03 11:41 - 2016-04-15 14:47 - 000080848 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2017-08-03 11:40 - 2017-08-03 11:40 - 000000000 ____D C:\Users\Gotthard\AppData\Local\Logishrd
2017-08-03 11:39 - 2017-08-03 11:39 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\sp6_log
2017-08-03 11:39 - 2017-07-03 05:32 - 001073824 _____ C:\WINDOWS\system32\Drivers\qca61x4_2_2.bin
2017-08-03 11:39 - 2017-07-03 05:32 - 000097210 _____ C:\WINDOWS\system32\Drivers\Data61x4_2_2.msc
2017-08-03 11:38 - 2017-08-03 11:38 - 000000000 ____D C:\Program Files (x86)\ASM104xUSB3
2017-08-03 11:38 - 2017-06-28 05:50 - 000348592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\AdminService.exe
2017-08-03 11:38 - 2017-06-28 02:48 - 000058488 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000200.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000057624 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000300.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000041112 _____ C:\WINDOWS\system32\Drivers\AthrBT_TF_0x00000302.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000037208 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000302.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000001982 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48_NFA435_10dbm.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000001982 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48.dfu
2017-08-03 11:35 - 2017-08-12 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2017-08-03 10:51 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-03 10:51 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-03 10:51 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-03 10:51 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-03 10:51 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-03 10:51 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-03 10:51 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-03 10:51 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-03 10:51 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-03 10:51 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-03 10:51 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-03 10:51 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-03 10:51 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-03 10:51 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-03 10:51 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-03 10:51 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-03 10:51 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-03 10:51 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-03 10:51 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-03 10:51 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-03 10:51 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-03 10:51 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-03 10:51 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-03 10:51 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-03 10:51 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-03 10:51 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-03 10:51 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-03 10:51 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-03 10:51 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-03 10:51 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-03 10:51 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-03 10:51 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-03 10:51 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-03 10:51 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-03 10:51 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-03 10:51 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-03 10:51 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-03 10:51 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-03 10:51 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-03 10:51 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-03 10:51 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-03 10:51 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-03 10:51 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-03 10:51 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-03 10:51 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-03 10:51 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-03 10:51 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-03 10:51 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-03 10:51 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-03 10:51 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-03 10:51 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-03 10:51 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-03 10:51 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-03 10:51 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-03 10:51 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-07-25 16:36 - 2017-07-25 16:36 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-25 16:36 - 2017-07-19 00:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-25 16:36 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-25 16:36 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-25 16:36 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-25 16:36 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-25 16:34 - 2017-07-19 02:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-07-22 10:31 - 2017-07-22 10:31 - 000000000 ____D C:\Users\Gotthard\Documents\Shadow Warrior DX11
2017-07-21 10:35 - 2017-07-21 10:35 - 000000000 ____D C:\Users\Gotthard\AppData\Local\SkinSoft
2017-07-21 10:25 - 2017-01-07 21:39 - 000000000 ____D C:\Users\Gotthard\Desktop\JustCause3+23Tr-LNG
2017-07-20 16:50 - 2017-07-20 16:50 - 000000000 ____D C:\Users\Gotthard\Documents\Square Enix
2017-07-20 16:18 - 2017-07-20 16:18 - 000000222 _____ C:\Users\Gotthard\Desktop\Just Cause 3.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-14 17:42 - 2017-04-06 17:07 - 007831912 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-14 17:42 - 2017-03-20 06:41 - 004015942 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-14 17:42 - 2017-03-20 06:41 - 001087960 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-14 17:39 - 2017-04-06 17:04 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D56A6EBC-6126-4119-8BFD-8B0E03E1E2C3}
2017-08-14 17:39 - 2017-04-06 16:59 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-14 17:38 - 2017-03-29 07:41 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-14 17:38 - 2017-03-14 05:43 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater
2017-08-14 17:36 - 2017-05-19 13:37 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-14 17:36 - 2017-05-19 13:37 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-14 17:36 - 2017-05-19 13:36 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-14 17:36 - 2017-04-06 17:04 - 000003250 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
2017-08-14 17:36 - 2017-04-06 17:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-14 17:36 - 2017-02-28 18:14 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2017-08-14 17:36 - 2017-02-25 18:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-14 17:35 - 2017-03-18 13:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-08-14 17:34 - 2017-04-05 19:44 - 000000000 ____D C:\AdwCleaner
2017-08-13 21:11 - 2017-06-07 17:59 - 000003134 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-08-13 20:32 - 2017-02-25 19:13 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-13 19:44 - 2017-04-06 17:04 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-08-12 19:58 - 2017-04-06 17:00 - 000000000 ____D C:\Users\Gotthard
2017-08-12 15:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-12 10:49 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-11 15:56 - 2017-02-26 08:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-11 15:11 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-10 20:35 - 2017-02-26 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-08-10 20:35 - 2017-02-26 07:44 - 000000000 ____D C:\Program Files\Logitech
2017-08-10 17:32 - 2017-02-25 19:18 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-10 17:09 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-10 13:55 - 2017-02-26 07:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-10 10:59 - 2017-02-26 07:57 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-10 10:59 - 2017-02-26 07:57 - 000001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-10 10:59 - 2017-02-26 07:57 - 000000000 ____D C:\Users\Gotthard\AppData\LocalLow\Mozilla
2017-08-10 10:51 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-09 16:45 - 2017-02-25 18:17 - 000000000 ____D C:\Users\Gotthard\AppData\Local\Packages
2017-08-09 16:42 - 2017-02-28 08:10 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-08-09 14:04 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-09 14:03 - 2017-02-01 11:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 14:02 - 2017-02-01 11:26 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-09 11:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-09 11:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-05 17:45 - 2017-05-17 18:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-05 17:45 - 2017-02-25 18:40 - 000001492 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-05 16:49 - 2017-02-23 11:24 - 000000000 ____D C:\Program Files\Intel
2017-08-05 16:49 - 2017-02-23 11:24 - 000000000 ____D C:\Program Files (x86)\Intel
2017-08-03 16:26 - 2017-03-02 05:05 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-03 16:26 - 2017-03-02 05:05 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-08-03 11:41 - 2017-03-14 15:19 - 000005097 _____ C:\WINDOWS\SysWOW64\Saved_Config.txt
2017-08-03 11:41 - 2017-03-14 15:19 - 000000410 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt
2017-08-03 11:41 - 2017-02-26 07:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-08-03 11:41 - 2017-02-26 07:46 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2017-08-03 11:40 - 2017-04-06 17:04 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-08-03 11:40 - 2017-04-06 17:00 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-08-03 11:40 - 2017-02-26 08:45 - 000000000 ____D C:\Users\Public\Documents\Logishrd
2017-08-03 11:40 - 2017-02-26 07:44 - 000000000 ____D C:\ProgramData\Logishrd
2017-08-03 11:02 - 2017-05-05 20:00 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-03 10:56 - 2016-11-20 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-03 10:54 - 2017-04-06 17:23 - 000000000 ____D C:\Program Files\Hyper-V
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 20:05 - 2017-03-18 11:00 - 000000000 ____D C:\Program Files\Recuva
2017-07-28 16:12 - 2017-02-27 20:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-26 19:09 - 2017-06-30 13:26 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-26 19:09 - 2017-06-30 13:26 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-26 19:09 - 2017-03-21 15:33 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-26 19:09 - 2017-02-25 18:40 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-26 15:40 - 2017-04-07 07:10 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-26 15:36 - 2017-04-06 16:59 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-07-25 16:36 - 2017-02-23 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-25 16:14 - 2017-03-18 13:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-07-25 16:14 - 2017-02-25 18:35 - 001021624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-07-25 16:14 - 2017-02-25 18:35 - 000197312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-07-25 16:14 - 2016-06-14 18:47 - 000199640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2017-07-25 16:13 - 2016-12-26 23:03 - 000520152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-07-21 19:21 - 2017-01-17 18:31 - 000897032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2017-07-21 04:57 - 2017-03-29 16:35 - 005874144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-07-21 04:57 - 2017-03-29 16:35 - 000378376 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-07-21 04:57 - 2017-03-29 16:35 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-07-20 16:41 - 2017-05-19 13:37 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-20 16:41 - 2017-05-19 13:36 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-19 02:40 - 2017-03-21 15:33 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-19 02:40 - 2017-03-21 15:33 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-19 02:40 - 2017-03-21 15:33 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-07-19 01:24 - 2017-04-06 17:00 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-07-19 01:24 - 2017-04-06 17:00 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-27 18:51 - 2017-02-27 18:51 - 000000017 _____ () C:\Users\Gotthard\AppData\Local\resmon.resmoncfg
2017-04-03 16:33 - 2017-04-03 16:33 - 000046816 _____ () C:\ProgramData\agent.1491229982.bdinstall.bin
2017-04-03 16:56 - 2017-04-03 16:56 - 000029157 _____ () C:\ProgramData\agent.1491231411.bdinstall.bin
2017-04-06 16:59 - 2017-04-06 16:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-06 16:59 - 2017-04-06 16:59 - 000000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
2017-08-14 17:26 - 2017-04-28 03:16 - 000599576 _____ (Microsoft Corporation) C:\Users\Gotthard\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-12 10:49

==================== Ende von FRST.txt ============================

Gottel62 · 14.08.2017, 16:58

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-08-2017
durchgeführt von Gotthard (14-08-2017 17:47:45)
Gestartet von C:\Users\Gotthard\Downloads
Windows 10 Pro Version 1703 (X64) (2017-04-06 15:07:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-439399562-2122694152-2027062775-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-439399562-2122694152-2027062775-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-439399562-2122694152-2027062775-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-439399562-2122694152-2027062775-501 - Limited - Disabled)
Gotthard (S-1-5-21-439399562-2122694152-2027062775-1001 - Administrator - Enabled) => C:\Users\Gotthard

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Amazon Amazon Music) (Version: 5.5.1.1028 - Amazon Services LLC)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
Ashampoo Photo Commander 14 (HKLM-x32\...\{0A11EA01-616B-A905-B3D2-3B7C238851DC}_is1) (Version: 14.0.6 - Ashampoo GmbH & Co. KG)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.48.1 - Asmedia Technology)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.) Hidden
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 0.0.369099031.18949936 - Audible, Inc.)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.04.29 - ASUSTeK Computer Inc.)
AURA(GRAPHICS CARD) (HKLM-x32\...\{AF1004E7-4602-4E68-96F0-5668285D2AF0}) (Version: 0.0.4.1 - )
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{EF9495BF-843A-4F81-ACC5-40F51748D462}) (Version: 0.8.4.73 - Dolby Laboratories, Inc.)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1027 - Intel Corporation)
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Just Cause 3 (HKLM\...\Steam App 225540) (Version:  - Avalanche Studios)
Kaspersky Password Manager (HKLM-x32\...\{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Killer Performance Suite (HKLM\...\{D0950353-F0CC-441B-B0FA-045A4BFD9F6E}) (Version: 1.0.1026 - Rivet Networks)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.8 - Electronic Arts)
Media Go (HKLM-x32\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.105.05220 (HKLM-x32\...\{77B3BF4C-1376-60BA-DBE7-932199ED6219}) (Version: 2.20.105.05220 - Sony)
Microsoft OneDrive (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 55.0.1 (x64 de) (HKLM\...\Mozilla Firefox 55.0.1 (x64 de)) (Version: 55.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Music Recorder (HKLM-x32\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
Music Recorder (HKLM-x32\...\{F5EF0BCC-8370-431F-B73E-AC6405C2DA1D}) (Version: 14.1.15600.0 - Audials AG)
Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero 2017 Content Pack (HKLM-x32\...\{4E6D3A36-4558-466D-83CC-AE2DCAC06C53}) (Version: 18.0.00600 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0011 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OCCT 4.5.0 (HKLM-x32\...\OCCT) (Version: 4.5.0 - Ocbase.com)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
oPlayer (HKLM-x32\...\{A7D541EA-C319-4964-9F48-B1AA9058777E}) (Version: 1.1.38 - I-SMART CITIES(Zhuhai) Co.,Ltd )
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
Spotify (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 28.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Websuche (HKLM-x32\...\Websuche) (Version:  - Websuche)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {073DE77D-DE3A-45D9-B121-18B2DD008275} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {0B4DDF1B-F6CE-45F1-A6D4-C8EEEC729B65} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-11-16] (TODO: <Company name>)
Task: {0CF0CBA3-96AD-4462-9C97-3AECA50F5783} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {1819FA23-43C0-4B6C-97DA-EFDD16D6EB36} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-24] (Samsung Electronics Co. Ltd.)
Task: {227FFF73-A683-4F3F-B41C-3A2C4E0816B5} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {319C3BC1-47AF-44B5-86E1-85EB9710B576} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {3B9264A3-DA65-4AFD-ADB5-A47732E2250F} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-22] (CyberLink Corp.)
Task: {3F641E17-74AA-4743-8824-1E702015D0E3} - System32\Tasks\Amazon Music Helper => C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe [2017-06-09] (Amazon Services LLC)
Task: {3FF7F4A2-1620-4101-8D45-36791438B053} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {490922DA-2308-4C3B-88E1-33374A6AE283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {4D63A57A-50ED-4806-9F13-6DC4029949F2} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {578F5BFB-8F4B-4113-8E2C-28C45CA2012C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-02] (Google Inc.)
Task: {69E64FF2-D32F-4848-8D67-FA357B90199F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {7099998E-A6BE-4AB4-97AB-40AF13523619} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated)
Task: {74FA8313-B2CB-4C4B-B04A-4229B8537C1C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {765C2F07-8344-4650-9031-D0678277574D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {79C35159-141D-4AB2-B705-BA74FB2F1812} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {876F335E-23A1-49C6-B9C7-31C7EAE6AF9B} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-26] (Nero AG)
Task: {88FC3817-F06C-467F-B40A-50D6987D9392} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {8EAEA82B-298A-4243-8FD9-356558A884E9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {98469EBB-B56C-4A03-B854-E8A49D9A64BE} - System32\Tasks\S-1-5-21-439399562-2122694152-2027062775-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {A5A97027-FF1E-4A1C-810E-CBA0A64523E7} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {BDA0F406-5023-4E81-A351-A1C83F59EFF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-02] (Google Inc.)
Task: {C758B265-3378-4021-B456-A58C297ACC6F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {C9F2D408-5597-4B37-8DD7-311CA3639952} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [2017-02-17] ()
Task: {E14DFF35-585C-4C60-847B-0AADFEC2BBF2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {FF25BC62-D488-4843-93F9-1C1C580FF375} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-27 20:10 - 2017-02-27 20:10 - 000933840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
2017-02-25 18:40 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-05-19 13:36 - 2017-07-20 16:41 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-24 12:03 - 2016-10-24 12:03 - 000589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-27 20:11 - 2017-02-17 20:07 - 000247256 _____ () C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 15:24 - 2017-07-18 15:24 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2016-07-08 15:44 - 2016-07-08 15:44 - 001566208 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe
2016-12-22 23:58 - 2016-12-22 23:58 - 000411912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-10-04 18:09 - 2016-10-04 18:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2017-08-03 16:26 - 2017-08-02 09:39 - 003824472 _____ () C:\program files (x86)\google\chrome\application\60.0.3112.90\libglesv2.dll
2017-08-03 16:26 - 2017-08-02 09:39 - 000100184 _____ () C:\program files (x86)\google\chrome\application\60.0.3112.90\libegl.dll
2016-12-22 23:59 - 2016-12-22 23:59 - 000108072 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\plugin-nm-server.exe
2017-02-27 20:10 - 2017-08-14 17:36 - 000044328 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll
2017-02-27 20:10 - 2017-02-27 20:10 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 001746432 _____ () C:\Program Files (x86)\ASUS\AURA\Vender.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\ClaymoreProtocol.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\RogNewmouseProtocol.dll
2017-02-26 09:04 - 2017-04-21 08:59 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-10-08 11:50 - 2016-10-08 11:50 - 001753088 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2017-02-25 18:40 - 2017-07-26 19:08 - 069820864 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-05 14:03 - 2016-12-05 14:03 - 000600160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\dblite.dll
2016-12-22 23:24 - 2016-12-22 23:24 - 000513960 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ipm_service.dll
2016-12-22 23:26 - 2016-12-22 23:26 - 000362344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ucp_meta.dll
2016-12-22 23:58 - 2016-12-22 23:58 - 000237416 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\infra.dll
2017-02-25 18:40 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-26 07:34 - 2017-02-26 07:33 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-02-28 18:12 - 2014-12-08 09:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2017-05-28 09:45 - 2017-05-28 09:45 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:0507A16B [141]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.

IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.

IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2017-05-18 17:04 - 000454512 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15600 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-439399562-2122694152-2027062775-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.117.1.25 - 89.16.129.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "Killer Control Center.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKU\S-1-5-21-439399562-2122694152-2027062775-1000\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4AEDE23B-F0ED-46C6-BB38-CDD537DB563F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E55175D9-3A9B-40A2-A4BE-8C6C5809094A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2DC7F296-453D-4599-AA56-61125FDE3B90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B1EB837F-F141-46DF-B4E0-73E098003E6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ADD7DE6E-551D-4C63-99C3-08AF4C5503B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC828FB5-3582-4FC5-9C4C-A3BCC630DC13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59B7F543-BE4F-4F2B-92E0-B45B5E84AFCB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F6ABE05-4DBA-43E5-9F42-8481E83E8DC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CDA0EF12-4C03-47C1-B0F6-A2A982ECD07E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DED8FB28-7812-4C80-A4EB-C35BE5311DC3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{39D689A6-DB5F-42FF-B41B-7E0D7E17006C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{FB27B845-63EF-4E56-97F4-9BA2C28939EE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{068DC589-7C08-4A64-ACC4-0D772F45299A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{D0C29ED0-EB77-425C-905C-394574455371}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{97B75051-0F8A-45AB-AD83-CC35F1F2CD42}] => (Allow) C:\Program Files (x86)\Music Recorder\Music Recorder 2016\Audials.exe
FirewallRules: [{914667BE-5A3E-4979-8891-1DB84EF70BD1}] => (Allow) LPort=12972
FirewallRules: [{7C091C59-3AED-4EC6-9112-950E4DE6F294}] => (Allow) LPort=14714
FirewallRules: [{F8CFCBFE-6421-48A1-985A-76F07786DE0E}] => (Allow) LPort=31931
FirewallRules: [{882D0D1F-FC29-487E-AFC3-D5DBD83EAE75}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{9B539642-AB62-4002-9DCC-15C9D77F44B9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{169BFE53-5E32-4702-99B2-629A875CD6B7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{E740DF33-292D-4E63-9ACA-14033B55A5C9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{E073E10F-B885-4023-8C3F-CABD9555779D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{296136DE-20B3-4FA6-867D-70C586C79582}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{288C96CA-B76A-4CD3-93FB-2C4A825D6ABA}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{DA1F03A8-36BA-4DDD-B340-7CB3E279A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{50BB7512-5B16-4D28-A783-2A8FBD1CDA1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{5B058E5E-607C-4513-8288-8F69B9D8F190}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1E37DEC9-BE9E-4B80-B937-3C9B3801C0CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DEA66579-F75F-4D13-8DD4-787155EFB8FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{496071A6-49B1-4F0B-A62E-AC90AB3A179D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7BCE9A5A-36D1-4118-A17C-0FF27A4AE191}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7708364-A93E-40D8-B0C8-01713B607893}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FD4E3A0-306E-45FB-9AF8-303205B95298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{7EE2B74E-AA89-478A-8044-340217FD340F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{FF11C487-3787-47F1-8FDA-F6CA329B4121}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE

==================== Wiederherstellungspunkte =========================

05-08-2017 16:49:27 IIF_MSI
09-08-2017 14:02:00 Windows Update
09-08-2017 14:02:12 Windows Update
11-08-2017 15:51:00 Prüfpunkt von HitmanPro
11-08-2017 15:51:54 Prüfpunkt von HitmanPro
12-08-2017 18:26:42 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/14/2017 05:35:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelTechnologyAccessService.exe, Version: 1.9.5.68, Zeitstempel: 0x57f550f5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0x005405b5
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000069e08
ID des fehlerhaften Prozesses: 0x3e80
Startzeit der fehlerhaften Anwendung: 0x01d31512f171aa85
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 882380b7-38a5-443d-b11b-9c20487cb2b2
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/13/2017 08:32:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/13/2017 08:32:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/13/2017 07:34:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: F94026-1)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/12/2017 07:14:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 07:14:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 06:30:11 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 06:30:11 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 04:00:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: F94026-1)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "Adobe Acrobat Reader DC
 (17.012.20093)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/12/2017 04:00:17 PM) (Source: MsiInstaller) (EventID: 11722) (User: F94026-1)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch -- Fehler 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action InstallWebResources, location: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe, command: 17.012.20093 17.009.20058.0


Systemfehler:
=============
Error: (08/14/2017 05:36:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Intel(R) Online Connect Helper erreicht.

Error: (08/14/2017 05:36:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/14/2017 05:35:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Online Connect Access" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Online Connect" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AVG PC TuneUp Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 250 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AVG Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/14/2017 05:35:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-08-12 15:59:28.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:59:28.386
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:59:28.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:51:09.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:49:24.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:46:39.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:42:42.496
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:41:34.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:40:28.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-12 15:39:57.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 32698.55 MB
Verfügbarer physikalischer RAM: 28061 MB
Summe virtueller Speicher: 37562.55 MB
Verfügbarer virtueller Speicher: 31818.04 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:461.37 GB) (Free:267.86 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1786.78 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 80B70726)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 80B70620)

Partition: GPT.

==================== Ende von Addition.txt ============================

Hallo
Adwarecleaner hat was gefunden dann bereinigt hat aber nichts gebracht,nochmal danke für deine Hilfe

M-K-D-B · 15.08.2017, 10:11

Servus,

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
Firefox zurücksetzen

CHR:::
Chrome zurücksetzen

OPR::
Opera zurücksetzen

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Gottel62 · 15.08.2017, 11:08

Hallo
Habe Firefox und Chrome zurückgesetzt.Den IE 11 hatte ich deaktiviert nun weiß ich nicht ob der IE 9 noch aktiv ist habe ihn in Programme gefunden aber nicht als EXE.Im nachfolgenden nun die LOGS.Das Problem besteht weiterhin Hast du schon eine Ahnung.

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-08-2017
durchgeführt von Gotthard (15-08-2017 11:23:44) Run:1
Gestartet von C:\Users\Gotthard\Downloads
Geladene Profile: Gotthard (Verfügbare Profile: defaultuser0 & Gotthard)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41382006 B
Java, Flash, Steam htmlcache => 20100997 B
Windows/system/drivers => 42496 B
Edge => 0 B
Chrome => 15577643 B
Firefox => 8568961 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 2450 B
NetworkService => 0 B
defaultuser0 => 7168 B
Gotthard => 14230923 B

RecycleBin => 310013 B
EmptyTemp: => 103.9 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 11:23:50 ====

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017
durchgeführt von Gotthard (Administrator) auf F94026-1 (15-08-2017 11:59:10)
Gestartet von C:\Users\Gotthard\Downloads
Geladene Profile: Gotthard (Verfügbare Profile: defaultuser0 & Gotthard)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Amazon Services LLC) C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
() C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-21] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-07-21] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-06-29] (Dolby Laboratories, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-21] (Intel Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2110584 2017-07-12] (Logitech, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-06-26] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-06-26] (CyberLink Corp.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe [411912 2016-12-22] ()
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Amazon Music] => C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe [3696104 2017-06-09] (Amazon Services LLC)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Spotify Web Helper] => C:\Users\Gotthard\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-03] (Spotify Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [Spotify] => C:\Users\Gotthard\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-03-03] (Spotify Ltd)
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [OpenOffice Updater] => C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater\Updater.exe [388032 2017-05-02] ()
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\killercontrolcenter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\killerdiagnostics.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ksdeui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-02-26]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)
Startup: C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2017-03-20]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
Tcpip\..\Interfaces\{4d899b68-acd8-4e4f-8c23-96579e8402ab}: [DhcpNameServer] 62.117.1.25 89.16.129.25

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {01F38CF5-175C-4A4B-9FE5-A68C368393D2} URL = 
SearchScopes: HKU\S-1-5-21-439399562-2122694152-2027062775-1001 -> DefaultScope {01F38CF5-175C-4A4B-9FE5-A68C368393D2} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\x64\ie_engine.dll [2016-12-22] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ie_engine.dll [2016-12-22] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-26] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

FireFox:
========
FF DefaultProfile: oilco3d4.default-1502790351002
FF ProfilePath: C:\Users\Gotthard\AppData\Roaming\Mozilla\Firefox\Profiles\oilco3d4.default-1502790351002 [2017-08-15]
FF Extension: (Click-to-Play staged rollout) - C:\Program Files\Mozilla Firefox\browser\features\clicktoplay-rollout@mozilla.org.xpi [2017-08-11] [ist nicht signiert]
FF Extension: (Follow-on Search Telemetry) - C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi [2017-08-03] [ist nicht signiert]
FF Extension: (Shield Recipe Client) - C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi [2017-08-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-439399562-2122694152-2027062775-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default [2017-08-15]
CHR Extension: (Google Präsentationen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-25]
CHR Extension: (Google Docs) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-25]
CHR Extension: (Google Drive) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-25]
CHR Extension: (YouTube) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Adblock Plus) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13]
CHR Extension: (Google Tabellen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-25]
CHR Extension: (Google Docs Offline) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-25]
CHR Extension: (Audio Verbinden) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2017-03-31]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaoblbjfmcalcjjaifickaoccjmhlal [2017-06-20]
CHR Extension: (Archive Extractor) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknadlalodfadgegkigkmbhofcmkhfnc [2017-03-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13]
CHR Extension: (Audio Converter) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2017-03-31]
CHR Extension: (Google Mail) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-25]
CHR Extension: (Chrome Media Router) - C:\Users\Gotthard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-439399562-2122694152-2027062775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mkaoblbjfmcalcjjaifickaoccjmhlal] - hxxps://chrome.google.com/webstore/detail/mkaoblbjfmcalcjjaifickaoccjmhlal
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-02-27] ()
R2 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [856536 2017-02-17] (ASUSTek Computer Inc.)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [348592 2017-06-28] (Windows (R) Win 7 DDK provider)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-01] ()
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-07-24] (CyberLink)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-07-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-05-28] (Intel Corporation)
S4 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2067168 2017-01-26] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S4 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-01] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-01] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [605616 2017-06-28] (Qualcomm)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-03-19] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-07-20] ()
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2017-02-27] ()
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2015-05-18] (ASUSTeK Computer Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520152 2017-07-25] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-08-15] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-26] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-28] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-28] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-28] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-28] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R0 MBAMChameleon; C:\WINDOWS\System32\drivers\MBAMChameleon.sys [188352 2017-07-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-15] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-15] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-15] (Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9ab613610b40aa98\nvlddmkm.sys [15610296 2017-08-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-21] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2418096 2017-07-03] (Qualcomm Atheros, Inc.)
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [99680 2017-01-26] (Rivet Networks, LLC.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-15 11:59 - 2017-08-15 11:59 - 000030155 _____ C:\Users\Gotthard\Downloads\FRST.txt
2017-08-15 11:45 - 2017-08-15 11:45 - 000000000 ____D C:\Users\Gotthard\Desktop\Alte Firefox-Daten
2017-08-15 11:23 - 2017-08-15 11:23 - 000002341 _____ C:\Users\Gotthard\Downloads\Fixlog.txt
2017-08-15 11:13 - 2017-08-15 11:13 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-15 11:13 - 2017-08-10 00:21 - 000135616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-08-15 11:13 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-08-15 11:13 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-08-15 11:13 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-08-15 11:13 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-08-15 11:12 - 2017-08-10 02:34 - 040239552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 035846080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 028961912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 023074832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 018805160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 013649808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 012133296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 011585736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 004164032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 003596224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 001278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 001067968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000781728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000724928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-08-15 11:12 - 2017-08-10 02:34 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-08-14 17:41 - 2017-08-14 17:41 - 000001398 _____ C:\Users\Gotthard\Desktop\mbam.txt
2017-08-14 17:31 - 2017-08-14 17:31 - 008185288 _____ (Malwarebytes) C:\Users\Gotthard\Downloads\adwcleaner_7.0.1.0.exe
2017-08-14 17:22 - 2017-08-15 11:05 - 000326192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-13 20:40 - 2017-08-13 21:10 - 000309978 _____ C:\TDSSKiller.3.1.0.15_13.08.2017_20.40.59_log.txt
2017-08-13 20:02 - 2017-08-13 20:02 - 000007334 _____ C:\Users\Gotthard\Desktop\OpenDocument Text (neu).odt
2017-08-13 19:54 - 2017-08-13 20:19 - 000309980 _____ C:\TDSSKiller.3.1.0.15_13.08.2017_19.54.12_log.txt
2017-08-13 19:53 - 2017-08-13 19:53 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Gotthard\Downloads\tdsskiller.exe
2017-08-13 19:46 - 2017-08-15 11:59 - 000000000 ____D C:\FRST
2017-08-13 19:41 - 2017-08-13 19:41 - 002395648 _____ (Farbar) C:\Users\Gotthard\Downloads\FRST64.exe
2017-08-12 18:31 - 2017-08-12 18:31 - 000020322 _____ C:\Users\Gotthard\Documents\cc_20170812_183116.reg
2017-08-12 18:30 - 2017-08-12 18:30 - 000136116 _____ C:\Users\Gotthard\Documents\cc_20170812_183050.reg
2017-08-11 15:46 - 2017-08-11 15:52 - 000000000 ____D C:\ProgramData\HitmanPro
2017-08-11 15:46 - 2017-08-11 15:46 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-08-11 15:41 - 2017-08-11 15:41 - 000000000 ____D C:\ProgramData\Emsisoft
2017-08-11 15:40 - 2017-08-11 15:44 - 000000000 ____D C:\EEK
2017-08-10 17:42 - 2017-08-10 17:42 - 000000000 ____D C:\Users\Gotthard\Screenshot
2017-08-10 17:30 - 2017-08-10 17:30 - 000000222 _____ C:\Users\Gotthard\Desktop\Shadow Warrior 2.url
2017-08-09 14:01 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 14:01 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 14:01 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 14:01 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 14:01 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 14:01 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 14:01 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 14:01 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 14:01 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 14:01 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 14:01 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 14:01 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 14:01 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 14:01 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 14:01 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 14:01 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 14:01 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 14:01 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 14:01 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 14:01 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 14:01 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 14:01 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 14:01 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 14:01 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 14:01 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 14:01 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 14:01 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 14:01 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 14:01 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 14:01 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 14:01 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 14:01 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 14:01 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 14:01 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 14:01 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 14:01 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 14:01 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 14:01 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 14:01 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 14:01 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 14:01 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 14:01 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 14:01 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 14:01 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 14:01 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 14:01 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 14:01 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 14:01 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 14:01 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 14:01 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 14:01 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 14:01 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 14:01 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 14:01 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 14:01 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 14:01 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 14:01 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 14:01 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 14:01 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 14:01 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 14:01 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 14:01 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 14:01 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 14:01 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 14:01 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 14:01 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 14:01 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 14:01 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 14:01 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 14:01 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-05 16:49 - 2017-08-05 16:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\ProgramData\Dolby
2017-08-03 11:41 - 2017-08-03 11:41 - 000000000 ____D C:\Program Files\Dolby
2017-08-03 11:41 - 2017-07-21 04:58 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-08-03 11:41 - 2017-07-21 04:58 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 072520704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-08-03 11:41 - 2017-07-21 04:57 - 012951320 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-08-03 11:41 - 2017-07-21 04:57 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-03 11:41 - 2017-07-21 04:57 - 003516984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 003099544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 002210784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001159176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000154352 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-08-03 11:41 - 2017-07-21 04:57 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-03 11:41 - 2016-07-22 02:19 - 000091088 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2017-08-03 11:41 - 2016-04-15 14:47 - 000080848 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2017-08-03 11:40 - 2017-08-03 11:40 - 000000000 ____D C:\Users\Gotthard\AppData\Local\Logishrd
2017-08-03 11:39 - 2017-08-03 11:39 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\sp6_log
2017-08-03 11:39 - 2017-07-03 05:32 - 001073824 _____ C:\WINDOWS\system32\Drivers\qca61x4_2_2.bin
2017-08-03 11:39 - 2017-07-03 05:32 - 000097210 _____ C:\WINDOWS\system32\Drivers\Data61x4_2_2.msc
2017-08-03 11:38 - 2017-08-03 11:38 - 000000000 ____D C:\Program Files (x86)\ASM104xUSB3
2017-08-03 11:38 - 2017-06-28 05:50 - 000348592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\AdminService.exe
2017-08-03 11:38 - 2017-06-28 02:48 - 000058488 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000200.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000057624 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000300.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000041112 _____ C:\WINDOWS\system32\Drivers\AthrBT_TF_0x00000302.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000037208 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000302.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000001982 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48_NFA435_10dbm.dfu
2017-08-03 11:38 - 2017-06-28 02:48 - 000001982 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48.dfu
2017-08-03 11:35 - 2017-08-12 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2017-08-03 10:51 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-03 10:51 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-03 10:51 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-03 10:51 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-03 10:51 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-03 10:51 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-03 10:51 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-03 10:51 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-03 10:51 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-03 10:51 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-03 10:51 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-03 10:51 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-03 10:51 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-03 10:51 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-03 10:51 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-03 10:51 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-03 10:51 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-03 10:51 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-03 10:51 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-03 10:51 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-03 10:51 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-03 10:51 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-03 10:51 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-03 10:51 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-03 10:51 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-03 10:51 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-03 10:51 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-03 10:51 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-03 10:51 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-03 10:51 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-03 10:51 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-03 10:51 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-03 10:51 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-03 10:51 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-03 10:51 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-03 10:51 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-03 10:51 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-03 10:51 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-03 10:51 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-03 10:51 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-03 10:51 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-03 10:51 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-03 10:51 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-03 10:51 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-03 10:51 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-03 10:51 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-03 10:51 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-03 10:51 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-03 10:51 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-03 10:51 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-03 10:51 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-03 10:51 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-03 10:51 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-03 10:51 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-03 10:51 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-03 10:51 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-03 10:51 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-03 10:51 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-03 10:51 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-03 10:51 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-03 10:51 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-03 10:51 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-03 10:51 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-03 10:51 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-03 10:51 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-03 10:51 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-03 10:51 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-03 10:51 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-03 10:51 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-03 10:51 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-03 10:51 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-03 10:51 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-03 10:51 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-03 10:51 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-03 10:51 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-03 10:51 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-03 10:51 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-03 10:51 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-03 10:51 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-03 10:51 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-03 10:51 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-03 10:51 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-03 10:51 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-03 10:51 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-07-25 16:34 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-07-22 10:31 - 2017-07-22 10:31 - 000000000 ____D C:\Users\Gotthard\Documents\Shadow Warrior DX11
2017-07-21 10:35 - 2017-07-21 10:35 - 000000000 ____D C:\Users\Gotthard\AppData\Local\SkinSoft
2017-07-21 10:25 - 2017-01-07 21:39 - 000000000 ____D C:\Users\Gotthard\Desktop\JustCause3+23Tr-LNG
2017-07-20 16:50 - 2017-07-20 16:50 - 000000000 ____D C:\Users\Gotthard\Documents\Square Enix
2017-07-20 16:18 - 2017-07-20 16:18 - 000000222 _____ C:\Users\Gotthard\Desktop\Just Cause 3.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-15 11:55 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-15 11:52 - 2017-02-26 07:57 - 000000000 ____D C:\Users\Gotthard\AppData\LocalLow\Mozilla
2017-08-15 11:34 - 2017-04-06 17:04 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D56A6EBC-6126-4119-8BFD-8B0E03E1E2C3}
2017-08-15 11:30 - 2017-04-06 17:07 - 007919482 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-15 11:30 - 2017-03-20 06:41 - 004063006 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-15 11:30 - 2017-03-20 06:41 - 001101514 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-15 11:26 - 2017-03-14 05:43 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\OpenOffice Updater
2017-08-15 11:25 - 2017-04-06 17:04 - 000003250 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
2017-08-15 11:25 - 2017-04-06 16:59 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-15 11:25 - 2017-02-25 18:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-15 11:24 - 2017-05-19 13:37 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-15 11:24 - 2017-05-19 13:37 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-15 11:24 - 2017-05-19 13:36 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-15 11:24 - 2017-04-06 17:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-15 11:24 - 2017-03-29 07:41 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-15 11:24 - 2017-03-18 13:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-08-15 11:24 - 2017-02-28 18:14 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2017-08-15 11:19 - 2017-04-06 17:04 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-08-15 11:13 - 2017-04-06 16:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-15 11:13 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-15 11:13 - 2017-02-23 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-14 19:02 - 2017-06-07 17:59 - 000003134 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-08-14 19:02 - 2017-04-06 17:00 - 000000000 ____D C:\Users\Gotthard
2017-08-14 19:02 - 2017-02-25 19:13 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-14 18:22 - 2017-02-26 07:44 - 000000000 ____D C:\ProgramData\Logishrd
2017-08-14 18:08 - 2017-04-06 17:00 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-08-14 18:07 - 2017-02-26 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-08-14 18:07 - 2017-02-26 07:44 - 000000000 ____D C:\Program Files\Logitech
2017-08-14 17:34 - 2017-04-05 19:44 - 000000000 ____D C:\AdwCleaner
2017-08-12 15:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-12 10:49 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-11 15:56 - 2017-02-26 08:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-11 15:11 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-10 17:32 - 2017-02-25 19:18 - 000000000 ____D C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-10 17:09 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-10 13:55 - 2017-02-26 07:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-10 10:59 - 2017-02-26 07:57 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-10 10:59 - 2017-02-26 07:57 - 000001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-10 02:34 - 2017-03-21 15:33 - 004209520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-08-10 02:34 - 2017-03-21 15:33 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-08-10 02:34 - 2017-03-21 15:33 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-08-10 00:53 - 2017-04-06 17:00 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-08-10 00:53 - 2017-04-06 17:00 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-08-10 00:53 - 2017-04-06 17:00 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-08-10 00:53 - 2017-04-06 17:00 - 000549496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-08-10 00:53 - 2017-04-06 17:00 - 000392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-08-10 00:53 - 2017-04-06 17:00 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-08-10 00:53 - 2017-04-06 17:00 - 000069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-08-10 00:47 - 2017-04-06 16:59 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-09 16:45 - 2017-02-25 18:17 - 000000000 ____D C:\Users\Gotthard\AppData\Local\Packages
2017-08-09 16:42 - 2017-02-28 08:10 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-08-09 14:03 - 2017-02-01 11:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 14:02 - 2017-02-01 11:26 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-09 11:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-09 11:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-08 11:39 - 2017-04-06 17:00 - 008112721 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-08-05 17:45 - 2017-05-17 18:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 17:04 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-05 17:45 - 2017-04-06 16:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-05 17:45 - 2017-02-25 18:40 - 000001492 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-05 16:49 - 2017-02-23 11:24 - 000000000 ____D C:\Program Files\Intel
2017-08-05 16:49 - 2017-02-23 11:24 - 000000000 ____D C:\Program Files (x86)\Intel
2017-08-03 16:26 - 2017-03-02 05:05 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-03 16:26 - 2017-03-02 05:05 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-08-03 11:41 - 2017-04-06 16:59 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-08-03 11:41 - 2017-03-14 15:19 - 000005097 _____ C:\WINDOWS\SysWOW64\Saved_Config.txt
2017-08-03 11:41 - 2017-03-14 15:19 - 000000410 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt
2017-08-03 11:41 - 2017-02-26 07:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-08-03 11:41 - 2017-02-26 07:46 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2017-08-03 11:40 - 2017-04-06 17:04 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-08-03 11:40 - 2017-02-26 08:45 - 000000000 ____D C:\Users\Public\Documents\Logishrd
2017-08-03 11:02 - 2017-05-05 20:00 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-03 10:56 - 2016-11-20 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-03 10:54 - 2017-04-06 17:23 - 000000000 ____D C:\Program Files\Hyper-V
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-03 10:54 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 20:05 - 2017-03-18 11:00 - 000000000 ____D C:\Program Files\Recuva
2017-07-28 16:12 - 2017-02-27 20:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-26 19:09 - 2017-06-30 13:26 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-26 19:09 - 2017-06-30 13:26 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-26 19:09 - 2017-02-25 18:40 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-26 15:40 - 2017-04-07 07:10 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-25 16:14 - 2017-03-18 13:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-07-25 16:14 - 2017-02-25 18:35 - 001021624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-07-25 16:14 - 2017-02-25 18:35 - 000197312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-07-25 16:14 - 2016-06-14 18:47 - 000199640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2017-07-25 16:13 - 2016-12-26 23:03 - 000520152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-07-21 19:21 - 2017-01-17 18:31 - 000897032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2017-07-21 04:57 - 2017-03-29 16:35 - 005874144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-07-21 04:57 - 2017-03-29 16:35 - 000378376 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-07-21 04:57 - 2017-03-29 16:35 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-07-20 16:41 - 2017-05-19 13:37 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-20 16:41 - 2017-05-19 13:36 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-27 18:51 - 2017-02-27 18:51 - 000000017 _____ () C:\Users\Gotthard\AppData\Local\resmon.resmoncfg
2017-04-03 16:33 - 2017-04-03 16:33 - 000046816 _____ () C:\ProgramData\agent.1491229982.bdinstall.bin
2017-04-03 16:56 - 2017-04-03 16:56 - 000029157 _____ () C:\ProgramData\agent.1491231411.bdinstall.bin
2017-04-06 16:59 - 2017-04-06 16:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-06 16:59 - 2017-04-06 16:59 - 000000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
2017-08-15 11:26 - 2017-04-28 03:16 - 000599576 _____ (Microsoft Corporation) C:\Users\Gotthard\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-12 10:49

==================== Ende von FRST.txt ============================

Gottel62 · 15.08.2017, 11:09

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-08-2017
durchgeführt von Gotthard (15-08-2017 11:59:30)
Gestartet von C:\Users\Gotthard\Downloads
Windows 10 Pro Version 1703 (X64) (2017-04-06 15:07:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-439399562-2122694152-2027062775-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-439399562-2122694152-2027062775-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-439399562-2122694152-2027062775-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-439399562-2122694152-2027062775-501 - Limited - Disabled)
Gotthard (S-1-5-21-439399562-2122694152-2027062775-1001 - Administrator - Enabled) => C:\Users\Gotthard

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Amazon Amazon Music) (Version: 5.5.1.1028 - Amazon Services LLC)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.28 - NVIDIA Corporation) Hidden
Ashampoo Photo Commander 14 (HKLM-x32\...\{0A11EA01-616B-A905-B3D2-3B7C238851DC}_is1) (Version: 14.0.6 - Ashampoo GmbH & Co. KG)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.48.1 - Asmedia Technology)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.0.8 - ASUSTek COMPUTER INC.) Hidden
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 0.0.369099031.18949936 - Audible, Inc.)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.04.29 - ASUSTeK Computer Inc.)
AURA(GRAPHICS CARD) (HKLM-x32\...\{AF1004E7-4602-4E68-96F0-5668285D2AF0}) (Version: 0.0.4.1 - )
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{EF9495BF-843A-4F81-ACC5-40F51748D462}) (Version: 0.8.4.73 - Dolby Laboratories, Inc.)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1027 - Intel Corporation)
Intel(R) Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Just Cause 3 (HKLM\...\Steam App 225540) (Version:  - Avalanche Studios)
Kaspersky Password Manager (HKLM-x32\...\{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Killer Performance Suite (HKLM\...\{D0950353-F0CC-441B-B0FA-045A4BFD9F6E}) (Version: 1.0.1026 - Rivet Networks)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.8 - Electronic Arts)
Media Go (HKLM-x32\...\{60CDD65B-61AD-4BE4-BEA8-BB2D15534D4B}) (Version: 3.2.191 - Sony)
Media Go Video Playback Engine 2.20.105.05220 (HKLM-x32\...\{77B3BF4C-1376-60BA-DBE7-932199ED6219}) (Version: 2.20.105.05220 - Sony)
Microsoft OneDrive (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 55.0.1 (x64 de) (HKLM\...\Mozilla Firefox 55.0.1 (x64 de)) (Version: 55.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Music Recorder (HKLM-x32\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
Music Recorder (HKLM-x32\...\{F5EF0BCC-8370-431F-B73E-AC6405C2DA1D}) (Version: 14.1.15600.0 - Audials AG)
Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero 2017 Content Pack (HKLM-x32\...\{4E6D3A36-4558-466D-83CC-AE2DCAC06C53}) (Version: 18.0.00600 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0011 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.28 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.28 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OCCT 4.5.0 (HKLM-x32\...\OCCT) (Version: 4.5.0 - Ocbase.com)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
oPlayer (HKLM-x32\...\{A7D541EA-C319-4964-9F48-B1AA9058777E}) (Version: 1.1.38 - I-SMART CITIES(Zhuhai) Co.,Ltd )
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Shadow Warrior 2 (HKLM\...\Steam App 324800) (Version:  - Flying Wild Hog)
Spotify (HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 28.1 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Websuche (HKLM-x32\...\Websuche) (Version:  - Websuche)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-06-26] (Cyberlink)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-10] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {073DE77D-DE3A-45D9-B121-18B2DD008275} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {0CF0CBA3-96AD-4462-9C97-3AECA50F5783} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {1819FA23-43C0-4B6C-97DA-EFDD16D6EB36} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-24] (Samsung Electronics Co. Ltd.)
Task: {227FFF73-A683-4F3F-B41C-3A2C4E0816B5} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {319C3BC1-47AF-44B5-86E1-85EB9710B576} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {3B9264A3-DA65-4AFD-ADB5-A47732E2250F} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-07-22] (CyberLink Corp.)
Task: {3F641E17-74AA-4743-8824-1E702015D0E3} - System32\Tasks\Amazon Music Helper => C:\Users\Gotthard\AppData\Local\Amazon Music\Amazon Music Helper.exe [2017-06-09] (Amazon Services LLC)
Task: {3FF7F4A2-1620-4101-8D45-36791438B053} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {490922DA-2308-4C3B-88E1-33374A6AE283} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {4D63A57A-50ED-4806-9F13-6DC4029949F2} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {578F5BFB-8F4B-4113-8E2C-28C45CA2012C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-02] (Google Inc.)
Task: {5A82BCA3-BFBD-4FB2-895F-F444B2ABDFB2} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {69E64FF2-D32F-4848-8D67-FA357B90199F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {7099998E-A6BE-4AB4-97AB-40AF13523619} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated)
Task: {74FA8313-B2CB-4C4B-B04A-4229B8537C1C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {79C35159-141D-4AB2-B705-BA74FB2F1812} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {876F335E-23A1-49C6-B9C7-31C7EAE6AF9B} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-26] (Nero AG)
Task: {88FC3817-F06C-467F-B40A-50D6987D9392} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {8EAEA82B-298A-4243-8FD9-356558A884E9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {98469EBB-B56C-4A03-B854-E8A49D9A64BE} - System32\Tasks\S-1-5-21-439399562-2122694152-2027062775-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {A5A97027-FF1E-4A1C-810E-CBA0A64523E7} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {BDA0F406-5023-4E81-A351-A1C83F59EFF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-02] (Google Inc.)
Task: {C758B265-3378-4021-B456-A58C297ACC6F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {C9F2D408-5597-4B37-8DD7-311CA3639952} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [2017-02-17] ()
Task: {CFEADE3E-B318-418F-BED6-3199256CAEC7} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-11-16] (TODO: <Company name>)
Task: {E14DFF35-585C-4C60-847B-0AADFEC2BBF2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {FF25BC62-D488-4843-93F9-1C1C580FF375} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-27 20:10 - 2017-02-27 20:10 - 000933840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
2016-10-05 13:15 - 2016-10-05 13:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-02-25 18:40 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-19 13:36 - 2017-07-20 16:41 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-24 12:03 - 2016-10-24 12:03 - 000589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-02-27 20:11 - 2017-02-17 20:07 - 000247256 _____ () C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 15:24 - 2017-07-18 15:24 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 15:24 - 2017-07-18 15:24 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2016-07-08 15:44 - 2016-07-08 15:44 - 001566208 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe
2016-12-22 23:58 - 2016-12-22 23:58 - 000411912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-10-04 18:09 - 2016-10-04 18:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2017-08-03 16:26 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-03 16:26 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2016-12-22 23:59 - 2016-12-22 23:59 - 000108072 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\plugin-nm-server.exe
2017-02-27 20:10 - 2017-08-15 11:24 - 000044328 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll
2017-02-27 20:10 - 2017-02-27 20:10 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 001746432 _____ () C:\Program Files (x86)\ASUS\AURA\Vender.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\ClaymoreProtocol.dll
2017-02-27 20:11 - 2017-02-17 18:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\RogNewmouseProtocol.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2017-02-26 09:04 - 2017-04-21 08:59 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 000526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-10-08 11:50 - 2016-10-08 11:50 - 001753088 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2017-02-25 18:40 - 2017-07-26 19:08 - 069820864 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-05 14:03 - 2016-12-05 14:03 - 000600160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\dblite.dll
2016-12-22 23:24 - 2016-12-22 23:24 - 000513960 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ipm_service.dll
2016-12-22 23:26 - 2016-12-22 23:26 - 000362344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\ucp_meta.dll
2016-12-22 23:58 - 2016-12-22 23:58 - 000237416 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\infra.dll
2017-02-25 18:40 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-26 07:34 - 2017-02-26 07:33 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-02-28 18:12 - 2014-12-08 09:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2017-05-28 09:45 - 2017-05-28 09:45 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:0507A16B [141]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.

IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2017-05-18 17:04 - 000454512 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15600 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-439399562-2122694152-2027062775-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gotthard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.117.1.25 - 89.16.129.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "Killer Control Center.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-439399562-2122694152-2027062775-1001\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4AEDE23B-F0ED-46C6-BB38-CDD537DB563F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E55175D9-3A9B-40A2-A4BE-8C6C5809094A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2DC7F296-453D-4599-AA56-61125FDE3B90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B1EB837F-F141-46DF-B4E0-73E098003E6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ADD7DE6E-551D-4C63-99C3-08AF4C5503B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC828FB5-3582-4FC5-9C4C-A3BCC630DC13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59B7F543-BE4F-4F2B-92E0-B45B5E84AFCB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F6ABE05-4DBA-43E5-9F42-8481E83E8DC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CDA0EF12-4C03-47C1-B0F6-A2A982ECD07E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DED8FB28-7812-4C80-A4EB-C35BE5311DC3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{39D689A6-DB5F-42FF-B41B-7E0D7E17006C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{FB27B845-63EF-4E56-97F4-9BA2C28939EE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{068DC589-7C08-4A64-ACC4-0D772F45299A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{D0C29ED0-EB77-425C-905C-394574455371}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{97B75051-0F8A-45AB-AD83-CC35F1F2CD42}] => (Allow) C:\Program Files (x86)\Music Recorder\Music Recorder 2016\Audials.exe
FirewallRules: [{914667BE-5A3E-4979-8891-1DB84EF70BD1}] => (Allow) LPort=12972
FirewallRules: [{7C091C59-3AED-4EC6-9112-950E4DE6F294}] => (Allow) LPort=14714
FirewallRules: [{F8CFCBFE-6421-48A1-985A-76F07786DE0E}] => (Allow) LPort=31931
FirewallRules: [{882D0D1F-FC29-487E-AFC3-D5DBD83EAE75}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{9B539642-AB62-4002-9DCC-15C9D77F44B9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{169BFE53-5E32-4702-99B2-629A875CD6B7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{E740DF33-292D-4E63-9ACA-14033B55A5C9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{E073E10F-B885-4023-8C3F-CABD9555779D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{296136DE-20B3-4FA6-867D-70C586C79582}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{288C96CA-B76A-4CD3-93FB-2C4A825D6ABA}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{DA1F03A8-36BA-4DDD-B340-7CB3E279A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{50BB7512-5B16-4D28-A783-2A8FBD1CDA1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{5B058E5E-607C-4513-8288-8F69B9D8F190}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1E37DEC9-BE9E-4B80-B937-3C9B3801C0CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DEA66579-F75F-4D13-8DD4-787155EFB8FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{496071A6-49B1-4F0B-A62E-AC90AB3A179D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7BCE9A5A-36D1-4118-A17C-0FF27A4AE191}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7708364-A93E-40D8-B0C8-01713B607893}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FD4E3A0-306E-45FB-9AF8-303205B95298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{7EE2B74E-AA89-478A-8044-340217FD340F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe
FirewallRules: [{FF11C487-3787-47F1-8FDA-F6CA329B4121}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE

==================== Wiederherstellungspunkte =========================

05-08-2017 16:49:27 IIF_MSI
09-08-2017 14:02:00 Windows Update
09-08-2017 14:02:12 Windows Update
11-08-2017 15:51:00 Prüfpunkt von HitmanPro
11-08-2017 15:51:54 Prüfpunkt von HitmanPro
12-08-2017 18:26:42 JRT Pre-Junkware Removal
15-08-2017 11:55:06 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/15/2017 11:08:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: F94026-1)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/14/2017 05:35:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelTechnologyAccessService.exe, Version: 1.9.5.68, Zeitstempel: 0x57f550f5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0x005405b5
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000069e08
ID des fehlerhaften Prozesses: 0x3e80
Startzeit der fehlerhaften Anwendung: 0x01d31512f171aa85
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 882380b7-38a5-443d-b11b-9c20487cb2b2
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/13/2017 08:32:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/13/2017 08:32:16 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/13/2017 07:34:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: F94026-1)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/12/2017 07:14:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 07:14:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 06:30:11 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 06:30:11 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-439399562-2122694152-2027062775-1001}/">.

Error: (08/12/2017 04:00:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: F94026-1)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "Adobe Acrobat Reader DC
 (17.012.20093)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


Systemfehler:
=============
Error: (08/15/2017 11:25:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Intel(R) Online Connect Helper erreicht.

Error: (08/15/2017 11:24:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/15/2017 11:24:15 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (08/15/2017 11:23:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/15/2017 11:23:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/15/2017 11:23:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Online Connect" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/15/2017 11:23:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/15/2017 11:23:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/15/2017 11:23:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/15/2017 11:23:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-08-15 11:44:39.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:44:39.260
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:43:44.510
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:42:07.499
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:42:02.611
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:42:02.500
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:41:59.732
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:41:27.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:41:04.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-15 11:41:04.006
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 32698.55 MB
Verfügbarer physikalischer RAM: 27210.73 MB
Summe virtueller Speicher: 37562.55 MB
Verfügbarer virtueller Speicher: 31230.12 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:461.37 GB) (Free:264.76 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1786.78 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 80B70726)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 80B70620)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 16.08.2017, 10:36

Servus,

bisher bin ich noch nicht fündig geworden.
Kannst du mir mal bitte ein paar Screenshots diesen neuen Tabs/Fenster schicken, die sich in FF und CHR öffnen? Auf welche Seiten wird dort verlinkt?
Auf welchen Seiten bist du unterwegs, wenn sich diese neuen Tabs/Fenster öffnen?

Außerdem noch bitte HitmanPro und ESET ausführen:

Schritt 1
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 2
Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)

Starte die Installationsdatei.
Akzeptiere die Nutzungsbedingungen.
Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
Wähle In Textdatei speichern... aus und speichere die Datei als eset.txt auf deinem Desktop ab.
Füge den Inhalt der eset.txt mit deiner nächsten Antwort hinzu.
Sollte ESET nichts finden, so kann auch keine Logdatei erstellt werden. Teile uns das dann unbedingt mit.
Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.

Gottel62 · 16.08.2017, 12:22

Hallo
Ich habe jetzt eine halbe Stunde gewartet und es ist keine Seite aufgeklappt.Meist bin ich bei Facebook oder bei meiner Mail Seite web.de unterwegs.Mal ist es eine Onlinespieleseite ,mal eine von Adobe wo ich was installieren soll.Aber wie gesagt klappt zur Zeit nichts auf.Wenn es wieder passiert schicke ich Dir den Screenshot.Eset hat nichts gefundenund hier ist der Log von Hitman

Code:

ATTFilter

HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : F94026-1
   Windows . . . . . . . : 10.0.0.15063.X64/8
   User name . . . . . . : F94026-1\Gotthard
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (26 days left)

   Scan date . . . . . . : 2017-08-16 12:22:37
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 56s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 2.244.563
   Files scanned . . . . : 36.802
   Remnants scanned  . . : 499.402 files / 1.708.359 keys

Suspicious files ____________________________________________________________

   C:\Users\Gotthard\Downloads\FRST64.exe
      Size . . . . . . . : 2.395.648 bytes
      Age  . . . . . . . : 2.7 days (2017-08-13 19:41:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C4415C01B9217A0A06B8931FD2C7661738A82592D60511DF070F1CB4BCDB23F5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

M-K-D-B · 16.08.2017, 19:41

Dein Rechner sieht sauber aus. Ich vermute das Problem nicht auf deinem PC, sondern vielmehr auf den Seiten, die du besuchst. Evtl. sind manche davon infiziert und du bekommst deratige Pop-ups, Neue Tabs, Neue Fenster, etc. angezeigt.

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen.

Option 1: Drivesnapshot

Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html

Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64
Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot.

Option 2: Seagate DiscWizard
Download => Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3: Acronis TrueImage WD Edition
Download => Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg