Mbar mehere Funde und langsamer pc

c642 · 08.09.2017, 16:25

Erstmal Guten Tag,
Seit ungefähr einer Woche ist mein Pc extrem langsam und schaft es manchmal nicht hochzufahren.
Darauf habe Ich Mbam laufen lassen und es hat nichts gefunden. danach habe ich mbar laufen lassen und es hatte 6 funde, aber Ich finde das Log nicht

Lg: c642

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows 10 x64 NTFS
Internet Explorer 11.540.15063.0
Ben :: BEN-PC [administrator]

08.09.2017 17:10:30
mbar-log-2017-09-08 (17-10-30).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 426110
Time elapsed: 9 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe (Trojan.Agent) -> Delete on reboot. [96a745f85b21d066923bb143c2417a86]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe (Security.Hijack) -> Delete on reboot. [3904d9646b1151e5875f1cd8857e7d83]
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe (Security.Hijack) -> Delete on reboot. [b88596a71b613cfa51b5718621e234cc]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe (Trojan.Agent) -> Delete on reboot. [73ca57e66616e155ae1fc72de320718f]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe (Security.Hijack) -> Delete on reboot. [eb5234098def9f97697d6e86ab58d22e]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe (Security.Hijack) -> Delete on reboot. [b984d5680e6e3ff714f2a5525da6ef11]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

M-K-D-B · 08.09.2017, 19:46

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

c642 · 08.09.2017, 20:07

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Ben (Administrator) auf BEN-PC (08-09-2017 21:02:14)
Gestartet von C:\Users\Ben\Desktop
Geladene Profile: Ben (Verfügbare Profile: Ben & s***y)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files\Everything\Everything.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_watchdog.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Everything\Everything.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2016-04-08] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-08-06] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-07-03] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-08-28] (Valve Corporation)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [7422984 2016-03-26] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2016-07-02] (Dxtory Software)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-08-20] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Discord] => C:\Users\Ben\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [ipts] => C:\Users\Ben\Desktop\ipts.exe -h
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [1762040 2017-08-29] (Wargaming.net)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\MountPoints2: {c68e9052-2e81-11e7-a476-806e6f6e6963} - "F:\Setup.exe" 
Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-02-02]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\s***y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 4500 series (Kopie 1).lnk [2017-09-08]
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 4500 series (Kopie 1).lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\s***y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 4500 series.lnk [2017-05-29]
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 4500 series.lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2C7B2EE4-D141-4A1C-97DA-E7C9EC9B9B3F}: [NameServer] 190.202.81.115,192.95.48.17
Tcpip\..\Interfaces\{2C7B2EE4-D141-4A1C-97DA-E7C9EC9B9B3F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{344f46fc-1e2f-497a-8782-8225f4fa8463}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-186756840-728361655-16016459-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKU\S-1-5-21-186756840-728361655-16016459-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-186756840-728361655-16016459-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-186756840-728361655-16016459-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-17] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: xa7d8fwk.default
FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default [2017-09-08]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\xa7d8fwk.default -> Bing®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\xa7d8fwk.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\xa7d8fwk.default -> hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: Mozilla\Firefox\Profiles\xa7d8fwk.default -> ist aktiviert.
FF Extension: (MEGA) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\firefox@mega.co.nz.xpi [2017-09-06]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-10-10]
FF Extension: (WOT) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-09-08]
FF Extension: (Adblock Plus) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Firefox Screenshots) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\features\{a992c495-7d0e-4b7d-a0b8-90074d815f0b}\screenshots@mozilla.org.xpi [2017-09-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-10] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-17] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default [2017-09-08]
CHR Extension: (Google Präsentationen) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-29]
CHR Extension: (Google Docs) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-29]
CHR Extension: (Google Drive) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-29]
CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-29]
CHR Extension: (Agar.io Powerups) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2016-10-29]
CHR Extension: (Google Tabellen) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-29]
CHR Extension: (Avira Browserschutz) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07]
CHR Extension: (Google Docs Offline) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-20]
CHR Extension: (ModHeader) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2017-03-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Google Mail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-04]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-06] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [389392 2016-11-02] (EasyAntiCheat Ltd)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-02] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-08-20] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-22] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305400 2016-04-03] (Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-05-01] (Advanced Micro Devices)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-03-23] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-01] (REALiX(tm))
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R3 kxwdmdrv; C:\WINDOWS\system32\drivers\kx.sys [765448 2016-05-28] (Eugene Gavrilov)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-09-08] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-29] (Malwarebytes)
R1 MpKslda1ea320; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A517B4A-516A-4794-A757-5289DE861980}\MpKslda1ea320.sys [44928 2017-09-08] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-05-01] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Datei ist nicht signiert]
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121824 2016-08-11] (Oracle Corporation)
S1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195424 2016-08-11] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [27904 2016-03-26] (AAA Internet Publishing, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-08 21:02 - 2017-09-08 21:02 - 000024307 _____ C:\Users\Ben\Desktop\FRST.txt
2017-09-08 21:02 - 2017-09-08 21:02 - 000000000 ____D C:\Users\Ben\Desktop\FRST-OlderVersion
2017-09-08 21:01 - 2017-09-08 21:02 - 000000000 ____D C:\FRST
2017-09-08 20:58 - 2017-09-08 20:58 - 000000222 _____ C:\Users\Ben\Desktop\Paladins.url
2017-09-08 17:21 - 2017-09-08 17:21 - 005027784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-08 17:10 - 2017-09-08 17:21 - 000000000 ____D C:\Users\Ben\Desktop\mbar
2017-09-08 17:10 - 2017-09-08 17:21 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-08 17:08 - 2017-09-08 17:09 - 000297208 _____ C:\TDSSKiller.3.1.0.15_08.09.2017_17.08.46_log.txt
2017-09-08 16:43 - 2017-09-08 17:07 - 000000000 ____D C:\WINDOWS\Minidump
2017-09-08 15:11 - 2017-09-08 15:11 - 000148241 _____ C:\Users\s***y\Downloads\2017_09rechnung_4912103886.pdf
2017-09-07 21:27 - 2017-09-07 21:27 - 000000095 ____H C:\Users\Ben\Desktop\.~lock.Freiheit und Grundrechte.docx#
2017-09-06 20:54 - 2017-09-06 21:03 - 750825432 _____ C:\Users\Ben\Desktop\Multi-Style intro Template By JUGGERNALT.rar
2017-09-03 18:01 - 2017-09-03 18:06 - 272227601 _____ C:\Users\Ben\Desktop\Ohne Titel.mp4
2017-08-28 19:56 - 2017-08-28 19:56 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign7899ab8f9c8f2085
2017-08-26 11:48 - 2017-08-26 11:48 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsignb088eb144b538ec6
2017-08-26 09:37 - 2017-08-26 09:37 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsigndfda0daa3e563994
2017-08-26 09:17 - 2017-08-26 09:17 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign36e221066f4da012
2017-08-26 00:12 - 2017-08-26 00:12 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign6a3a9548e908d091
2017-08-25 23:48 - 2017-08-25 23:48 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign792ed6a14557fb51
2017-08-25 23:42 - 2017-08-25 23:42 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign6b31ad755757fa0f
2017-08-25 22:03 - 2017-08-25 22:03 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign3457f76a8502e590
2017-08-25 16:50 - 2017-08-25 16:50 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-20 17:34 - 2017-08-20 17:34 - 002297625 _____ C:\Users\Ben\Desktop\YouTube_Memory.pdf
2017-08-20 16:27 - 2017-08-20 16:27 - 000442192 _____ C:\Users\Ben\Desktop\Evaxo.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000418656 _____ C:\Users\Ben\Desktop\Doctor rayzor.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000360000 _____ C:\Users\Ben\Desktop\rye.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000329208 _____ C:\Users\Ben\Desktop\fuerey.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000329208 _____ C:\Users\Ben\Desktop\fineeey.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000306584 _____ C:\Users\Ben\Desktop\Load Tronic.sfk
2017-08-20 16:27 - 2017-08-20 07:10 - 092142772 _____ C:\Users\Ben\Desktop\rye.wav
2017-08-20 16:27 - 2017-08-20 07:09 - 084260892 _____ C:\Users\Ben\Desktop\fuerey.wav
2017-08-20 16:27 - 2017-08-20 07:07 - 078467628 _____ C:\Users\Ben\Desktop\Load Tronic.wav
2017-08-20 16:27 - 2017-08-20 07:06 - 107158092 _____ C:\Users\Ben\Desktop\Doctor rayzor.wav
2017-08-20 16:27 - 2017-08-20 07:04 - 113184044 _____ C:\Users\Ben\Desktop\Evaxo.wav
2017-08-20 16:27 - 2017-08-20 07:02 - 084260892 _____ C:\Users\Ben\Desktop\fineeey.wav
2017-08-20 16:24 - 2017-08-20 16:26 - 000507274 _____ C:\Users\Ben\Desktop\Finish0001-0142.avi
2017-08-20 16:23 - 2017-08-20 16:24 - 001703328 _____ C:\Users\Ben\Desktop\2D Intro Template #57 by Alexbau01.blend
2017-08-20 16:23 - 2016-02-21 16:55 - 001702048 _____ C:\Users\Ben\Desktop\2D Intro Template #57 by Alexbau01.blend1
2017-08-20 16:23 - 2016-02-21 15:54 - 000998908 _____ C:\Users\Ben\Desktop\JPB_-_High_[NCS_Release] Part.wav
2017-08-20 16:18 - 2017-08-20 16:18 - 002380288 _____ C:\Users\Ben\Desktop\Profile Picture.psd
2017-08-20 16:18 - 2017-08-20 16:18 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign5741cc26cea20434
2017-08-20 16:11 - 2017-08-20 16:11 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign8391c49d58528f4a
2017-08-20 16:10 - 2017-08-20 16:12 - 037938630 _____ C:\Users\Ben\Desktop\Cobras Banner template.psd
2017-08-20 16:07 - 2017-08-20 16:07 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsignace8d14dbfe972c3
2017-08-20 16:05 - 2017-08-20 16:05 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsigne80365ce84cdbeae
2017-08-20 15:44 - 2017-08-20 15:44 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign7757a1aad2f6038e
2017-08-20 15:37 - 2017-08-20 15:37 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign8b7c4c10cef01079
2017-08-20 15:28 - 2017-08-20 15:28 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsigna77e8bf9aad0d63a
2017-08-20 12:57 - 2017-08-20 12:57 - 000000000 ____D C:\Users\Ben\Desktop\tmp
2017-08-19 11:39 - 2017-08-19 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-08-19 11:39 - 2017-08-19 11:39 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-08-17 21:29 - 2017-08-17 21:29 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-08-17 21:29 - 2017-08-17 21:29 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-08-17 21:29 - 2017-08-17 21:29 - 000000000 ____D C:\Program Files\Java
2017-08-17 19:49 - 2017-08-20 20:14 - 000025608 _____ C:\Users\Ben\Desktop\Ohne Titel.veg
2017-08-17 19:49 - 2017-08-17 19:49 - 000014688 _____ C:\Users\Ben\Desktop\Ohne Titel.veg.bak
2017-08-16 19:50 - 2017-08-16 21:41 - 000000707 _____ C:\Users\Ben\Desktop\World of Warships EU.lnk
2017-08-16 19:49 - 2017-08-16 19:50 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2017-08-16 19:49 - 2017-08-16 19:49 - 000001846 _____ C:\Users\Ben\Desktop\Game Center.lnk
2017-08-16 19:49 - 2017-08-16 19:49 - 000000000 ____D C:\ProgramData\Wargaming.net
2017-08-14 20:29 - 2017-08-14 20:29 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign7efd30bc8886b72f
2017-08-14 17:08 - 2017-08-14 17:27 - 1181340214 _____ C:\Users\Ben\Desktop\releases.mp4
2017-08-14 17:04 - 2017-08-14 17:04 - 000000000 ____D C:\output
2017-08-14 17:03 - 2017-08-14 17:03 - 000000635 _____ C:\Users\Public\Desktop\WAV To MP3.lnk
2017-08-14 17:03 - 2017-08-14 17:03 - 000000000 ____D C:\WAV To MP3
2017-08-14 17:03 - 2017-08-14 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WAV To MP3
2017-08-14 16:52 - 2017-08-14 16:52 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign24a3c6509b478085
2017-08-13 22:08 - 2017-08-13 22:08 - 000000074 _____ C:\Users\Ben\Desktop\üb.txt
2017-08-11 11:35 - 2017-08-11 11:35 - 000000222 _____ C:\Users\Ben\Desktop\Rocket League (2).url
2017-08-10 14:24 - 2017-08-10 14:24 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign83196e697214791b
2017-08-09 21:19 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 21:19 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 21:19 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 21:19 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 21:19 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 21:19 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 21:19 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 21:19 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 21:19 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 21:19 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 21:19 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 21:19 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 21:19 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 21:19 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 21:19 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 21:19 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 21:19 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 21:19 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 21:19 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 21:19 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 21:19 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 21:19 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 21:19 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 21:19 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 21:19 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 21:19 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 21:19 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 21:19 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 21:19 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 21:19 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 21:19 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 21:19 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 21:19 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 21:19 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 21:19 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 21:19 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 21:19 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 21:19 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 21:19 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 21:19 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 21:19 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 21:19 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 21:19 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 21:19 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 21:19 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 21:19 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 21:19 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 21:19 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 21:19 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-09 21:19 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-09 21:19 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-09 21:19 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-09 21:19 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-09 21:19 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-09 21:19 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-09 21:19 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-09 21:19 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-09 21:19 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-09 21:19 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-09 21:19 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-09 21:19 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-09 21:19 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-09 21:19 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-09 21:19 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-09 21:19 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-09 21:19 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-09 21:19 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-09 21:19 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-09 21:19 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-09 21:19 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-09 21:19 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-09 21:19 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-09 21:19 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-09 21:19 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-09 21:19 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-09 21:19 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-09 21:19 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-09 21:19 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-09 21:19 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-09 21:19 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-09 21:19 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-09 21:19 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-09 21:19 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-09 21:19 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-09 21:19 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-09 21:19 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-09 21:19 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-09 21:19 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-09 21:19 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-09 21:19 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-09 21:19 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-09 21:19 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-09 21:19 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-09 21:19 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-09 21:19 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-09 21:19 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:19 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-09 21:19 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-09 21:19 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-09 21:19 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-09 21:19 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-09 21:19 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-09 21:19 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-09 21:19 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-09 21:19 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:19 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-09 21:19 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-09 21:19 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-09 21:19 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-09 21:19 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-09 21:19 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-09 21:19 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-09 21:19 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-09 21:19 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-09 21:19 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-09 21:19 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-09 21:19 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-09 21:19 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-09 21:19 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-09 21:19 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-09 21:19 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-09 21:19 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-09 21:19 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-09 21:19 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-09 21:19 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-09 21:19 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-09 21:19 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-09 21:19 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-09 21:19 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-09 21:19 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-09 21:19 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-09 21:19 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-09 21:19 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-09 21:19 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-09 21:19 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-09 21:19 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-09 21:19 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-09 21:18 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 21:18 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 21:18 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 21:18 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 21:18 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 21:18 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 21:18 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 21:18 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 21:18 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 21:18 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 21:18 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 21:18 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 21:18 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 21:18 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 21:18 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 21:18 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 21:18 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 21:18 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 21:18 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 21:18 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 21:18 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 21:18 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 21:18 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 21:18 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 21:18 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 21:18 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 21:18 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 21:18 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 21:18 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 21:18 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 21:18 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 21:18 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 21:18 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 21:18 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 21:18 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 21:18 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 21:18 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 21:18 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 21:18 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 21:18 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 21:18 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 21:18 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 21:18 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 21:18 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 21:18 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 21:18 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 21:18 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 21:18 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-09 21:18 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-09 21:18 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-09 21:18 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-09 21:18 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-09 21:18 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-09 21:18 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-09 21:18 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-09 21:18 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-09 21:18 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-09 21:18 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:18 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-09 21:18 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-09 21:18 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-09 21:18 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-09 21:18 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-09 21:18 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-09 21:18 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-09 21:18 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-09 21:18 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-09 21:18 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-09 21:18 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-09 21:18 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-09 21:18 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-09 21:18 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-09 21:18 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-09 21:18 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-09 21:18 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-09 21:18 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-09 21:18 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-09 21:18 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-09 21:18 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-09 21:18 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:18 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-09 21:18 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-09 21:18 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-09 21:18 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-09 21:18 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-09 21:18 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-09 21:18 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-09 21:18 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-09 21:18 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-09 21:18 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-09 21:18 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-09 21:18 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-09 21:18 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-09 21:18 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-09 21:18 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-09 21:18 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-09 21:18 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-09 21:18 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-09 21:18 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-09 21:18 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:18 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-09 21:18 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-09 21:18 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-09 21:18 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-09 21:18 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-09 21:18 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-09 21:18 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-09 21:18 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-09 21:18 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-09 21:18 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-09 21:18 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-09 21:18 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-09 21:18 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-09 21:18 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-09 21:18 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-09 21:18 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-09 21:18 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-09 21:18 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-09 21:18 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-09 21:18 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-09 21:18 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-09 21:18 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-09 21:18 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-09 21:18 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-09 21:18 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-09 21:18 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-09 21:18 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-09 21:18 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-09 21:18 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-09 21:18 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-09 21:18 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-09 21:18 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-09 21:18 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-09 21:18 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-09 21:18 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-09 21:18 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-09 21:18 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-09 21:18 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-09 21:18 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-09 21:18 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-09 21:18 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-09 21:18 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-09 21:18 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-08 21:02 - 2016-08-17 22:04 - 002395648 _____ (Farbar) C:\Users\Ben\Desktop\FRST64.exe
2017-09-08 21:01 - 2017-06-16 09:14 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Everything
2017-09-08 20:59 - 2016-03-22 18:26 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-08 20:58 - 2016-03-22 18:36 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-08 17:27 - 2017-05-19 16:26 - 003654248 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-08 17:27 - 2017-03-20 06:35 - 001771502 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-08 17:27 - 2017-03-20 06:35 - 000441332 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-08 17:26 - 2017-05-19 16:23 - 000003012 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Ben)
2017-09-08 17:25 - 2017-05-19 16:19 - 000000000 ____D C:\Users\Ben
2017-09-08 17:25 - 2016-03-22 18:17 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Skype
2017-09-08 17:23 - 2017-04-18 16:46 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-08 17:21 - 2017-05-19 16:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-08 17:21 - 2017-05-19 16:18 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-08 17:21 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SchCache
2017-09-08 17:21 - 2017-03-18 13:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-09-08 17:21 - 2016-06-07 10:30 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 17:10 - 2017-04-14 23:10 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 17:10 - 2016-06-07 10:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 17:07 - 2017-07-06 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mine-imator
2017-09-08 17:07 - 2016-11-05 20:49 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2017-09-08 17:07 - 2016-11-03 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-09-08 17:07 - 2016-10-29 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMacroRecorder
2017-09-08 17:07 - 2016-08-13 12:00 - 000000000 ____D C:\Users\Ben\Desktop\Design
2017-09-08 17:07 - 2016-08-12 16:06 - 000000000 ____D C:\Users\Ben\Desktop\Spiele
2017-09-08 17:07 - 2016-03-24 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-09-08 16:46 - 2016-06-01 17:42 - 000000000 ____D C:\Users\Ben\AppData\Local\Adobe
2017-09-08 16:43 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-08 15:14 - 2016-11-22 12:40 - 000000000 ____D C:\Users\s***y\AppData\LocalLow\Mozilla
2017-09-08 15:04 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-08 15:00 - 2017-07-27 17:59 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-186756840-728361655-16016459-1002
2017-09-08 15:00 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-08 15:00 - 2016-03-22 18:03 - 000002397 _____ C:\Users\s***y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 15:00 - 2016-03-22 18:03 - 000000000 ___RD C:\Users\s***y\OneDrive
2017-09-08 00:31 - 2017-05-19 16:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-06 21:12 - 2017-04-29 20:14 - 000001185 _____ C:\Users\Ben\Desktop\nativelog.txt
2017-09-06 19:21 - 2016-03-22 18:35 - 000000000 ____D C:\Users\Ben\AppData\Roaming\.minecraft
2017-09-05 21:31 - 2016-04-10 16:47 - 000000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client
2017-09-03 17:37 - 2017-05-19 16:00 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-03 17:29 - 2016-03-24 16:07 - 000000000 ____D C:\Users\Ben\AppData\Roaming\vlc
2017-09-02 13:33 - 2016-11-18 21:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-02 13:33 - 2016-03-22 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-30 20:09 - 2016-05-03 19:37 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Audacity
2017-08-29 17:55 - 2017-06-06 21:31 - 000000000 ____D C:\Program Files\Rockstar Games
2017-08-29 17:55 - 2017-06-06 21:31 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-08-29 16:25 - 2016-10-29 21:19 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 13:44 - 2017-01-28 16:04 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-08-26 21:07 - 2016-06-17 14:36 - 000000000 ____D C:\Users\Ben\AppData\Roaming\obs-studio
2017-08-26 09:20 - 2016-11-19 10:57 - 000000000 ____D C:\Users\Ben\AppData\LocalLow\Mozilla
2017-08-25 20:58 - 2017-07-06 12:03 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Mine_imator
2017-08-25 16:50 - 2016-03-25 21:52 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-21 13:59 - 2017-07-06 18:12 - 000015475 _____ C:\Users\Ben\Desktop\Bewerbung.odt
2017-08-21 13:15 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-21 12:59 - 2016-06-01 17:47 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-08-20 16:53 - 2016-12-19 20:18 - 000000000 ____D C:\Users\Ben\BrawlhallaReplays
2017-08-17 21:57 - 2016-09-23 14:15 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-17 21:29 - 2017-05-18 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-16 19:55 - 2017-01-31 16:30 - 000007599 _____ C:\Users\Ben\AppData\Local\Resmon.ResmonCfg
2017-08-16 19:50 - 2016-08-19 20:03 - 000000000 ____D C:\Games
2017-08-16 19:49 - 2016-08-19 21:49 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Wargaming.net
2017-08-14 21:11 - 2016-08-22 15:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-08-14 14:21 - 2016-03-22 18:03 - 000000000 ____D C:\Users\s***y\AppData\Local\Packages
2017-08-14 14:20 - 2016-03-23 00:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-13 20:37 - 2016-09-03 18:41 - 000765480 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-12 12:21 - 2016-03-22 18:17 - 000000000 ____D C:\ProgramData\Skype
2017-08-10 21:56 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-10 21:56 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-10 10:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-10 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-09 21:20 - 2016-03-24 15:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 21:19 - 2016-03-24 15:25 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-03 13:18 - 2016-07-03 13:18 - 000000000 ___RH () C:\Users\Ben\AppData\Roaming\b24fe1c9ae392848daab4337067789532
2016-04-09 18:32 - 2016-04-09 18:32 - 000000040 _____ () C:\Users\Ben\AppData\Roaming\infobypatrickghg.txt
2017-02-27 13:18 - 2017-02-27 13:18 - 000000505 _____ () C:\Users\Ben\AppData\Roaming\jd-gui.cfg
2016-04-09 18:32 - 2016-04-09 18:32 - 000000085 _____ () C:\Users\Ben\AppData\Roaming\pack.mcmeta
2016-04-09 18:32 - 2016-04-09 18:32 - 000012005 _____ () C:\Users\Ben\AppData\Roaming\pack.png
2016-08-20 20:45 - 2016-08-20 20:45 - 000005120 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-08 17:12 - 2016-10-25 21:36 - 000000600 _____ () C:\Users\Ben\AppData\Local\PUTTY.RND
2017-01-31 16:30 - 2017-08-16 19:55 - 000007599 _____ () C:\Users\Ben\AppData\Local\Resmon.ResmonCfg
2016-07-08 16:10 - 2016-07-08 16:10 - 000000003 _____ () C:\Users\Ben\AppData\Local\updater.log
2016-07-08 16:10 - 2017-05-17 16:22 - 000000425 _____ () C:\Users\Ben\AppData\Local\UserProducts.xml
2017-02-27 17:56 - 2017-02-27 17:56 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-05-19 16:18 - 2017-05-19 16:18 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-29 20:01 - 2016-08-29 20:01 - 000000224 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2017-06-01 13:13 - 2017-06-01 13:13 - 000008720 _____ () C:\Users\s***y\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-05-26 14:57 - 2017-05-26 14:57 - 000010520 _____ () C:\Users\s***y\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-07 21:33

==================== Ende von FRST.txt ============================

c642 · 08.09.2017, 20:08

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Ben (08-09-2017 21:02:45)
Gestartet von C:\Users\Ben\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-19 14:25:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-186756840-728361655-16016459-500 - Administrator - Disabled)
Ben (S-1-5-21-186756840-728361655-16016459-1001 - Administrator - Enabled) => C:\Users\Ben
DefaultAccount (S-1-5-21-186756840-728361655-16016459-503 - Limited - Disabled)
Gast (S-1-5-21-186756840-728361655-16016459-501 - Limited - Disabled)
s***y (S-1-5-21-186756840-728361655-16016459-1002 - Limited - Enabled) => C:\Users\s***y

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
ACP Application (HKLM\...\{32A0BFB6-5413-C0E6-FA04-713AFDA3BD05}) (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.12.160304 - )
BattleStick (HKLM\...\Steam App 394380) (Version:  - Pinterac)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Camtasia Studio 8 (HKLM-x32\...\{F6EC4C4E-C87B-4F50-851B-1C86E0C94F00}) (Version: 8.6.0.2055 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ChargeShot (HKLM\...\Steam App 401840) (Version:  - Cowboy Color)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Crazy Killer (HKLM\...\Steam App 448460) (Version:  - Ino-Co Plus)
CrystalDiskInfo 7.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.1.1 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Discord (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Epic Games Launcher (HKLM-x32\...\{BD7E17B3-FEB2-4761-980D-50C4FA169EF9}) (Version: 1.1.74.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
FileZilla Client 3.19.0 (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Funny Voice (HKLM-x32\...\Funny Voice) (Version: "1.4.1" - "Grafik-Software.de")
GameDog (HKLM-x32\...\{05C30AD9-6CDF-4767-A4E6-6D6C9F41CA0C}) (Version: 2.4.5955.41964 - Wolfspirit)
GenArts Sapphire Plug-ins 7.04 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1141 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Invasion (HKLM\...\Steam App 397980) (Version:  - Hipix Studio)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 8 Update 77 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180770}) (Version: 8.0.770.3 - Oracle Corporation)
join.me (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\JoinMe) (Version: 3.1.0.4825 - LogMeIn, Inc.)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
KnowBe4 RanSim (HKLM-x32\...\{E6098775-CB4B-47F6-9FA7-473D542CB6F2}) (Version: 1.1.0.7 - KnowBe4 Inc) Hidden
KnowBe4 RanSim (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\{5fcc8862-ce47-4f88-b5aa-011f4141417f}) (Version: 1.1.0.7 - KnowBe4 Inc)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{7C6B1560-A8B1-4AED-BF77-A43713C7726D}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LibreOffice 5.2.5.1 (HKLM-x32\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Magic Bullet Suite 64-bit (HKLM\...\{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Duels (HKLM\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mine-imator version 1.0.6 (HKLM-x32\...\{EF61A1AA-5F85-4E94-ACC6-D5650A312AE6}}_is1) (Version: 1.0.6 - David Norgren)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Muddy Heights 2 (HKLM\...\Steam App 463850) (Version:  - Rageborn Studio, LLC)
MultiTool V2 (HKLM-x32\...\MultiTool V2) (Version: 2.0.3.1 - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.2 (HKLM\...\{629314D8-8CB7-45F4-8C48-20EF2E330430}) (Version: 5.1.2 - Oracle Corporation)
osu! (HKLM-x32\...\{0de90e66-aed9-497b-9532-3cac56210413}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.17.6-r119262-release - Plays.tv, LLC)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 r2746 - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
ROBLOX Player for Ben (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for Ben (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Scratch 2 Offline Editor (HKLM-x32\...\{EF5983CC-7C4B-85D2-36BA-591163A1159E}) (Version: 255 - Massachusetts Institute of Technology) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 453 - Massachusetts Institute of Technology)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
Skype Audio Player (remove only) (HKLM-x32\...\SkypePlayer) (Version:  - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Speak-A-Message (HKLM-x32\...\{9BEA131F-4D50-4AC3-ADE7-715F109E9308}) (Version: 10.2.6 - Inventivio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 5.25 - NCH Software)
TeamSpeak 3 Client (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
The Next Penelope (HKLM\...\Steam App 332250) (Version:  - Aurelien Regard)
Trove (HKLM\...\Steam App 304050) (Version:  - Trion Worlds)
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version:  - )
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F21AF10F-1A2A-11E7-8809-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Wargaming.net Game Center) (Version: 17.6.0.4857 - Wargaming.net)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
What's under your blanket !? (HKLM\...\Steam App 432020) (Version:  - 5Wolf)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version:  - Evil Tortilla Games)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
Worm.is: The Game (HKLM\...\Steam App 466910) (Version:  - Freakinware Studios)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-186756840-728361655-16016459-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6CFD8FEA62AB}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-186756840-728361655-16016459-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-08-15] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-08-15] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {033D623A-3A47-4121-BEE1-B3D25B0AD32D} - System32\Tasks\HP AR Program Upload - 186fb3cc958745288e464fca9e13bddc581ec5121a514f438ee2a11a2364a190 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {061FCAEE-0E62-4354-9E3F-0C6141C5578C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-10] (Adobe Systems Incorporated)
Task: {1112F5F0-0ECF-4048-A963-4207BA985708} - System32\Tasks\Driver Booster SkipUAC (Ben) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {1D6FA934-162F-4166-A3E5-A6D866866267} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-03] (Advanced Micro Devices, Inc.)
Task: {1EB64A52-EABE-4272-9D41-7A0FF34CD2F9} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2B69450E-18B0-4E73-A442-6AF02DF37E21} - System32\Tasks\update-S-1-5-21-186756840-728361655-16016459-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {3C86B6CE-BDC6-4A8C-90BC-0E8D4EC971A5} - System32\Tasks\CMEClient => C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe [2017-01-17] ()
Task: {4818BD97-6A00-4049-B355-0F0721496593} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ben.s***y@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {4B518314-20FB-400C-962F-EF2B1E0BC4A3} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2011-11-23] ()
Task: {51A47F9B-7886-421B-9EC3-83083B35977E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {6312C7B1-6FB2-4E0F-96B6-146CEA3C55AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {6AD9CDE8-E39C-4379-B1F7-8C1C283D525D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-29] (Google Inc.)
Task: {6C3BDD1E-0EB7-4BF8-A3D2-28A03713D9E1} - System32\Tasks\HP AR Program Upload - 26490f5743a34d0ea02eebc170cf9078ee3d47154d3640779e36e48a8875e56e => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {9F41413A-D0B8-4844-853D-B674CF81B1DF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {9F667C33-D53B-401F-86C6-3763E3492171} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {A0EA4D7F-160C-4AE4-9529-F7F58347922B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {B9564CFA-CA0C-4D4A-A8B3-16BB36710E79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-29] (Google Inc.)
Task: {C669BA46-1FB2-4686-A462-42D80AAA1D98} - System32\Tasks\{B8FCA1F8-3B98-45A4-AD0C-5DE2C233B0AE} => C:\Windows\system32\pcalua.exe -a G:\Ben\Downloads\VirtualDub-1.10.4\auxsetup.exe -d G:\Ben\Downloads\VirtualDub-1.10.4
Task: {DB4EB52F-90E1-4373-B9AB-0F2DD8F8E657} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {E374EA5B-8140-44C3-80C8-729AE15F4B39} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe [2017-03-28] (IObit)
Task: {EF687D85-2B42-47DC-ABFE-962939F63FA5} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F5E74EC7-DF4F-4A6C-892A-B109D377AC71} - System32\Tasks\HP AR Program Upload - 85b6e1ba9dd640dab0f93f9ffcb2cc738d0ea9c8a2174764a4f5f7f2e816d29e => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {FB3109D3-8EBA-485C-A442-4D2EFC93864D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-186756840-728361655-16016459-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Ben\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-04 10:16 - 2014-08-06 03:04 - 001441792 _____ () C:\Program Files\Everything\Everything.exe
2016-09-25 01:20 - 2016-09-25 01:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-04-14 23:10 - 2017-03-22 10:24 - 002271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-01-01 16:00 - 2017-01-01 16:00 - 000023040 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2017-01-01 15:59 - 2017-01-01 15:59 - 000173568 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2017-07-06 21:40 - 2017-07-03 10:01 - 000080896 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-11-12 20:08 - 2017-01-17 16:46 - 000718112 _____ () C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-23 15:54 - 2017-08-23 15:55 - 024502272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-08-23 15:54 - 2017-08-23 15:55 - 009145344 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-08-08 12:18 - 2017-08-08 12:18 - 003544488 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-08-23 15:54 - 2017-08-23 15:55 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-08-23 15:54 - 2017-08-23 15:55 - 011159040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-01 12:32 - 2017-06-01 12:32 - 000020648 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2017-07-24 15:57 - 2017-07-24 15:57 - 001991640 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-08-16 19:49 - 2017-07-27 15:40 - 001663736 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libGLESv2.dll
2017-08-16 19:49 - 2017-07-27 15:40 - 000091896 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libEGL.dll
2017-08-16 19:49 - 2017-07-27 15:40 - 048874744 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libcef.dll
2016-11-18 12:41 - 2016-11-18 12:41 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-06-02 05:18 - 2015-06-02 05:18 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-03-22 18:27 - 2017-08-04 23:19 - 000678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-03-22 18:27 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-03-22 18:27 - 2017-08-28 22:05 - 002505504 _____ () C:\Program Files (x86)\Steam\video.dll
2016-03-22 18:27 - 2016-01-27 09:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-03-22 18:27 - 2016-01-27 09:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-03-22 18:27 - 2016-01-27 09:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-03-22 18:27 - 2016-01-27 09:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-03-22 18:27 - 2016-01-27 09:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-03-22 18:27 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-03-22 18:27 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-03-22 18:27 - 2017-08-28 22:05 - 000885024 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-22 18:27 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 13:10 - 2017-05-17 03:54 - 000678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-13 14:45 - 2017-07-18 00:50 - 073115424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-03-22 18:27 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-07-11 10:34 - 2017-07-18 00:50 - 001936672 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-07-11 10:34 - 2017-07-18 00:50 - 000113952 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\WLXPGSS.SCR:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\adwcleaner_6.010.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\adwcleaner_6.010.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\AutoClicker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AutoClicker.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Banner Template.zip:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Banner Template.zip:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\BaumBlau__Salagel_swordpack.lib4d:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BaumBlau__Salagel_swordpack.lib4d:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Ben lied 001.mid:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Ben lied 001.mid:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Channel Art Template (Fireworks).png:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\CINEBENCH_R15 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\cpuz_x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cpuz_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Crack Kid jaaaa sound.mp3:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DxtoryCodec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\FTB_Launcher.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FTB_Launcher.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Kanal Abstimmung..mp4:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Kanal Abstimmung..mp4:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\KnifeParty.mid:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnifeParty.mid:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\neropxl_customfmreditLATEST.lib4d:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\neropxl_customfmreditLATEST.lib4d:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Noesis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pack.mcmeta:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\prime95.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\prime95.exe:$CmdZnID [29]
AlternateDataStreams: C:\WINDOWS\system32\RazerCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Rochelle - All Night Long (DVDG Remix).mp3:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Rochelle - All Night Long (DVDG Remix).mp3:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\SET782B.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET78AA.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET78FD.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET7992.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET79A4.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET868C.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET9082.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET9093.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET90E5.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TCParticleBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UniChooser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DxtoryCodec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET86FB.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET878A.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET87EB.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET8A33.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET8E0A.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET901E.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9185.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET98D0.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9936.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9957.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9988.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vp6vfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Hamdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kx.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET87D8.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET9070.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SETA0CE.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxDrv.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Ben\Desktop\Computer AG.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Computer AG.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\It-Hardware.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\It-Hardware.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Jufo.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Jufo.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Medien.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Medien.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Sport.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Sport.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Zeugnis.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Zeugnis.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\AppData\Roaming\infobypatrickghg.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Ben\AppData\Roaming\pack.mcmeta:$CmdZnID [26]
AlternateDataStreams: C:\Users\Ben\AppData\Roaming\pack.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Desktop\Bild (2).jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\s***y\Desktop\Bild (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\s***y\Desktop\Everything_1.3.4.686.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Desktop\Everything_1.3.4.686.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\FoxitReader734_enu_Setup_clean.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\Schreiben InterRisk.PDF:$CmdTcID [130]
AlternateDataStreams: C:\Users\s***y\Downloads\Schreiben InterRisk.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\SuperPI190.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Downloads\SuperPI190.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\tiptap2-lerncddesipe.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Downloads\tiptap2-lerncddesipe.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\vlc-2.2.2-win64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\s***y\Downloads\vlc-2.2.2-win64.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-186756840-728361655-16016459-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2017-04-02 21:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-186756840-728361655-16016459-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "Start GeekBuddy.lnk"
HKLM\...\StartupApproved\Run: => "kX Mixer"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SL-6397 Gaming Mouse"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "RocketDock"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "WTFast Tray"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{91AE74BE-8F5C-4B35-8CA5-5AF0CF009FB3}] => (Block) LPort=445
FirewallRules: [{09C92345-826C-415C-AB11-DB3BDBAE1D5B}] => (Block) LPort=445
FirewallRules: [{3FE761B4-B86F-4DF8-AF4E-49A85975ED32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E2A1C630-CE8A-4AFE-B851-BD47395E149E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3CF044C2-94A4-4C34-93C2-5F82910A3727}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{D118A6B7-9233-4D0B-AA7C-1C1BA638A9C4}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{26987AFC-CD0A-49D8-8D6A-6B2DD4F3F708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{4D8962CF-C02B-4423-890E-0D8115880455}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{4A2CE0D8-CED3-4374-8418-F641BBF8091C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChargeShot\windows_content\ChargeShot.exe
FirewallRules: [{F019402E-DECF-4572-B562-AA6880339B02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChargeShot\windows_content\ChargeShot.exe
FirewallRules: [{6B48325A-C0E7-4FB6-85E2-2B4A544DC659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Next Penelope\nw.exe
FirewallRules: [{B7ECC667-F48D-4C8A-92DF-EF6DC09F6605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Next Penelope\nw.exe
FirewallRules: [{DEC4BAB8-D4EC-452E-A3D2-70116CDBA47E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Invasion\Invasion.exe
FirewallRules: [{797618FE-15BD-4733-BD1B-91F706830C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Invasion\Invasion.exe
FirewallRules: [{F70B98B0-EF27-4CB8-9983-6EDC93228A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\What'sunderyourblanket!\game.exe
FirewallRules: [{F1FD143F-C6FB-40D5-8843-F86A903D39E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\What'sunderyourblanket!\game.exe
FirewallRules: [{A40AEFDE-2537-43B2-BB4E-5F3BA3155543}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A4C23F07-0E79-411D-AE8B-721CC8B24B45}] => (Allow) LPort=5357
FirewallRules: [{38C4A8B4-2F88-4DD7-BD97-52A1BEBE5139}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{1B884823-8BA9-4D2A-BE89-2CD2F5B57596}C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8D5028A6-16A1-4206-878E-0A10575B0EB5}C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B137D63A-AAC5-4857-884C-A845A0864F98}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{19366AB0-ADBE-4D29-B02A-B1F1FABB038A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{385ADA71-476A-421B-9B68-48AAE00B206C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{7F5B9B41-41AE-4CAC-83F5-547E214D8098}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{60ED3B5C-C7A8-4853-82F1-BC0544EFF2F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{82B0A53A-8DB2-4178-8DB7-7D7D8B51ADCD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3B275D13-D008-401F-A041-F4AAC5AFF5E9}] => (Allow) D:\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{41F282EA-5315-4AD1-81B2-509D0E322B75}] => (Allow) D:\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{386C1EF0-E2B3-47E4-88A7-9DFB8EEA45B8}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{00EBFED7-8996-4E63-A719-CE72F798F623}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [UDP Query User{B2778340-DC69-4890-92BB-5CD7CAA2FA6A}C:\program files\vegas\vegas pro 14.0\vegas140.exe] => (Block) C:\program files\vegas\vegas pro 14.0\vegas140.exe
FirewallRules: [TCP Query User{CE1F0AA8-6B2E-495B-A633-BDCD87F7308A}C:\program files\vegas\vegas pro 14.0\vegas140.exe] => (Block) C:\program files\vegas\vegas pro 14.0\vegas140.exe
FirewallRules: [{E3AAF6D1-2094-4A5D-9103-E12C3691C8B5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DEA43688-ECED-4EBA-B484-F1F62399B76C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{ECD7418C-8AD0-4106-A9B8-7DA710BF315F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B802DF55-A6DC-4893-9AE0-64BBE2D93831}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A1229FCC-4F85-456B-A0F0-F1E1541B0BF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B1FC6ABE-4D58-424C-A89D-1237165EE708}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{18D79861-660C-47EA-9275-71ACC3DC8F80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6C9D1300-1A16-4665-B17B-9A6E9D25EE32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E6685DB-C89C-43DD-99B1-968FE2439367}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E2AE1E7E-FDF7-4004-95EA-32EF267324EB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9581E2A5-D77D-4425-B6AC-0DEEBE88D2FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3E07E016-EBA4-453F-AC0C-7405140A77F6}D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ADC9F3D9-F10E-4D92-A001-A4CED599F448}D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1AC0C4E1-9E19-4AD4-BE0E-C3C4483C68D2}] => (Allow) D:\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{06E6E6AF-767F-4DD1-B28D-76B22F30FD9D}] => (Allow) D:\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{1562A7B1-6B01-4461-B897-39F2070C1824}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{90D0EBC1-E743-4E07-A188-EFA0924C3664}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7222E657-339E-42CF-B9AE-0DB807B719C5}] => (Allow) C:\Program Files (x86)\WTFast\WTFast.exe
FirewallRules: [TCP Query User{2125E60D-005C-4FC0-B4CB-3A9BA69EF27C}D:\steam\steamapps\common\ts2015rack\railworks.exe] => (Allow) D:\steam\steamapps\common\ts2015rack\railworks.exe
FirewallRules: [UDP Query User{AF0DE5A4-90A3-4C48-874D-8E1525366F26}D:\steam\steamapps\common\ts2015rack\railworks.exe] => (Allow) D:\steam\steamapps\common\ts2015rack\railworks.exe
FirewallRules: [{2C9A4699-FA7C-48A1-84CF-1DDC0744E148}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{303EBA85-7D37-46B5-837C-6444062CFDA1}C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe
FirewallRules: [UDP Query User{99DBCC1B-F900-43C3-8686-8EF9DDC8BB40}C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe
FirewallRules: [{DEEF08F3-EF35-4020-9D22-A0EF5A21F41B}] => (Allow) D:\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{7582DDA8-EC41-4C88-96E8-F0B9868ED316}] => (Allow) D:\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{6E973FF4-C57F-4456-B904-88C91CC10392}] => (Allow) D:\Steam\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{D0E05F0D-3104-4035-AED0-4298E0FEBC70}] => (Allow) D:\Steam\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{06FD7350-90F2-4722-B9D0-74CCD45513AE}] => (Allow) D:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{5D216AF2-7859-4F6E-A910-61C9DABE4494}] => (Allow) D:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{7744C394-94E7-474C-AA1A-6CA62E91CB00}] => (Allow) D:\Steam\steamapps\common\Crazy Killer\UnrealCrazyKiller\Binaries\Win64\UnrealCrazyKillerClient-Win64-Shipping.exe
FirewallRules: [{0CD77DAF-D6FE-4F9E-B3D4-3D1EFE605F63}] => (Allow) D:\Steam\steamapps\common\Crazy Killer\UnrealCrazyKiller\Binaries\Win64\UnrealCrazyKillerClient-Win64-Shipping.exe
FirewallRules: [{0A611B33-FFCE-49CC-B228-1FB0CFDF1D98}] => (Allow) LPort=8317
FirewallRules: [{27D6B05E-C811-49ED-A01C-159693A80B3E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B001CA41-6CE3-4555-A992-C2E826EE27BF}] => (Allow) LPort=2869
FirewallRules: [{04489D66-30F0-424B-9703-60DB67ED3DB1}] => (Allow) LPort=1900
FirewallRules: [{53E98454-E14B-4C93-9AD0-8BB927FD629A}] => (Allow) D:\GameforgeLive\gfl_client.exe
FirewallRules: [{422CA376-0B9A-4470-A181-C98E45831471}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{054DB367-C8A7-4B12-9B80-068E04A322B9}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{8E6E10A2-B9EA-483C-AE45-6C869ACA1437}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{BF6BBC2E-A147-45C9-8608-614DFC010612}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{E57FDC37-CB26-457A-B3F9-55F3BF438646}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{60EE0A6B-5BFA-4A7A-B30D-2126E0C1E6A5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{F500B38F-949C-498F-AF3B-8AE9FF2DC777}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{26BFE4FA-BCA9-49A3-B6C4-F590EE0D22CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{272A31D9-5F5F-4B60-AEFA-191395CF15E7}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{8AA6DC77-36EF-438D-B3A3-B6AFFED3F399}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{7216DE84-6FEF-47C0-9C8E-CF9490865D16}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{83DDB4D6-250C-4891-B572-95E4CD42D241}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{B29A43F4-4A33-4244-B211-0166C79B2D48}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{A9A891B3-C89B-4DA6-895C-791AA2B3A45E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{A629E33F-397A-44C6-8A3C-FDC479E6798C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{96B5EBF3-FC5D-4E27-83FD-BD5F61C6F182}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{38F51534-FA20-4EF2-B5B1-6B65456BFC24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AD05B27E-8250-42CD-80E3-24534C8C61B8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9937A1B5-BA99-4644-8B19-CFB8F69F74F4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C26B5AC4-F9EB-4B35-9C11-AE68693C1CCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{36366BA4-7807-4147-BED4-525E8374B6C3}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [UDP Query User{16C62421-96B8-4938-AFDC-F10032DC1AD1}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [{7313C487-DFE0-4F61-B3CF-7DBC9A22CAA5}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{0A3DD8B8-DE1A-4E45-B088-5F8B07994417}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{B0ED7766-805B-47A6-8BC3-9955D7C584B0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{A2F846A2-ECAC-4CFB-A779-704D5EBD985F}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{AACE44F6-4ADD-4B40-9500-AF3EADC8F8E7}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{7213C4B5-9ED5-4B07-8B35-6F7C3DC29037}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{C6423D21-49CC-4CA6-B798-626367E1FC0B}] => (Allow) D:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{079141C8-BEB7-4CF4-9206-A97E260EF639}] => (Allow) D:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{B9641751-9A7D-48C9-A6AB-CA4E3BCA64AD}C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe
FirewallRules: [UDP Query User{74BC90AB-F7BB-4F77-BCCD-6DAB6A003FB0}C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe
FirewallRules: [{0F3D9AD0-E15A-4DDD-865A-67001E7F4712}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{25F32B63-6E6D-482A-A0E0-4B1B55D97A94}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{D4A109A7-8B4A-459B-9127-6D1903BE49AF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{9EE896EA-D550-472D-944B-11B9C0EA0990}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{4CB75514-215E-46D6-AEB4-A47FD3EF83C6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{78BFBC8B-D971-40F1-8AF3-34CC73823553}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{72CA2F6C-7730-4DF9-AE92-9E68C0C2F6FB}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{571CDAC1-381C-4644-BCFD-CFC182F19E9A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{9487749E-C42D-4527-84A0-0096B30D4E75}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{391CEC9C-6607-4B86-9B44-C39B5132E0E5}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8078A9A6-3860-4868-B739-2CB003DF2086}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2A70F938-EAF1-4818-B98D-3A5956F70D62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54D12068-30EE-4060-831C-F98EBE2F5E15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{D4993175-C7A6-4A24-A2A9-D01371E4104A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FAD07AE3-FD7E-477F-B096-D129CB0E078F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muddy Heights 2\Muddy Heights 2.exe
FirewallRules: [{87588CE2-26C0-4917-8E96-71CDDACA4ADB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muddy Heights 2\Muddy Heights 2.exe
FirewallRules: [TCP Query User{80D486DA-3607-41EF-8F10-F4D4C8223275}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{423A8DE5-2F5C-48CF-A5F3-E8F6EF025CAA}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{8255E2AD-D798-4F06-999E-B3FE6ADFFAA0}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{360CCD0A-26E1-4F43-9325-02752EC0CA2D}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{5BDDF0E2-ED53-4E57-96F2-09B8FA4560E5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{A0A40056-A66C-4605-8966-08078BC00C71}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [TCP Query User{0B9002AE-A3AA-4541-A46D-B3810A8071AC}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{0C00708A-3F2B-451E-8CB4-B2D7C565F578}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{0791496A-5665-4864-9579-A00C916E62B5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

07-09-2017 21:38:26 Geplanter Prüfpunkt
08-09-2017 17:20:50 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PCI-Eingabegerät
Description: PCI-Eingabegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/08/2017 05:22:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x57b6bf05
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0xc3955624
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1d24
Startzeit der fehlerhaften Anwendung: 0x01d328b63e22bd4e
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 20665f87-c6ca-4b88-81f2-a921bb9e74bb
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2017 05:22:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
   bei System.IO.__Error.WinIOError(Int32, System.String)
   bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
   bei System.IO.File.Copy(System.String, System.String, Boolean)
   bei Razer.DataTracking.Common.Utils.XDocumentSafe.SafeSave(System.Xml.Linq.XDocument, System.String)
   bei RzDataTrackingManager.DataHistoryManager.InitStatsHistory(System.String)
   bei RzDataTrackingManager.DataHistoryManager.GetStatsFromStorage()
   bei RzDataTrackingManager.Form1..ctor()
   bei RzDataTrackingManager.Program.Main()

Error: (09/08/2017 05:04:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x57b6bf05
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0xc3955624
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2c50
Startzeit der fehlerhaften Anwendung: 0x01d328b3c27b5042
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: b951b942-0837-4968-824e-f0e7602eb056
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2017 05:04:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
   bei System.IO.__Error.WinIOError(Int32, System.String)
   bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
   bei System.IO.File.Copy(System.String, System.String, Boolean)
   bei Razer.DataTracking.Common.Utils.XDocumentSafe.SafeSave(System.Xml.Linq.XDocument, System.String)
   bei RzDataTrackingManager.DataHistoryManager.InitStatsHistory(System.String)
   bei RzDataTrackingManager.DataHistoryManager.GetStatsFromStorage()
   bei RzDataTrackingManager.Form1..ctor()
   bei RzDataTrackingManager.Program.Main()

Error: (09/08/2017 04:44:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x57b6bf05
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0xc3955624
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x26ac
Startzeit der fehlerhaften Anwendung: 0x01d328b0f44507a4
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 10d5cf82-e002-4db0-9a8a-ca72faa66eda
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2017 04:44:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
   bei System.IO.__Error.WinIOError(Int32, System.String)
   bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
   bei System.IO.File.Copy(System.String, System.String, Boolean)
   bei Razer.DataTracking.Common.Utils.XDocumentSafe.SafeSave(System.Xml.Linq.XDocument, System.String)
   bei RzDataTrackingManager.DataHistoryManager.InitStatsHistory(System.String)
   bei RzDataTrackingManager.DataHistoryManager.GetStatsFromStorage()
   bei RzDataTrackingManager.Form1..ctor()
   bei RzDataTrackingManager.Program.Main()

Error: (09/08/2017 03:09:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.

Error: (09/08/2017 03:09:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/07/2017 09:33:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.

Error: (09/07/2017 09:33:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.


Systemfehler:
=============
Error: (09/08/2017 09:02:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2017 08:59:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2017 05:21:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/08/2017 05:21:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/08/2017 05:21:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/08/2017 05:21:25 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (09/08/2017 05:21:06 PM) (Source: DCOM) (EventID: 10010) (User: BEN-PC)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2017 05:21:06 PM) (Source: DCOM) (EventID: 10010) (User: BEN-PC)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2017 05:03:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/08/2017 05:03:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0


CodeIntegrity:
===================================
  Date: 2017-09-08 17:16:47.295
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.288
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.282
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.275
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.267
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.261
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.236
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.080
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:46.959
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:46.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16315.1 MB
Verfügbarer physikalischer RAM: 12961.49 MB
Summe virtueller Speicher: 18747.1 MB
Verfügbarer virtueller Speicher: 13962.6 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.33 GB) (Free:37.98 GB) NTFS
Drive d: (Daten) (Fixed) (Total:976.56 GB) (Free:465.98 GB) NTFS
Drive e: (Fertige Vids) (Fixed) (Total:195.31 GB) (Free:188.48 GB) NTFS
Drive g: (Eigene Dateien) (Fixed) (Total:691.14 GB) (Free:98.22 GB) NTFS
Drive z: (Aufnahme) (Fixed) (Total:931.51 GB) (Free:879.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6003DEC4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6003DEC3)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

c642 · 08.09.2017, 20:09

Code:

ATTFilter

21:04:10.0337 0x255c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:04:10.0337 0x255c  UEFI system
21:04:16.0803 0x255c  ============================================================
21:04:16.0803 0x255c  Current date / time: 2017/09/08 21:04:16.0803
21:04:16.0803 0x255c  SystemInfo:
21:04:16.0803 0x255c  
21:04:16.0803 0x255c  OS Version: 10.0.15063 ServicePack: 0.0
21:04:16.0803 0x255c  Product type: Workstation
21:04:16.0803 0x255c  ComputerName: BEN-PC
21:04:16.0803 0x255c  UserName: Ben
21:04:16.0803 0x255c  Windows directory: C:\WINDOWS
21:04:16.0803 0x255c  System windows directory: C:\WINDOWS
21:04:16.0803 0x255c  Running under WOW64
21:04:16.0803 0x255c  Processor architecture: Intel x64
21:04:16.0803 0x255c  Number of processors: 4
21:04:16.0803 0x255c  Page size: 0x1000
21:04:16.0803 0x255c  Boot type: Normal boot
21:04:16.0803 0x255c  CodeIntegrityOptions = 0x00000001
21:04:16.0804 0x255c  ============================================================
21:04:16.0899 0x255c  KLMD registered as C:\WINDOWS\system32\drivers\04567395.sys
21:04:16.0899 0x255c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
21:04:17.0244 0x255c  System UUID: {B9E573D1-E7BE-60BC-E7ED-0C4B7FD96635}
21:04:17.0529 0x255c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:04:17.0529 0x255c  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:04:17.0529 0x255c  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:04:17.0531 0x255c  ============================================================
21:04:17.0531 0x255c  \Device\Harddisk0\DR0:
21:04:17.0531 0x255c  MBR partitions:
21:04:17.0531 0x255c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:04:17.0531 0x255c  \Device\Harddisk1\DR1:
21:04:17.0532 0x255c  GPT partitions:
21:04:17.0532 0x255c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {972FE3BF-BB4A-4335-8016-27009A62F186}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
21:04:17.0532 0x255c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D5F1D485-779B-4C7D-9BD0-646D4A73E6D8}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x31800
21:04:17.0532 0x255c  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {113C1173-9070-40BD-AE2A-A58C9F2F2952}, Name: Microsoft reserved partition, StartLBA 0x113000, BlocksNum 0x8000
21:04:17.0532 0x255c  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {47F189FF-E315-44A9-8A4D-2D58FC68BAFC}, Name: Basic data partition, StartLBA 0x11B000, BlocksNum 0x1D0AA800
21:04:17.0532 0x255c  MBR partitions:
21:04:17.0532 0x255c  \Device\Harddisk2\DR2:
21:04:17.0532 0x255c  MBR partitions:
21:04:17.0532 0x255c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7A120000
21:04:17.0532 0x255c  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x7A120800, BlocksNum 0x186A0000
21:04:17.0532 0x255c  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x927C0800, BlocksNum 0x56647000
21:04:17.0532 0x255c  ============================================================
21:04:17.0533 0x255c  C: <-> \Device\Harddisk1\DR1\Partition4
21:04:17.0533 0x255c  D: <-> \Device\Harddisk2\DR2\Partition1
21:04:17.0534 0x255c  E: <-> \Device\Harddisk2\DR2\Partition2
21:04:17.0534 0x255c  G: <-> \Device\Harddisk2\DR2\Partition3
21:04:17.0536 0x255c  Z: <-> \Device\Harddisk0\DR0\Partition1
21:04:17.0536 0x255c  ============================================================
21:04:17.0536 0x255c  Initialize success
21:04:17.0536 0x255c  ============================================================
21:04:33.0068 0x19f0  ============================================================
21:04:33.0068 0x19f0  Scan started
21:04:33.0068 0x19f0  Mode: Manual; SigCheck; TDLFS; 
21:04:33.0068 0x19f0  ============================================================
21:04:33.0068 0x19f0  KSN ping started
21:04:33.0660 0x19f0  KSN ping finished: true
21:04:34.0850 0x19f0  ================ Scan system memory ========================
21:04:34.0850 0x19f0  System memory - ok
21:04:34.0850 0x19f0  ================ Scan services =============================
21:04:34.0871 0x19f0  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
21:04:34.0893 0x19f0  1394ohci - ok
21:04:34.0899 0x19f0  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
21:04:34.0906 0x19f0  3ware - ok
21:04:34.0918 0x19f0  [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:04:34.0932 0x19f0  ACPI - ok
21:04:34.0935 0x19f0  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
21:04:34.0941 0x19f0  AcpiDev - ok
21:04:34.0945 0x19f0  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
21:04:34.0951 0x19f0  acpiex - ok
21:04:34.0954 0x19f0  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
21:04:34.0959 0x19f0  acpipagr - ok
21:04:34.0962 0x19f0  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
21:04:34.0967 0x19f0  AcpiPmi - ok
21:04:34.0970 0x19f0  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
21:04:34.0975 0x19f0  acpitime - ok
21:04:34.0987 0x19f0  [ C52B8980692CACB057742C450D734149, BB2D7034592B6EBBECE5A73FB625E1352FD59972620523022CABA68EE00B7B98 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:04:34.0994 0x19f0  AdobeFlashPlayerUpdateSvc - ok
21:04:35.0009 0x19f0  [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
21:04:35.0022 0x19f0  AdobeUpdateService - ok
21:04:35.0040 0x19f0  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:04:35.0062 0x19f0  ADP80XX - ok
21:04:35.0073 0x19f0  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:04:35.0087 0x19f0  AFD - ok
21:04:35.0117 0x19f0  [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:04:35.0147 0x19f0  AGSService - ok
21:04:35.0154 0x19f0  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:04:35.0164 0x19f0  ahcache - ok
21:04:35.0168 0x19f0  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
21:04:35.0174 0x19f0  AJRouter - ok
21:04:35.0180 0x19f0  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
21:04:35.0187 0x19f0  ALG - ok
21:04:35.0201 0x19f0  [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:04:35.0214 0x19f0  AMD External Events Utility - ok
21:04:35.0220 0x19f0  [ 904851B18CCC176F0EF0364BAD71F9FB, B7709C9EF0E71BB49A1959B190A2F494107880D42624EE4514462CCF77C44A5B ] amdacpksd       C:\WINDOWS\system32\drivers\amdacpksd.sys
21:04:35.0227 0x19f0  amdacpksd - ok
21:04:35.0231 0x19f0  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
21:04:35.0240 0x19f0  AmdK8 - ok
21:04:35.0246 0x19f0  amdkmdag - ok
21:04:35.0255 0x19f0  [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap        C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
21:04:35.0265 0x19f0  amdkmdap - ok
21:04:35.0269 0x19f0  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
21:04:35.0277 0x19f0  AmdPPM - ok
21:04:35.0281 0x19f0  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:04:35.0287 0x19f0  amdsata - ok
21:04:35.0292 0x19f0  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:04:35.0300 0x19f0  amdsbs - ok
21:04:35.0304 0x19f0  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:04:35.0309 0x19f0  amdxata - ok
21:04:35.0313 0x19f0  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:04:35.0320 0x19f0  AppID - ok
21:04:35.0324 0x19f0  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:04:35.0333 0x19f0  AppIDSvc - ok
21:04:35.0337 0x19f0  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:04:35.0345 0x19f0  Appinfo - ok
21:04:35.0347 0x19f0  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
21:04:35.0359 0x19f0  applockerfltr - ok
21:04:35.0369 0x19f0  [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
21:04:35.0385 0x19f0  AppReadiness - ok
21:04:35.0424 0x19f0  [ A61222D41CE44B0C3592CEB57AB20B71, F7A136EF4850D76AF1868A8C93C201B3B00FCA1D9EDE77F65BAD04530CC84221 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
21:04:35.0479 0x19f0  AppXSvc - ok
21:04:35.0486 0x19f0  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:04:35.0492 0x19f0  arcsas - ok
21:04:35.0500 0x19f0  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
21:04:35.0503 0x19f0  AsIO - ok
21:04:35.0507 0x19f0  [ 1C4D6E2EC11D366D03004D2E84071685, 1060EAB1D83BDF19E310012E3C3337F138C15994705F73BDF4B0A90120A6DABA ] asmthub3        C:\WINDOWS\System32\drivers\asmthub3.sys
21:04:35.0512 0x19f0  asmthub3 - ok
21:04:35.0520 0x19f0  [ 2C586B521C99F2E76640CEFCF336E38E, 439BEC78D38A560A8A1B661F8CCBB7E7EB95840A2CF2869F05517F222F727B64 ] asmtxhci        C:\WINDOWS\system32\DRIVERS\asmtxhci.sys
21:04:35.0528 0x19f0  asmtxhci - ok
21:04:35.0531 0x19f0  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
21:04:35.0537 0x19f0  AsyncMac - ok
21:04:35.0540 0x19f0  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:04:35.0545 0x19f0  atapi - ok
21:04:35.0549 0x19f0  [ 482D2BAB840034F65046D0F2F42E2BEB, 3365F78C05D26BFA6375712C4DC0FA548F876B9A52F25AE360F7437E3183B973 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
21:04:35.0556 0x19f0  AtiHDAudioService - ok
21:04:35.0566 0x19f0  [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:04:35.0584 0x19f0  AudioEndpointBuilder - ok
21:04:35.0604 0x19f0  [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
21:04:35.0637 0x19f0  Audiosrv - ok
21:04:35.0641 0x19f0  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:04:35.0651 0x19f0  AxInstSV - ok
21:04:35.0661 0x19f0  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:04:35.0673 0x19f0  b06bdrv - ok
21:04:35.0676 0x19f0  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:04:35.0682 0x19f0  BasicDisplay - ok
21:04:35.0685 0x19f0  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
21:04:35.0691 0x19f0  BasicRender - ok
21:04:35.0694 0x19f0  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
21:04:35.0700 0x19f0  bcmfn2 - ok
21:04:35.0707 0x19f0  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:04:35.0720 0x19f0  BDESVC - ok
21:04:35.0722 0x19f0  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:04:35.0728 0x19f0  Beep - ok
21:04:35.0749 0x19f0  [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:04:35.0771 0x19f0  BEService - ok
21:04:35.0784 0x19f0  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
21:04:35.0804 0x19f0  BFE - ok
21:04:35.0822 0x19f0  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
21:04:35.0848 0x19f0  BITS - ok
21:04:35.0852 0x19f0  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:04:35.0859 0x19f0  bowser - ok
21:04:35.0872 0x19f0  [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:04:35.0894 0x19f0  BrokerInfrastructure - ok
21:04:35.0903 0x19f0  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
21:04:35.0910 0x19f0  Browser - ok
21:04:35.0942 0x19f0  [ 6BCB49FC7819FD27FF1D58DC501B3AFF, 67D75A259B1246B2D03036919279386CBC10A4781CDE32DD0C52F013CF0F4E31 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
21:04:35.0951 0x19f0  BstHdAndroidSvc - ok
21:04:35.0963 0x19f0  [ 165CE3A95700E82E68C008386A485737, 9926F260E3F8589A38E65ED474A347FB59A5256F2B84B61612A13165E2E96152 ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
21:04:35.0968 0x19f0  BstHdDrv - ok
21:04:35.0984 0x19f0  [ 8E82A346573847BB2EE786AEE01A7059, 3C870FF83F1EF5F13C8257422EC8DE5ABDE7C0CDFFBE3AA8E1995F9824E29AA6 ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
21:04:35.0993 0x19f0  BstHdLogRotatorSvc - ok
21:04:36.0013 0x19f0  [ AC50E24F12AE6E26F2262BFEEBFAB7F6, 9E52A2AE91093104E76189B3336047CBAD4C3A4AAE10B83B991EE01A01275AD5 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
21:04:36.0021 0x19f0  BstHdPlusAndroidSvc - ok
21:04:36.0029 0x19f0  [ 2C6666644FD22060F6B887C70C3F1D6C, 625E7BF27487564BBBB5F08DBE78D282D026F22C97F7B0E4A2FF8DF3F58ECA99 ] BstkDrv         C:\Program Files (x86)\Bluestacks\BstkDrv.sys
21:04:36.0035 0x19f0  BstkDrv - ok
21:04:36.0043 0x19f0  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:04:36.0049 0x19f0  BthAvrcpTg - ok
21:04:36.0058 0x19f0  [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
21:04:36.0065 0x19f0  BthHFEnum - ok
21:04:36.0073 0x19f0  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
21:04:36.0079 0x19f0  bthhfhid - ok
21:04:36.0087 0x19f0  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
21:04:36.0100 0x19f0  BthHFSrv - ok
21:04:36.0104 0x19f0  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
21:04:36.0110 0x19f0  BTHMODEM - ok
21:04:36.0115 0x19f0  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:04:36.0123 0x19f0  bthserv - ok
21:04:36.0125 0x19f0  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:04:36.0131 0x19f0  buttonconverter - ok
21:04:36.0135 0x19f0  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
21:04:36.0140 0x19f0  CAD - ok
21:04:36.0143 0x19f0  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
21:04:36.0151 0x19f0  CapImg - ok
21:04:36.0155 0x19f0  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:04:36.0162 0x19f0  cdfs - ok
21:04:36.0177 0x19f0  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
21:04:36.0201 0x19f0  CDPSvc - ok
21:04:36.0211 0x19f0  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
21:04:36.0228 0x19f0  CDPUserSvc - ok
21:04:36.0234 0x19f0  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
21:04:36.0242 0x19f0  cdrom - ok
21:04:36.0247 0x19f0  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:04:36.0256 0x19f0  CertPropSvc - ok
21:04:36.0260 0x19f0  [ 76FBFD583CCE97FD06FCD510805A5908, 9CBBCC49E3CB1882C89798C0FB1836EFD0ED84775CCDFFEC898DFAB3996A2E12 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
21:04:36.0265 0x19f0  CGVPNCliService - ok
21:04:36.0268 0x19f0  [ CF3FFDA7B06A62DC018AFF75B4749FF4, B9ECE0A37CA4A389114737EADF68334DBF6A77214E8794ADFC6F83AD42F90D56 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:04:36.0271 0x19f0  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:04:36.0618 0x19f0  Detect skipped due to KSN trusted
21:04:36.0618 0x19f0  chip1click - ok
21:04:36.0626 0x19f0  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
21:04:36.0635 0x19f0  cht4iscsi - ok
21:04:36.0664 0x19f0  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
21:04:36.0698 0x19f0  cht4vbd - ok
21:04:36.0703 0x19f0  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
21:04:36.0709 0x19f0  circlass - ok
21:04:36.0711 0x19f0  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
21:04:36.0722 0x19f0  CldFlt - ok
21:04:36.0729 0x19f0  [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
21:04:36.0738 0x19f0  CLFS - ok
21:04:36.0752 0x19f0  [ F34283DE289AF82A97BCE6563D1E2BB4, 9725D041322AF70030E11EEF0FDB7D01FF2CF105FD90A4AF08F71E54725234C9 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
21:04:36.0768 0x19f0  ClipSVC - ok
21:04:36.0771 0x19f0  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
21:04:36.0777 0x19f0  clreg - ok
21:04:36.0782 0x19f0  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
21:04:36.0788 0x19f0  CmBatt - ok
21:04:36.0798 0x19f0  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:04:36.0812 0x19f0  CNG - ok
21:04:36.0815 0x19f0  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:04:36.0820 0x19f0  cnghwassist - ok
21:04:36.0839 0x19f0  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
21:04:36.0846 0x19f0  CompositeBus - ok
21:04:36.0848 0x19f0  COMSysApp - ok
21:04:36.0851 0x19f0  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
21:04:36.0856 0x19f0  condrv - ok
21:04:36.0870 0x19f0  [ 9B7A6AD43CAA322C4E04B4E52FD7CDAD, D59F55602C273372F8787B35AC62192ED99CAD72BFF8BF03DF7BDD9E9BC37EE4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:04:36.0889 0x19f0  CoreMessagingRegistrar - ok
21:04:36.0894 0x19f0  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:04:36.0902 0x19f0  CryptSvc - ok
21:04:36.0906 0x19f0  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
21:04:36.0912 0x19f0  dam - ok
21:04:36.0928 0x19f0  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:04:36.0955 0x19f0  DcomLaunch - ok
21:04:36.0959 0x19f0  [ 7E76EC1E8AC64E1DB2D2D8B4FC0EB32B, 4B3731B2AAA4D2F8FCC1AB1DBA789B35F5A7BB6D949D3BEBBD2CB9FBD3C1D4EF ] debugregsvc     C:\WINDOWS\System32\debugregsvc.dll
21:04:36.0965 0x19f0  debugregsvc - ok
21:04:36.0974 0x19f0  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:04:36.0993 0x19f0  defragsvc - ok
21:04:36.0997 0x19f0  [ 922A8DB53B99F4A5C416370AADCB8814, 9253DE5B767AF57FC631F4C836B132BB33D96263FFE50DE35A189FFD2659DC07 ] DeveloperToolsService C:\WINDOWS\System32\DeveloperToolsSvc.exe
21:04:37.0004 0x19f0  DeveloperToolsService - ok
21:04:37.0012 0x19f0  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:04:37.0026 0x19f0  DeviceAssociationService - ok
21:04:37.0030 0x19f0  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
21:04:37.0043 0x19f0  DeviceInstall - ok
21:04:37.0054 0x19f0  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
21:04:37.0074 0x19f0  DevicesFlowUserSvc - ok
21:04:37.0078 0x19f0  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
21:04:37.0084 0x19f0  DevQueryBroker - ok
21:04:37.0088 0x19f0  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
21:04:37.0101 0x19f0  Dfsc - ok
21:04:37.0110 0x19f0  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:04:37.0122 0x19f0  Dhcp - ok
21:04:37.0126 0x19f0  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:04:37.0133 0x19f0  diagnosticshub.standardcollector.service - ok
21:04:37.0166 0x19f0  [ 7AA8614A390EE2FB79BDD11154CF1A61, 32B27D6C010AAB3FF9E1FBCE2E750042A1EBB0736821B1EF3BB8D979892F85B5 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
21:04:37.0218 0x19f0  DiagTrack - ok
21:04:37.0224 0x19f0  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
21:04:37.0230 0x19f0  Disk - ok
21:04:37.0243 0x19f0  [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:04:37.0262 0x19f0  DmEnrollmentSvc - ok
21:04:37.0270 0x19f0  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
21:04:37.0276 0x19f0  dmvsc - ok
21:04:37.0281 0x19f0  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:04:37.0315 0x19f0  dmwappushservice - ok
21:04:37.0334 0x19f0  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:04:37.0344 0x19f0  Dnscache - ok
21:04:37.0355 0x19f0  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:04:37.0365 0x19f0  dot3svc - ok
21:04:37.0374 0x19f0  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
21:04:37.0384 0x19f0  DPS - ok
21:04:37.0387 0x19f0  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
21:04:37.0391 0x19f0  drmkaud - ok
21:04:37.0396 0x19f0  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
21:04:37.0408 0x19f0  DsmSvc - ok
21:04:37.0412 0x19f0  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
21:04:37.0422 0x19f0  DsSvc - ok
21:04:37.0431 0x19f0  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
21:04:37.0449 0x19f0  DusmSvc - ok
21:04:37.0491 0x19f0  [ F1D8A5A6C39586717822C2AAB70663F4, 527CC5D18DF9B114352B49AC0645831C6C4F3FFA76692BDC2D9A90E9D14E5000 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:04:37.0529 0x19f0  DXGKrnl - ok
21:04:37.0534 0x19f0  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:04:37.0548 0x19f0  EapHost - ok
21:04:37.0550 0x19f0  EasyAntiCheat - ok
21:04:37.0592 0x19f0  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:04:37.0644 0x19f0  ebdrv - ok
21:04:37.0650 0x19f0  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\WINDOWS\System32\lsass.exe
21:04:37.0656 0x19f0  EFS - ok
21:04:37.0660 0x19f0  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
21:04:37.0665 0x19f0  EhStorClass - ok
21:04:37.0669 0x19f0  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:04:37.0675 0x19f0  EhStorTcgDrv - ok
21:04:37.0679 0x19f0  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
21:04:37.0688 0x19f0  embeddedmode - ok
21:04:37.0694 0x19f0  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:04:37.0706 0x19f0  EntAppSvc - ok
21:04:37.0709 0x19f0  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
21:04:37.0714 0x19f0  ErrDev - ok
21:04:37.0723 0x19f0  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
21:04:37.0738 0x19f0  EventSystem - ok
21:04:37.0757 0x19f0  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] Everything      C:\Program Files\Everything\Everything.exe
21:04:37.0785 0x19f0  Everything - detected UnsignedFile.Multi.Generic ( 1 )
21:04:38.0154 0x19f0  Detect skipped due to KSN trusted
21:04:38.0154 0x19f0  Everything - ok
21:04:38.0166 0x19f0  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:04:38.0178 0x19f0  exfat - ok
21:04:38.0190 0x19f0  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:04:38.0200 0x19f0  fastfat - ok
21:04:38.0212 0x19f0  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:04:38.0229 0x19f0  Fax - ok
21:04:38.0232 0x19f0  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
21:04:38.0238 0x19f0  fdc - ok
21:04:38.0240 0x19f0  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:04:38.0247 0x19f0  fdPHost - ok
21:04:38.0249 0x19f0  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:04:38.0258 0x19f0  FDResPub - ok
21:04:38.0264 0x19f0  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
21:04:38.0274 0x19f0  fhsvc - ok
21:04:38.0277 0x19f0  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
21:04:38.0283 0x19f0  FileCrypt - ok
21:04:38.0286 0x19f0  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:04:38.0292 0x19f0  FileInfo - ok
21:04:38.0295 0x19f0  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:04:38.0302 0x19f0  Filetrace - ok
21:04:38.0305 0x19f0  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
21:04:38.0310 0x19f0  flpydisk - ok
21:04:38.0317 0x19f0  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:04:38.0327 0x19f0  FltMgr - ok
21:04:38.0352 0x19f0  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:04:38.0393 0x19f0  FontCache - ok
21:04:38.0397 0x19f0  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:04:38.0402 0x19f0  FontCache3.0.0.0 - ok
21:04:38.0413 0x19f0  [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
21:04:38.0429 0x19f0  FrameServer - ok
21:04:38.0433 0x19f0  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:04:38.0438 0x19f0  FsDepends - ok
21:04:38.0440 0x19f0  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:04:38.0445 0x19f0  Fs_Rec - ok
21:04:38.0457 0x19f0  [ 560AE7760EC108F92D2EA8638CC805CF, 6DA48D05641367477315B26A4466EF41BBB3896EF3DB0C050B86033C39C38C4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:04:38.0471 0x19f0  fvevol - ok
21:04:38.0474 0x19f0  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
21:04:38.0480 0x19f0  gencounter - ok
21:04:38.0482 0x19f0  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
21:04:38.0488 0x19f0  genericusbfn - ok
21:04:38.0492 0x19f0  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:04:38.0499 0x19f0  GPIOClx0101 - ok
21:04:38.0524 0x19f0  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:04:38.0553 0x19f0  gpsvc - ok
21:04:38.0558 0x19f0  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:04:38.0570 0x19f0  GpuEnergyDrv - ok
21:04:38.0574 0x19f0  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:04:38.0579 0x19f0  gupdate - ok
21:04:38.0583 0x19f0  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:04:38.0587 0x19f0  gupdatem - ok
21:04:38.0590 0x19f0  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\System32\drivers\Hamdrv.sys
21:04:38.0596 0x19f0  Hamachi - ok
21:04:38.0645 0x19f0  [ 779D28A8A2DAAED18575E70AE8EB95C3, F0BA0EF8F2385C9405834299DA54D84DF407A3AB37B443920F8FCE254A1F79DF ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
21:04:38.0706 0x19f0  Hamachi2Svc - ok
21:04:38.0716 0x19f0  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
21:04:38.0723 0x19f0  HDAudBus - ok
21:04:38.0725 0x19f0  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
21:04:38.0730 0x19f0  HidBatt - ok
21:04:38.0733 0x19f0  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
21:04:38.0740 0x19f0  HidBth - ok
21:04:38.0743 0x19f0  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
21:04:38.0749 0x19f0  hidi2c - ok
21:04:38.0752 0x19f0  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:04:38.0757 0x19f0  hidinterrupt - ok
21:04:38.0759 0x19f0  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
21:04:38.0766 0x19f0  HidIr - ok
21:04:38.0768 0x19f0  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
21:04:38.0776 0x19f0  hidserv - ok
21:04:38.0779 0x19f0  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
21:04:38.0785 0x19f0  HidUsb - ok
21:04:38.0790 0x19f0  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:04:38.0801 0x19f0  HomeGroupListener - ok
21:04:38.0810 0x19f0  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:04:38.0825 0x19f0  HomeGroupProvider - ok
21:04:38.0828 0x19f0  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:04:38.0834 0x19f0  HpSAMD - ok
21:04:38.0851 0x19f0  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:04:38.0872 0x19f0  HTTP - ok
21:04:38.0876 0x19f0  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
21:04:38.0882 0x19f0  HvHost - ok
21:04:38.0885 0x19f0  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
21:04:38.0890 0x19f0  hvservice - ok
21:04:38.0898 0x19f0  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
21:04:38.0901 0x19f0  HWiNFO32 - ok
21:04:38.0905 0x19f0  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:04:38.0910 0x19f0  hwpolicy - ok
21:04:38.0912 0x19f0  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
21:04:38.0917 0x19f0  hyperkbd - ok
21:04:38.0921 0x19f0  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
21:04:38.0928 0x19f0  i8042prt - ok
21:04:38.0930 0x19f0  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
21:04:38.0936 0x19f0  iagpio - ok
21:04:38.0940 0x19f0  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
21:04:38.0946 0x19f0  iai2c - ok
21:04:38.0949 0x19f0  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
21:04:38.0956 0x19f0  iaLPSS2i_GPIO2 - ok
21:04:38.0959 0x19f0  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
21:04:38.0965 0x19f0  iaLPSS2i_GPIO2_BXT_P - ok
21:04:38.0970 0x19f0  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
21:04:38.0978 0x19f0  iaLPSS2i_I2C - ok
21:04:38.0982 0x19f0  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
21:04:38.0990 0x19f0  iaLPSS2i_I2C_BXT_P - ok
21:04:38.0993 0x19f0  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:04:38.0997 0x19f0  iaLPSSi_GPIO - ok
21:04:39.0001 0x19f0  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:04:39.0008 0x19f0  iaLPSSi_I2C - ok
21:04:39.0020 0x19f0  [ 7675D8E247732F45F60AA450BA2C207D, DBB591E56BBF9A93BE66A993D143A97964CC628457CF47EB5231D0DF62B59ADE ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:04:39.0034 0x19f0  iaStorA - ok
21:04:39.0045 0x19f0  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
21:04:39.0059 0x19f0  iaStorAV - ok
21:04:39.0067 0x19f0  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:04:39.0078 0x19f0  iaStorV - ok
21:04:39.0086 0x19f0  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
21:04:39.0099 0x19f0  ibbus - ok
21:04:39.0106 0x19f0  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
21:04:39.0115 0x19f0  icssvc - ok
21:04:39.0130 0x19f0  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:04:39.0153 0x19f0  IKEEXT - ok
21:04:39.0156 0x19f0  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
21:04:39.0161 0x19f0  IndirectKmd - ok
21:04:39.0217 0x19f0  [ 5911E1BD8E8E5912092BB922EFA68E91, 2DA61E6C6A9F2467784EF7050EB586574F60CADDD236C8F732233AFC4BEA085B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:04:39.0273 0x19f0  IntcAzAudAddService - ok
21:04:39.0290 0x19f0  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:04:39.0304 0x19f0  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:04:39.0311 0x19f0  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
21:04:39.0319 0x19f0  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
21:04:39.0735 0x19f0  Detect skipped due to KSN trusted
21:04:39.0735 0x19f0  Intel(R) Security Assist - ok
21:04:39.0738 0x19f0  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:04:39.0743 0x19f0  intelide - ok
21:04:39.0746 0x19f0  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
21:04:39.0752 0x19f0  intelpep - ok
21:04:39.0757 0x19f0  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
21:04:39.0765 0x19f0  intelppm - ok
21:04:39.0768 0x19f0  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
21:04:39.0773 0x19f0  iorate - ok
21:04:39.0776 0x19f0  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:04:39.0783 0x19f0  IpFilterDriver - ok
21:04:39.0801 0x19f0  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:04:39.0831 0x19f0  iphlpsvc - ok
21:04:39.0835 0x19f0  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:04:39.0842 0x19f0  IPMIDRV - ok
21:04:39.0846 0x19f0  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:04:39.0855 0x19f0  IPNAT - ok
21:04:39.0858 0x19f0  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
21:04:39.0870 0x19f0  IpxlatCfgSvc - ok
21:04:39.0874 0x19f0  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
21:04:39.0882 0x19f0  irda - ok
21:04:39.0885 0x19f0  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:04:39.0891 0x19f0  IRENUM - ok
21:04:39.0894 0x19f0  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
21:04:39.0901 0x19f0  irmon - ok
21:04:39.0905 0x19f0  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
21:04:39.0906 0x19f0  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:04:40.0714 0x19f0  Detect skipped due to KSN trusted
21:04:40.0714 0x19f0  isaHelperSvc - ok
21:04:40.0716 0x19f0  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:04:40.0721 0x19f0  isapnp - ok
21:04:40.0735 0x19f0  [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
21:04:40.0743 0x19f0  iScsiPrt - ok
21:04:40.0748 0x19f0  [ 026A347CE1CB21E426466114E86186F7, 92A27EF652B225058E5EEE9C9CB4E20F735A476C0600B93DB9F1272B0DA855F3 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:04:40.0755 0x19f0  jhi_service - ok
21:04:40.0758 0x19f0  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
21:04:40.0763 0x19f0  kbdclass - ok
21:04:40.0766 0x19f0  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
21:04:40.0771 0x19f0  kbdhid - ok
21:04:40.0773 0x19f0  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
21:04:40.0780 0x19f0  kdnic - ok
21:04:40.0782 0x19f0  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:04:40.0788 0x19f0  KeyIso - ok
21:04:40.0791 0x19f0  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\WINDOWS\System32\drivers\kltap.sys
21:04:40.0794 0x19f0  kltap - ok
21:04:40.0800 0x19f0  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
21:04:40.0806 0x19f0  KSDE1.0.0 - ok
21:04:40.0810 0x19f0  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:04:40.0817 0x19f0  KSecDD - ok
21:04:40.0821 0x19f0  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:04:40.0828 0x19f0  KSecPkg - ok
21:04:40.0830 0x19f0  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:04:40.0837 0x19f0  ksthunk - ok
21:04:40.0844 0x19f0  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:04:40.0857 0x19f0  KtmRm - ok
21:04:40.0869 0x19f0  [ 807043DBC7ECE990CB5B37A2C4CBE24F, 136B7057CB10FD146A4D7CB684514D67AE71B5663694AD02561EB007221D8E6C ] kxwdmdrv        C:\WINDOWS\system32\drivers\kx.sys
21:04:40.0880 0x19f0  kxwdmdrv - ok
21:04:40.0887 0x19f0  [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
21:04:40.0898 0x19f0  LanmanServer - ok
21:04:40.0904 0x19f0  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:04:40.0915 0x19f0  LanmanWorkstation - ok
21:04:40.0919 0x19f0  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
21:04:40.0925 0x19f0  lfsvc - ok
21:04:40.0927 0x19f0  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
21:04:40.0933 0x19f0  LicenseManager - ok
21:04:40.0936 0x19f0  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
21:04:40.0947 0x19f0  lltdio - ok
21:04:40.0953 0x19f0  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:04:40.0968 0x19f0  lltdsvc - ok
21:04:40.0971 0x19f0  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:04:40.0977 0x19f0  lmhosts - ok
21:04:40.0984 0x19f0  [ 0554F3B69D39D175DD110D765C11347A, A57D5CE0CBA04806EB0C6D8943D85C5AB63119A99FA8F8000BDF54CCCD1C1BF9 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
21:04:40.0992 0x19f0  LMIGuardianSvc - ok
21:04:41.0000 0x19f0  [ D18683083B0EDDAC749F5D2720B25C1E, E0306171CDE8877FBC3EE63A07E3942EC73545C99E2B72D6447DE6E6BAD522C5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:04:41.0008 0x19f0  LMS - ok
21:04:41.0013 0x19f0  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:04:41.0019 0x19f0  LSI_SAS - ok
21:04:41.0023 0x19f0  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:04:41.0029 0x19f0  LSI_SAS2i - ok
21:04:41.0032 0x19f0  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:04:41.0038 0x19f0  LSI_SAS3i - ok
21:04:41.0041 0x19f0  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
21:04:41.0047 0x19f0  LSI_SSS - ok
21:04:41.0058 0x19f0  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
21:04:41.0076 0x19f0  LSM - ok
21:04:41.0080 0x19f0  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:04:41.0090 0x19f0  luafv - ok
21:04:41.0093 0x19f0  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
21:04:41.0101 0x19f0  MapsBroker - ok
21:04:41.0108 0x19f0  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
21:04:41.0118 0x19f0  mausbhost - ok
21:04:41.0122 0x19f0  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
21:04:41.0127 0x19f0  mausbip - ok
21:04:41.0130 0x19f0  [ F9808F9763FBC7AA830B1F54C0CA1C25, C9141EF15EE6DD28829DE4BF692EE8C293B969117D681A581E2B17F4DFBFEDAD ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
21:04:41.0135 0x19f0  MBAMFarflt - ok
21:04:41.0189 0x19f0  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:04:41.0244 0x19f0  MBAMService - ok
21:04:41.0252 0x19f0  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:04:41.0258 0x19f0  MBAMSwissArmy - ok
21:04:41.0266 0x19f0  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
21:04:41.0270 0x19f0  MBAMWebProtection - ok
21:04:41.0274 0x19f0  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:04:41.0279 0x19f0  megasas - ok
21:04:41.0282 0x19f0  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
21:04:41.0287 0x19f0  megasas2i - ok
21:04:41.0297 0x19f0  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
21:04:41.0310 0x19f0  megasr - ok
21:04:41.0315 0x19f0  [ C4A4BE9C6EDA9640F272B48FC0AB4F06, 8A9BE9FACDDBEBDF47ACB86D5DDC0DD3E5F90EDE1E93B59F9E92375E5CB2ACD6 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:04:41.0322 0x19f0  MEIx64 - ok
21:04:41.0325 0x19f0  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
21:04:41.0332 0x19f0  MessagingService - ok
21:04:41.0346 0x19f0  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:04:41.0361 0x19f0  mlx4_bus - ok
21:04:41.0365 0x19f0  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
21:04:41.0371 0x19f0  MMCSS - ok
21:04:41.0375 0x19f0  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:04:41.0382 0x19f0  Modem - ok
21:04:41.0385 0x19f0  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
21:04:41.0390 0x19f0  monitor - ok
21:04:41.0393 0x19f0  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
21:04:41.0399 0x19f0  mouclass - ok
21:04:41.0401 0x19f0  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
21:04:41.0407 0x19f0  mouhid - ok
21:04:41.0410 0x19f0  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:04:41.0416 0x19f0  mountmgr - ok
21:04:41.0420 0x19f0  [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:04:41.0426 0x19f0  MozillaMaintenance - ok
21:04:41.0430 0x19f0  [ AA12FAF01013F63348B722D3588550FF, AADE8C93BFE0830AE43AD649F62D7D7E25FC14107B172815EF9F4069C19ADFCC ] MpKslda1ea320   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A517B4A-516A-4794-A757-5289DE861980}\MpKslda1ea320.sys
21:04:41.0435 0x19f0  MpKslda1ea320 - ok
21:04:41.0438 0x19f0  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:04:41.0444 0x19f0  mpsdrv - ok
21:04:41.0458 0x19f0  [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:04:41.0482 0x19f0  MpsSvc - ok
21:04:41.0487 0x19f0  [ 84A7AF1DB4EEBEDBA3F41FF4D3234091, F49E140D0DEA2BB98205A8CA7C0ECB366FFF02D528A83760E9358DFCFF5A90D8 ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
21:04:41.0496 0x19f0  MQAC - ok
21:04:41.0500 0x19f0  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:04:41.0510 0x19f0  MRxDAV - ok
21:04:41.0518 0x19f0  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:04:41.0529 0x19f0  mrxsmb - ok
21:04:41.0535 0x19f0  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:04:41.0546 0x19f0  mrxsmb10 - ok
21:04:41.0551 0x19f0  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:04:41.0559 0x19f0  mrxsmb20 - ok
21:04:41.0563 0x19f0  [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
21:04:41.0570 0x19f0  MsBridge - ok
21:04:41.0574 0x19f0  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:04:41.0583 0x19f0  MSDTC - ok
21:04:41.0587 0x19f0  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:04:41.0594 0x19f0  Msfs - ok
21:04:41.0596 0x19f0  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:04:41.0601 0x19f0  msgpiowin32 - ok
21:04:41.0604 0x19f0  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:04:41.0610 0x19f0  mshidkmdf - ok
21:04:41.0612 0x19f0  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
21:04:41.0617 0x19f0  mshidumdf - ok
21:04:41.0620 0x19f0  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:04:41.0625 0x19f0  msisadrv - ok
21:04:41.0628 0x19f0  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:04:41.0637 0x19f0  MSiSCSI - ok
21:04:41.0639 0x19f0  msiserver - ok
21:04:41.0642 0x19f0  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
21:04:41.0649 0x19f0  MSKSSRV - ok
21:04:41.0653 0x19f0  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
21:04:41.0660 0x19f0  MsLldp - ok
21:04:41.0666 0x19f0  [ 1EC9FC8E5101139CF84589E8EAC24B9A, F351661FC548FEC2652018B4F1A2BC64FD938637A518EEDC9B6ED97471BAAC9B ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
21:04:41.0672 0x19f0  MSMQ - ok
21:04:41.0674 0x19f0  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
21:04:41.0686 0x19f0  MSPCLOCK - ok
21:04:41.0688 0x19f0  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
21:04:41.0700 0x19f0  MSPQM - ok
21:04:41.0707 0x19f0  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:04:41.0717 0x19f0  MsRPC - ok
21:04:41.0721 0x19f0  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
21:04:41.0726 0x19f0  mssmbios - ok
21:04:41.0728 0x19f0  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
21:04:41.0740 0x19f0  MSTEE - ok
21:04:41.0743 0x19f0  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
21:04:41.0749 0x19f0  MTConfig - ok
21:04:41.0752 0x19f0  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:04:41.0758 0x19f0  Mup - ok
21:04:41.0762 0x19f0  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
21:04:41.0767 0x19f0  mvumis - ok
21:04:41.0777 0x19f0  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:04:41.0794 0x19f0  NativeWifiP - ok
21:04:41.0806 0x19f0  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
21:04:41.0830 0x19f0  NaturalAuthentication - ok
21:04:41.0835 0x19f0  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
21:04:41.0844 0x19f0  NcaSvc - ok
21:04:41.0850 0x19f0  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
21:04:41.0861 0x19f0  NcbService - ok
21:04:41.0864 0x19f0  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
21:04:41.0876 0x19f0  NcdAutoSetup - ok
21:04:41.0880 0x19f0  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
21:04:41.0886 0x19f0  ndfltr - ok
21:04:41.0903 0x19f0  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:04:41.0925 0x19f0  NDIS - ok
21:04:41.0929 0x19f0  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
21:04:41.0940 0x19f0  NdisCap - ok
21:04:41.0944 0x19f0  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:04:41.0956 0x19f0  NdisImPlatform - ok
21:04:41.0959 0x19f0  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:04:41.0973 0x19f0  NdisTapi - ok
21:04:41.0975 0x19f0  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
21:04:41.0982 0x19f0  Ndisuio - ok
21:04:41.0984 0x19f0  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:04:41.0991 0x19f0  NdisVirtualBus - ok
21:04:41.0995 0x19f0  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
21:04:42.0010 0x19f0  NdisWan - ok
21:04:42.0015 0x19f0  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:04:42.0030 0x19f0  ndiswanlegacy - ok
21:04:42.0033 0x19f0  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:04:42.0046 0x19f0  ndproxy - ok
21:04:42.0049 0x19f0  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
21:04:42.0063 0x19f0  Ndu - ok
21:04:42.0067 0x19f0  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
21:04:42.0074 0x19f0  NetAdapterCx - ok
21:04:42.0077 0x19f0  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
21:04:42.0082 0x19f0  NetBIOS - ok
21:04:42.0089 0x19f0  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:04:42.0100 0x19f0  NetBT - ok
21:04:42.0103 0x19f0  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:04:42.0109 0x19f0  Netlogon - ok
21:04:42.0114 0x19f0  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
21:04:42.0126 0x19f0  Netman - ok
21:04:42.0143 0x19f0  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
21:04:42.0164 0x19f0  netprofm - ok
21:04:42.0177 0x19f0  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
21:04:42.0187 0x19f0  NetSetupSvc - ok
21:04:42.0195 0x19f0  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:04:42.0202 0x19f0  NetTcpPortSharing - ok
21:04:42.0206 0x19f0  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
21:04:42.0214 0x19f0  netvsc - ok
21:04:42.0223 0x19f0  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
21:04:42.0238 0x19f0  NgcCtnrSvc - ok
21:04:42.0253 0x19f0  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
21:04:42.0278 0x19f0  NgcSvc - ok
21:04:42.0285 0x19f0  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:04:42.0303 0x19f0  NlaSvc - ok
21:04:42.0307 0x19f0  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:04:42.0313 0x19f0  Npfs - ok
21:04:42.0315 0x19f0  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
21:04:42.0321 0x19f0  npsvctrig - ok
21:04:42.0324 0x19f0  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:04:42.0330 0x19f0  nsi - ok
21:04:42.0332 0x19f0  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:04:42.0339 0x19f0  nsiproxy - ok
21:04:42.0370 0x19f0  [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
21:04:42.0411 0x19f0  NTFS - ok
21:04:42.0415 0x19f0  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:04:42.0420 0x19f0  Null - ok
21:04:42.0423 0x19f0  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
21:04:42.0430 0x19f0  nvdimmn - ok
21:04:42.0435 0x19f0  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:04:42.0441 0x19f0  nvraid - ok
21:04:42.0445 0x19f0  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:04:42.0452 0x19f0  nvstor - ok
21:04:42.0459 0x19f0  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
21:04:42.0477 0x19f0  OneSyncSvc - ok
21:04:42.0484 0x19f0  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:04:42.0496 0x19f0  p2pimsvc - ok
21:04:42.0503 0x19f0  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:04:42.0516 0x19f0  p2psvc - ok
21:04:42.0520 0x19f0  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
21:04:42.0527 0x19f0  Parport - ok
21:04:42.0531 0x19f0  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:04:42.0538 0x19f0  partmgr - ok
21:04:42.0547 0x19f0  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:04:42.0560 0x19f0  PcaSvc - ok
21:04:42.0567 0x19f0  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:04:42.0576 0x19f0  pci - ok
21:04:42.0579 0x19f0  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:04:42.0583 0x19f0  pciide - ok
21:04:42.0587 0x19f0  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:04:42.0593 0x19f0  pcmcia - ok
21:04:42.0596 0x19f0  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:04:42.0601 0x19f0  pcw - ok
21:04:42.0604 0x19f0  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
21:04:42.0610 0x19f0  pdc - ok
21:04:42.0622 0x19f0  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:04:42.0645 0x19f0  PEAUTH - ok
21:04:42.0648 0x19f0  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
21:04:42.0654 0x19f0  percsas2i - ok
21:04:42.0657 0x19f0  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
21:04:42.0662 0x19f0  percsas3i - ok
21:04:42.0670 0x19f0  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:04:42.0676 0x19f0  PerfHost - ok
21:04:42.0690 0x19f0  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
21:04:42.0717 0x19f0  PhoneSvc - ok
21:04:42.0724 0x19f0  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:04:42.0734 0x19f0  PimIndexMaintenanceSvc - ok
21:04:42.0762 0x19f0  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
21:04:42.0801 0x19f0  pla - ok
21:04:42.0806 0x19f0  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:04:42.0829 0x19f0  PlugPlay - ok
21:04:42.0833 0x19f0  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
21:04:42.0840 0x19f0  pmem - ok
21:04:42.0844 0x19f0  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:04:42.0851 0x19f0  PNRPAutoReg - ok
21:04:42.0858 0x19f0  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:04:42.0870 0x19f0  PNRPsvc - ok
21:04:42.0878 0x19f0  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:04:42.0894 0x19f0  PolicyAgent - ok
21:04:42.0899 0x19f0  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
21:04:42.0912 0x19f0  Power - ok
21:04:42.0916 0x19f0  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
21:04:42.0930 0x19f0  PptpMiniport - ok
21:04:42.0975 0x19f0  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

c642 · 08.09.2017, 20:10

Code:

ATTFilter

21:04:43.0034 0x19f0  PrintNotify - ok
21:04:43.0044 0x19f0  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
21:04:43.0053 0x19f0  Processor - ok
21:04:43.0061 0x19f0  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:04:43.0077 0x19f0  ProfSvc - ok
21:04:43.0081 0x19f0  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
21:04:43.0088 0x19f0  Psched - ok
21:04:43.0094 0x19f0  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:04:43.0112 0x19f0  QWAVE - ok
21:04:43.0115 0x19f0  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:04:43.0126 0x19f0  QWAVEdrv - ok
21:04:43.0129 0x19f0  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:04:43.0135 0x19f0  RasAcd - ok
21:04:43.0139 0x19f0  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
21:04:43.0153 0x19f0  RasAgileVpn - ok
21:04:43.0156 0x19f0  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:04:43.0166 0x19f0  RasAuto - ok
21:04:43.0170 0x19f0  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
21:04:43.0184 0x19f0  Rasl2tp - ok
21:04:43.0202 0x19f0  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:04:43.0225 0x19f0  RasMan - ok
21:04:43.0228 0x19f0  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:04:43.0236 0x19f0  RasPppoe - ok
21:04:43.0240 0x19f0  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
21:04:43.0254 0x19f0  RasSstp - ok
21:04:43.0258 0x19f0  [ 5286E408D411AB8697AC57E191A0318E, 04DAD0F79FB0250F7544D2468D6A0AAA60BCBDE242BF951ED4FE5D15EF36AAC3 ] Razer Chroma SDK Service C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
21:04:43.0262 0x19f0  Razer Chroma SDK Service - ok
21:04:43.0267 0x19f0  [ 5753CD9159718444F6D9E1634B984BF5, A4D6FB6583724F3DDDBA768D7786EB7E3AB1C8074F66DA9462BBB159CDFA2868 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
21:04:43.0272 0x19f0  Razer Game Scanner Service - ok
21:04:43.0280 0x19f0  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:04:43.0292 0x19f0  rdbss - ok
21:04:43.0296 0x19f0  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
21:04:43.0301 0x19f0  rdpbus - ok
21:04:43.0305 0x19f0  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:04:43.0314 0x19f0  RDPDR - ok
21:04:43.0318 0x19f0  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:04:43.0323 0x19f0  RdpVideoMiniport - ok
21:04:43.0329 0x19f0  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:04:43.0337 0x19f0  rdyboost - ok
21:04:43.0366 0x19f0  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
21:04:43.0394 0x19f0  ReFS - ok
21:04:43.0409 0x19f0  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
21:04:43.0427 0x19f0  ReFSv1 - ok
21:04:43.0435 0x19f0  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:04:43.0451 0x19f0  RemoteAccess - ok
21:04:43.0455 0x19f0  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:04:43.0470 0x19f0  RemoteRegistry - ok
21:04:43.0480 0x19f0  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
21:04:43.0499 0x19f0  RetailDemo - ok
21:04:43.0504 0x19f0  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
21:04:43.0520 0x19f0  RmSvc - ok
21:04:43.0523 0x19f0  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:04:43.0532 0x19f0  RpcEptMapper - ok
21:04:43.0534 0x19f0  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:04:43.0540 0x19f0  RpcLocator - ok
21:04:43.0556 0x19f0  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:04:43.0583 0x19f0  RpcSs - ok
21:04:43.0587 0x19f0  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
21:04:43.0599 0x19f0  rspndr - ok
21:04:43.0614 0x19f0  [ 440A1F20CD66E3AA5598EF89AB6F092A, 2E7880CAA4142EE5583A0C0E06C470C04512B08EE8450C3D24A2EEADD0A84D52 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
21:04:43.0629 0x19f0  rt640x64 - ok
21:04:43.0632 0x19f0  [ 43C1F044F467EB0A26F5DB7A363E450E, 8E6B99790E1BF8951CBAA63B45891E12777CFB6D79E76095BE6B3438986704FF ] rzendpt         C:\WINDOWS\System32\drivers\rzendpt.sys
21:04:43.0636 0x19f0  rzendpt - ok
21:04:43.0639 0x19f0  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\WINDOWS\system32\drivers\rzpmgrk.sys
21:04:43.0643 0x19f0  rzpmgrk - ok
21:04:43.0647 0x19f0  [ F8A13D4413A93DD005FAD116CBD6B6F7, 8ED0C00920CE76E832701D45117ED00B12E20588CB6FE8039FBCCDFEF9841047 ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
21:04:43.0651 0x19f0  rzpnk - ok
21:04:43.0656 0x19f0  [ 42570C4294E9784B363BE642BB20F8DD, 4C1E2FCAAB4A9EC277212C5EE3455F5738659988A80D174772E258D45679E9A1 ] rzudd           C:\WINDOWS\System32\drivers\rzudd.sys
21:04:43.0662 0x19f0  rzudd - ok
21:04:43.0665 0x19f0  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
21:04:43.0670 0x19f0  s3cap - ok
21:04:43.0673 0x19f0  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\WINDOWS\system32\lsass.exe
21:04:43.0679 0x19f0  SamSs - ok
21:04:43.0684 0x19f0  [ ECADB026023BF6E200A552E4EA700F47, 3BE40D99EF0229EC69E584D2351806F77A523EF362CC5094066DC4B9F7EB002A ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
21:04:43.0690 0x19f0  SbieDrv - ok
21:04:43.0694 0x19f0  [ 6E78D6CA33ECE9C7F0A7B0775198BA4D, 81F07C1D64FD66BFC0DC817045175EBA2096EC38D5D57584D114283DFA5899F4 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
21:04:43.0700 0x19f0  SbieSvc - ok
21:04:43.0703 0x19f0  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:04:43.0709 0x19f0  sbp2port - ok
21:04:43.0715 0x19f0  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:04:43.0726 0x19f0  SCardSvr - ok
21:04:43.0731 0x19f0  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
21:04:43.0740 0x19f0  ScDeviceEnum - ok
21:04:43.0743 0x19f0  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:04:43.0750 0x19f0  scfilter - ok
21:04:43.0764 0x19f0  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:04:43.0791 0x19f0  Schedule - ok
21:04:43.0795 0x19f0  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
21:04:43.0801 0x19f0  scmbus - ok
21:04:43.0805 0x19f0  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:04:43.0814 0x19f0  SCPolicySvc - ok
21:04:43.0820 0x19f0  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
21:04:43.0828 0x19f0  sdbus - ok
21:04:43.0831 0x19f0  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
21:04:43.0836 0x19f0  SDFRd - ok
21:04:43.0840 0x19f0  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
21:04:43.0849 0x19f0  SDRSVC - ok
21:04:43.0852 0x19f0  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
21:04:43.0858 0x19f0  sdstor - ok
21:04:43.0861 0x19f0  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:04:43.0873 0x19f0  seclogon - ok
21:04:43.0879 0x19f0  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
21:04:43.0889 0x19f0  SecurityHealthService - ok
21:04:43.0907 0x19f0  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
21:04:43.0934 0x19f0  SEMgrSvc - ok
21:04:43.0938 0x19f0  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
21:04:43.0947 0x19f0  SENS - ok
21:04:43.0966 0x19f0  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:04:44.0004 0x19f0  SensorDataService - ok
21:04:44.0014 0x19f0  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\WINDOWS\system32\SensorService.dll
21:04:44.0031 0x19f0  SensorService - ok
21:04:44.0036 0x19f0  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:04:44.0046 0x19f0  SensrSvc - ok
21:04:44.0049 0x19f0  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
21:04:44.0054 0x19f0  SerCx - ok
21:04:44.0058 0x19f0  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
21:04:44.0066 0x19f0  SerCx2 - ok
21:04:44.0068 0x19f0  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
21:04:44.0075 0x19f0  Serenum - ok
21:04:44.0078 0x19f0  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
21:04:44.0085 0x19f0  Serial - ok
21:04:44.0087 0x19f0  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
21:04:44.0093 0x19f0  sermouse - ok
21:04:44.0103 0x19f0  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:04:44.0116 0x19f0  SessionEnv - ok
21:04:44.0118 0x19f0  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
21:04:44.0125 0x19f0  sfloppy - ok
21:04:44.0135 0x19f0  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:04:44.0160 0x19f0  SharedAccess - ok
21:04:44.0173 0x19f0  [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:04:44.0196 0x19f0  ShellHWDetection - ok
21:04:44.0202 0x19f0  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
21:04:44.0212 0x19f0  shpamsvc - ok
21:04:44.0215 0x19f0  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:04:44.0221 0x19f0  SiSRaid2 - ok
21:04:44.0224 0x19f0  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:04:44.0230 0x19f0  SiSRaid4 - ok
21:04:44.0236 0x19f0  [ FBEB3BE7765B6C27891E9D1D8CE7F626, BC116E67268C8AA37C1EFA04C796A184C9292DBA771004FFA12F26D6C9619AF1 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:04:44.0246 0x19f0  SkypeUpdate - ok
21:04:44.0248 0x19f0  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
21:04:44.0260 0x19f0  smphost - ok
21:04:44.0269 0x19f0  [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
21:04:44.0287 0x19f0  SmsRouter - ok
21:04:44.0292 0x19f0  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:04:44.0299 0x19f0  SNMPTRAP - ok
21:04:44.0309 0x19f0  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
21:04:44.0322 0x19f0  spaceport - ok
21:04:44.0330 0x19f0  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
21:04:44.0335 0x19f0  SpatialGraphFilter - ok
21:04:44.0338 0x19f0  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
21:04:44.0344 0x19f0  SpbCx - ok
21:04:44.0357 0x19f0  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
21:04:44.0380 0x19f0  spectrum - ok
21:04:44.0393 0x19f0  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:04:44.0413 0x19f0  Spooler - ok
21:04:44.0468 0x19f0  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:04:44.0539 0x19f0  sppsvc - ok
21:04:44.0557 0x19f0  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:04:44.0569 0x19f0  srv - ok
21:04:44.0602 0x19f0  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:04:44.0621 0x19f0  srv2 - ok
21:04:44.0631 0x19f0  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:04:44.0646 0x19f0  srvnet - ok
21:04:44.0662 0x19f0  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:04:44.0679 0x19f0  SSDPSRV - ok
21:04:44.0690 0x19f0  [ EAEFC81089C6912076C091CF23536138, 2ABF6D3E30F69F3FF1612DE5986E9AFBEB5385F21B9E29C9ABA5FB07A3D79D98 ] SshBroker       C:\WINDOWS\System32\SshBroker.dll
21:04:44.0703 0x19f0  SshBroker - ok
21:04:44.0714 0x19f0  [ C970EB63C6580C2FA2797060D620725D, 9E877A4BFBFA3E12A0034020653B1AC51F85D42D1A389456405C19D520764B93 ] SshProxy        C:\WINDOWS\System32\SshProxy.dll
21:04:44.0724 0x19f0  SshProxy - ok
21:04:44.0737 0x19f0  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:04:44.0748 0x19f0  SstpSvc - ok
21:04:44.0812 0x19f0  [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:04:44.0891 0x19f0  StateRepository - ok
21:04:44.0916 0x19f0  [ 664030386FA8343B1A6B4957527E833F, 05EF7B06A31C5507B7E45FD3CA81AEBCED98CB04DBD9585B77A6500B8DC9ABAC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:04:44.0938 0x19f0  Steam Client Service - ok
21:04:44.0942 0x19f0  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:04:44.0947 0x19f0  stexstor - ok
21:04:44.0957 0x19f0  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:04:44.0975 0x19f0  stisvc - ok
21:04:44.0980 0x19f0  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
21:04:44.0986 0x19f0  storahci - ok
21:04:44.0989 0x19f0  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
21:04:44.0994 0x19f0  storflt - ok
21:04:44.0997 0x19f0  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
21:04:45.0003 0x19f0  stornvme - ok
21:04:45.0006 0x19f0  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
21:04:45.0013 0x19f0  storqosflt - ok
21:04:45.0025 0x19f0  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:04:45.0045 0x19f0  StorSvc - ok
21:04:45.0048 0x19f0  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
21:04:45.0052 0x19f0  storufs - ok
21:04:45.0055 0x19f0  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:04:45.0060 0x19f0  storvsc - ok
21:04:45.0062 0x19f0  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
21:04:45.0071 0x19f0  svsvc - ok
21:04:45.0074 0x19f0  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
21:04:45.0078 0x19f0  swenum - ok
21:04:45.0086 0x19f0  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
21:04:45.0103 0x19f0  swprv - ok
21:04:45.0105 0x19f0  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:04:45.0112 0x19f0  Synth3dVsc - ok
21:04:45.0130 0x19f0  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:04:45.0154 0x19f0  SysMain - ok
21:04:45.0161 0x19f0  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:04:45.0172 0x19f0  SystemEventsBroker - ok
21:04:45.0176 0x19f0  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:04:45.0185 0x19f0  TabletInputService - ok
21:04:45.0187 0x19f0  [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
21:04:45.0190 0x19f0  tap0901 - detected UnsignedFile.Multi.Generic ( 1 )
21:04:45.0549 0x19f0  Detect skipped due to KSN trusted
21:04:45.0549 0x19f0  tap0901 - ok
21:04:45.0555 0x19f0  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:04:45.0567 0x19f0  TapiSrv - ok
21:04:45.0602 0x19f0  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:04:45.0644 0x19f0  Tcpip - ok
21:04:45.0681 0x19f0  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
21:04:45.0722 0x19f0  Tcpip6 - ok
21:04:45.0729 0x19f0  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:04:45.0735 0x19f0  tcpipreg - ok
21:04:45.0740 0x19f0  [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:04:45.0746 0x19f0  tdx - ok
21:04:45.0832 0x19f0  [ 24E2D5DADAABEDA03EF320DD81C1F4D8, 8ECAE22FCA68B43DB05738B18CAC789272B81AC46200886329101A7F2A92BEE2 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:04:45.0919 0x19f0  TeamViewer - ok
21:04:45.0927 0x19f0  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
21:04:45.0932 0x19f0  terminpt - ok
21:04:45.0947 0x19f0  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:04:45.0972 0x19f0  TermService - ok
21:04:45.0980 0x19f0  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
21:04:45.0990 0x19f0  Themes - ok
21:04:45.0998 0x19f0  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
21:04:46.0011 0x19f0  TieringEngineService - ok
21:04:46.0023 0x19f0  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:04:46.0041 0x19f0  tiledatamodelsvc - ok
21:04:46.0047 0x19f0  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
21:04:46.0055 0x19f0  TimeBrokerSvc - ok
21:04:46.0071 0x19f0  [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
21:04:46.0096 0x19f0  TokenBroker - ok
21:04:46.0102 0x19f0  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
21:04:46.0109 0x19f0  TPM - ok
21:04:46.0113 0x19f0  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:04:46.0122 0x19f0  TrkWks - ok
21:04:46.0125 0x19f0  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:04:46.0132 0x19f0  TrustedInstaller - ok
21:04:46.0135 0x19f0  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
21:04:46.0142 0x19f0  TsUsbFlt - ok
21:04:46.0144 0x19f0  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:04:46.0151 0x19f0  TsUsbGD - ok
21:04:46.0154 0x19f0  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
21:04:46.0162 0x19f0  tzautoupdate - ok
21:04:46.0166 0x19f0  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
21:04:46.0171 0x19f0  UASPStor - ok
21:04:46.0175 0x19f0  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
21:04:46.0181 0x19f0  UcmCx0101 - ok
21:04:46.0185 0x19f0  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
21:04:46.0194 0x19f0  UcmTcpciCx0101 - ok
21:04:46.0198 0x19f0  [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:04:46.0204 0x19f0  UcmUcsi - ok
21:04:46.0209 0x19f0  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
21:04:46.0216 0x19f0  Ucx01000 - ok
21:04:46.0219 0x19f0  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
21:04:46.0225 0x19f0  UdeCx - ok
21:04:46.0231 0x19f0  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:04:46.0248 0x19f0  udfs - ok
21:04:46.0250 0x19f0  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
21:04:46.0255 0x19f0  UEFI - ok
21:04:46.0260 0x19f0  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
21:04:46.0269 0x19f0  Ufx01000 - ok
21:04:46.0272 0x19f0  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:04:46.0278 0x19f0  UfxChipidea - ok
21:04:46.0282 0x19f0  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:04:46.0289 0x19f0  ufxsynopsys - ok
21:04:46.0293 0x19f0  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:04:46.0301 0x19f0  UI0Detect - ok
21:04:46.0314 0x19f0  [ CA204117E5DD16DBF45D1513E169039E, 39F2CEE77B8E35D89ECE5028CDB555B04418E2593E2EB0E2AA809EEF688193D2 ] UimBus          C:\WINDOWS\System32\drivers\UimBus.sys
21:04:46.0318 0x19f0  UimBus - ok
21:04:46.0324 0x19f0  [ 8593690D302AE73AAC8BBA9B19757352, 36F29C32A7E0D8D54533441C840E86C7C407815DD3568C6D44C043939E998FAF ] Uim_DEVIM       C:\WINDOWS\System32\drivers\uim_devim.sys
21:04:46.0327 0x19f0  Uim_DEVIM - ok
21:04:46.0339 0x19f0  [ 889788C1B850D1ED4027B675B9B8E5E2, D8CA795CAFFF803252E1B41D69F9B55C787E2633198BC322E07449408A58B083 ] Uim_IM          C:\WINDOWS\System32\drivers\uim_im.sys
21:04:46.0350 0x19f0  Uim_IM - ok
21:04:46.0353 0x19f0  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
21:04:46.0359 0x19f0  umbus - ok
21:04:46.0362 0x19f0  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
21:04:46.0367 0x19f0  UmPass - ok
21:04:46.0373 0x19f0  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:04:46.0384 0x19f0  UmRdpService - ok
21:04:46.0401 0x19f0  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
21:04:46.0428 0x19f0  UnistoreSvc - ok
21:04:46.0437 0x19f0  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:04:46.0457 0x19f0  upnphost - ok
21:04:46.0462 0x19f0  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
21:04:46.0471 0x19f0  UrsChipidea - ok
21:04:46.0473 0x19f0  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
21:04:46.0479 0x19f0  UrsCx01000 - ok
21:04:46.0482 0x19f0  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
21:04:46.0487 0x19f0  UrsSynopsys - ok
21:04:46.0491 0x19f0  [ FC318082D0793B76C766A8DFD4C247C5, F547C643A16D580BD96BC20DC901A8210875812EDABD57DD65F20A915A877CB3 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
21:04:46.0499 0x19f0  usbaudio - ok
21:04:46.0503 0x19f0  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
21:04:46.0510 0x19f0  usbccgp - ok
21:04:46.0514 0x19f0  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
21:04:46.0521 0x19f0  usbcir - ok
21:04:46.0524 0x19f0  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
21:04:46.0530 0x19f0  usbehci - ok
21:04:46.0540 0x19f0  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
21:04:46.0552 0x19f0  usbhub - ok
21:04:46.0565 0x19f0  [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
21:04:46.0578 0x19f0  USBHUB3 - ok
21:04:46.0581 0x19f0  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
21:04:46.0587 0x19f0  usbohci - ok
21:04:46.0589 0x19f0  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
21:04:46.0596 0x19f0  usbprint - ok
21:04:46.0599 0x19f0  [ 96B48485A7CC2C0A63C196A16403C5F3, 4E364DE1FE19D14D5BA4F4360563BB49F4DEC90430771C12376C0B1BB70CFD37 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:04:46.0605 0x19f0  usbscan - ok
21:04:46.0608 0x19f0  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
21:04:46.0615 0x19f0  usbser - ok
21:04:46.0619 0x19f0  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:04:46.0626 0x19f0  USBSTOR - ok
21:04:46.0628 0x19f0  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
21:04:46.0634 0x19f0  usbuhci - ok
21:04:46.0643 0x19f0  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:04:46.0653 0x19f0  USBXHCI - ok
21:04:46.0676 0x19f0  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
21:04:46.0713 0x19f0  UserDataSvc - ok
21:04:46.0741 0x19f0  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
21:04:46.0769 0x19f0  UserManager - ok
21:04:46.0787 0x19f0  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
21:04:46.0806 0x19f0  UsoSvc - ok
21:04:46.0814 0x19f0  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:04:46.0820 0x19f0  VaultSvc - ok
21:04:46.0840 0x19f0  [ F6B4919EF3F452F7183F036C46873532, 200262DED9AEB3ED2645E1CF530A8FC70A26527F00A603A0ACAB438FC4A840F2 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
21:04:46.0856 0x19f0  VBoxDrv - ok
21:04:46.0865 0x19f0  [ 93557B0BCFB4F188F8C5A9C80170CCA1, 0A538CE7855CE540C271B997B60055E5F3634D2FFCD96BFD042F1916E6E938FC ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
21:04:46.0869 0x19f0  VBoxNetAdp - ok
21:04:46.0875 0x19f0  [ B5A59036CEEB34943DDFE42B9AA68318, 7D6F19ED5C167B20D42D0C1FFD4090AA05DDC7AB3F6FBD93FDFC23A7C722EB1A ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
21:04:46.0881 0x19f0  VBoxNetLwf - ok
21:04:46.0886 0x19f0  [ C60EEABBD76ED4CC322936C4081C4493, 9299FFFBE8EFDC2367DAFADD86E67C0F2DF65A16C1B5D4FCA29B7488F4FBF26F ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
21:04:46.0890 0x19f0  VBoxUSBMon - ok
21:04:46.0893 0x19f0  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:04:46.0898 0x19f0  vdrvroot - ok
21:04:46.0908 0x19f0  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
21:04:46.0930 0x19f0  vds - ok
21:04:46.0935 0x19f0  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
21:04:46.0943 0x19f0  VerifierExt - ok
21:04:46.0955 0x19f0  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
21:04:46.0970 0x19f0  vhdmp - ok
21:04:46.0973 0x19f0  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
21:04:46.0980 0x19f0  vhf - ok
21:04:46.0989 0x19f0  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:04:46.0996 0x19f0  vmbus - ok
21:04:47.0000 0x19f0  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
21:04:47.0005 0x19f0  VMBusHID - ok
21:04:47.0008 0x19f0  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
21:04:47.0013 0x19f0  vmgid - ok
21:04:47.0019 0x19f0  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
21:04:47.0030 0x19f0  vmicguestinterface - ok
21:04:47.0035 0x19f0  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
21:04:47.0048 0x19f0  vmicheartbeat - ok
21:04:47.0053 0x19f0  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
21:04:47.0065 0x19f0  vmickvpexchange - ok
21:04:47.0071 0x19f0  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
21:04:47.0082 0x19f0  vmicrdv - ok
21:04:47.0088 0x19f0  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
21:04:47.0099 0x19f0  vmicshutdown - ok
21:04:47.0104 0x19f0  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
21:04:47.0115 0x19f0  vmictimesync - ok
21:04:47.0120 0x19f0  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
21:04:47.0131 0x19f0  vmicvmsession - ok
21:04:47.0137 0x19f0  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
21:04:47.0148 0x19f0  vmicvss - ok
21:04:47.0150 0x19f0  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:04:47.0156 0x19f0  volmgr - ok
21:04:47.0163 0x19f0  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:04:47.0173 0x19f0  volmgrx - ok
21:04:47.0181 0x19f0  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:04:47.0191 0x19f0  volsnap - ok
21:04:47.0193 0x19f0  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
21:04:47.0198 0x19f0  volume - ok
21:04:47.0201 0x19f0  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
21:04:47.0207 0x19f0  vpci - ok
21:04:47.0211 0x19f0  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:04:47.0218 0x19f0  vsmraid - ok
21:04:47.0240 0x19f0  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
21:04:47.0275 0x19f0  VSS - ok
21:04:47.0282 0x19f0  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
21:04:47.0290 0x19f0  VSTXRAID - ok
21:04:47.0293 0x19f0  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
21:04:47.0305 0x19f0  vwifibus - ok
21:04:47.0308 0x19f0  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
21:04:47.0322 0x19f0  vwififlt - ok
21:04:47.0338 0x19f0  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
21:04:47.0358 0x19f0  W32Time - ok
21:04:47.0361 0x19f0  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
21:04:47.0367 0x19f0  WacomPen - ok
21:04:47.0375 0x19f0  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
21:04:47.0388 0x19f0  WalletService - ok
21:04:47.0391 0x19f0  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:04:47.0405 0x19f0  wanarp - ok
21:04:47.0407 0x19f0  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:04:47.0420 0x19f0  wanarpv6 - ok
21:04:47.0441 0x19f0  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:04:47.0475 0x19f0  wbengine - ok
21:04:47.0491 0x19f0  [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:04:47.0514 0x19f0  WbioSrvc - ok
21:04:47.0518 0x19f0  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
21:04:47.0525 0x19f0  wcifs - ok
21:04:47.0537 0x19f0  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
21:04:47.0558 0x19f0  Wcmsvc - ok
21:04:47.0568 0x19f0  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:04:47.0583 0x19f0  wcncsvc - ok
21:04:47.0586 0x19f0  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
21:04:47.0593 0x19f0  wcnfs - ok
21:04:47.0595 0x19f0  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
21:04:47.0600 0x19f0  WdBoot - ok
21:04:47.0603 0x19f0  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
21:04:47.0610 0x19f0  WDC_SAM - ok
21:04:47.0624 0x19f0  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:04:47.0639 0x19f0  Wdf01000 - ok
21:04:47.0645 0x19f0  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
21:04:47.0654 0x19f0  WdFilter - ok
21:04:47.0657 0x19f0  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:04:47.0669 0x19f0  WdiServiceHost - ok
21:04:47.0675 0x19f0  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:04:47.0685 0x19f0  WdiSystemHost - ok
21:04:47.0744 0x19f0  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:04:47.0765 0x19f0  wdiwifi - ok
21:04:47.0778 0x19f0  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:04:47.0785 0x19f0  WdNisDrv - ok
21:04:47.0793 0x19f0  WdNisSvc - ok
21:04:47.0804 0x19f0  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:04:47.0817 0x19f0  WebClient - ok
21:04:47.0840 0x19f0  [ 8C16773CE1F388428C8427202FA3D006, 2D22C94C3C3715369A069632C5C534AACBE2A11E0699D3D442D56E30E8158ABD ] WebManagement   C:\WINDOWS\system32\WebManagement.exe
21:04:47.0865 0x19f0  WebManagement - ok
21:04:47.0870 0x19f0  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:04:47.0881 0x19f0  Wecsvc - ok
21:04:47.0884 0x19f0  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
21:04:47.0891 0x19f0  WEPHOSTSVC - ok
21:04:47.0894 0x19f0  [ 0941A50663B7F3BAB62687AC0E03A31B, 8AA98C22332217B3996028461747B88274D49B246FA432DB7B7C169527C75D14 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:04:47.0903 0x19f0  wercplsupport - ok
21:04:47.0907 0x19f0  [ 8DF4E4631338E8EE7CCDF7D6DC55D3A8, 043D0AF7FD1073603D8586E0BE9646FE3E8679A317AC18845811856A6E5027E1 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:04:47.0917 0x19f0  WerSvc - ok
21:04:47.0927 0x19f0  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
21:04:47.0945 0x19f0  WFDSConMgrSvc - ok
21:04:47.0952 0x19f0  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
21:04:47.0959 0x19f0  WFPLWFS - ok
21:04:47.0962 0x19f0  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
21:04:47.0970 0x19f0  WiaRpc - ok
21:04:47.0977 0x19f0  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:04:47.0984 0x19f0  WIMMount - ok
21:04:47.0985 0x19f0  WinDefend - ok
21:04:47.0990 0x19f0  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:04:47.0996 0x19f0  WindowsTrustedRT - ok
21:04:47.0999 0x19f0  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:04:48.0003 0x19f0  WindowsTrustedRTProxy - ok
21:04:48.0017 0x19f0  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:04:48.0035 0x19f0  WinHttpAutoProxySvc - ok
21:04:48.0038 0x19f0  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
21:04:48.0043 0x19f0  WinMad - ok
21:04:48.0049 0x19f0  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:04:48.0064 0x19f0  Winmgmt - ok
21:04:48.0069 0x19f0  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
21:04:48.0079 0x19f0  WinNat - ok
21:04:48.0115 0x19f0  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:04:48.0206 0x19f0  WinRM - ok
21:04:48.0214 0x19f0  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
21:04:48.0221 0x19f0  WINUSB - ok
21:04:48.0224 0x19f0  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
21:04:48.0230 0x19f0  WinVerbs - ok
21:04:48.0242 0x19f0  [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
21:04:48.0261 0x19f0  wisvc - ok
21:04:48.0293 0x19f0  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
21:04:48.0353 0x19f0  WlanSvc - ok
21:04:48.0383 0x19f0  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
21:04:48.0430 0x19f0  wlidsvc - ok
21:04:48.0450 0x19f0  [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
21:04:48.0481 0x19f0  wlpasvc - ok
21:04:48.0484 0x19f0  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
21:04:48.0490 0x19f0  WmiAcpi - ok
21:04:48.0495 0x19f0  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:04:48.0510 0x19f0  wmiApSrv - ok
21:04:48.0512 0x19f0  WMPNetworkSvc - ok
21:04:48.0517 0x19f0  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:04:48.0525 0x19f0  Wof - ok
21:04:48.0551 0x19f0  [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
21:04:48.0592 0x19f0  workfolderssvc - ok
21:04:48.0598 0x19f0  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:04:48.0610 0x19f0  WPDBusEnum - ok
21:04:48.0614 0x19f0  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:04:48.0622 0x19f0  WpdUpFltr - ok
21:04:48.0628 0x19f0  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
21:04:48.0641 0x19f0  WpnService - ok
21:04:48.0644 0x19f0  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
21:04:48.0654 0x19f0  WpnUserService - ok
21:04:48.0658 0x19f0  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:04:48.0673 0x19f0  ws2ifsl - ok
21:04:48.0678 0x19f0  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
21:04:48.0689 0x19f0  wscsvc - ok
21:04:48.0692 0x19f0  [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
21:04:48.0699 0x19f0  WSDPrintDevice - ok
21:04:48.0701 0x19f0  [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
21:04:48.0708 0x19f0  WSDScan - ok
21:04:48.0711 0x19f0  WSearch - ok
21:04:48.0723 0x19f0  [ 89DCE82232B4C03A7E0ED75CD663B653, D1996163EB971E6A10583E7D97097AE514702DBEDCEC0F76C3A3758BBA7C8034 ] WtfEngineDrv    C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys
21:04:48.0726 0x19f0  WtfEngineDrv - ok
21:04:48.0759 0x19f0  [ E1E58C86AE73A95329696C675D8C03E6, EF1497AFA6C472EB6C0C0806F1A82B814FB4E9CDF441C155AEC95735384DF878 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:04:48.0815 0x19f0  wuauserv - ok
21:04:48.0821 0x19f0  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:04:48.0831 0x19f0  WudfPf - ok
21:04:48.0837 0x19f0  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
21:04:48.0847 0x19f0  WUDFRd - ok
21:04:48.0851 0x19f0  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:04:48.0861 0x19f0  wudfsvc - ok
21:04:48.0866 0x19f0  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
21:04:48.0876 0x19f0  WUDFWpdFs - ok
21:04:48.0882 0x19f0  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:04:48.0892 0x19f0  WUDFWpdMtp - ok
21:04:48.0922 0x19f0  [ 46D90B7476CDB119C548D970EF271D34, 0C47D8AB80CF55CC10747DFFB65CED1713160BE3AB1DAED234E9BBADACCBD6D5 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:04:48.0955 0x19f0  WwanSvc - ok
21:04:48.0968 0x19f0  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
21:04:48.0978 0x19f0  xbgm - ok
21:04:48.0994 0x19f0  [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
21:04:49.0020 0x19f0  XblAuthManager - ok
21:04:49.0040 0x19f0  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
21:04:49.0067 0x19f0  XblGameSave - ok
21:04:49.0074 0x19f0  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
21:04:49.0085 0x19f0  xboxgip - ok
21:04:49.0087 0x19f0  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
21:04:49.0095 0x19f0  XboxGipSvc - ok
21:04:49.0112 0x19f0  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
21:04:49.0140 0x19f0  XboxNetApiSvc - ok
21:04:49.0143 0x19f0  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
21:04:49.0149 0x19f0  xinputhid - ok
21:04:49.0151 0x19f0  ================ Scan global ===============================
21:04:49.0154 0x19f0  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
21:04:49.0157 0x19f0  [ 961599D817655AB85646C7D56684D2B0, 1614D9EE8F02B8253EF54F26B5EE631FF17ED6504713625DBD3554257C7C50F4 ] C:\WINDOWS\system32\winsrv.dll
21:04:49.0161 0x19f0  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
21:04:49.0170 0x19f0  [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\WINDOWS\system32\services.exe
21:04:49.0176 0x19f0  [ Global ] - ok
21:04:49.0176 0x19f0  ================ Scan MBR ==================================
21:04:49.0178 0x19f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:04:49.0658 0x19f0  \Device\Harddisk0\DR0 - ok
21:04:49.0661 0x19f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:04:49.0677 0x19f0  \Device\Harddisk1\DR1 - ok
21:04:49.0679 0x19f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:04:50.0205 0x19f0  \Device\Harddisk2\DR2 - ok
21:04:50.0205 0x19f0  ================ Scan VBR ==================================
21:04:50.0206 0x19f0  [ 7CB0C5676F8EFC3A972361A897C5609E ] \Device\Harddisk0\DR0\Partition1
21:04:50.0207 0x19f0  \Device\Harddisk0\DR0\Partition1 - ok
21:04:50.0211 0x19f0  [ 6595E7E1975CED06984CC7D2A2D3A07F ] \Device\Harddisk1\DR1\Partition1
21:04:50.0220 0x19f0  \Device\Harddisk1\DR1\Partition1 - ok
21:04:50.0224 0x19f0  [ 9372C1ADA55284E4CFC962CE8453039B ] \Device\Harddisk1\DR1\Partition2
21:04:50.0227 0x19f0  \Device\Harddisk1\DR1\Partition2 - ok
21:04:50.0228 0x19f0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition3
21:04:50.0229 0x19f0  \Device\Harddisk1\DR1\Partition3 - ok
21:04:50.0232 0x19f0  [ 3C1E20C9BD754081EFD53F021CB9E8F6 ] \Device\Harddisk1\DR1\Partition4
21:04:50.0237 0x19f0  \Device\Harddisk1\DR1\Partition4 - ok
21:04:50.0238 0x19f0  [ 201411C5BDAD0740ADA2A1F9D578D6F8 ] \Device\Harddisk2\DR2\Partition1
21:04:50.0239 0x19f0  \Device\Harddisk2\DR2\Partition1 - ok
21:04:50.0240 0x19f0  [ DED07D4F0A2F06A0A1FDCA0969857920 ] \Device\Harddisk2\DR2\Partition2
21:04:50.0240 0x19f0  \Device\Harddisk2\DR2\Partition2 - ok
21:04:50.0242 0x19f0  [ C1A6B6649450D480A1364954BDC7107C ] \Device\Harddisk2\DR2\Partition3
21:04:50.0242 0x19f0  \Device\Harddisk2\DR2\Partition3 - ok
21:04:50.0242 0x19f0  ================ Scan generic autorun ======================
21:04:50.0247 0x19f0  SecurityHealth - ok
21:04:50.0362 0x19f0  [ 8D160919E4300FA945DF49005D71B8FD, 8F6F6DFDDC629D2163B73A9B5A4D0CB98306EF0FF3E3B7EFE71B28E9BBE6A9B3 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:04:50.0484 0x19f0  RTHDVCPL - ok
21:04:50.0514 0x19f0  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:04:50.0524 0x19f0  AdobeAAMUpdater-1.0 - ok
21:04:50.0559 0x19f0  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:04:50.0603 0x19f0  Malwarebytes TrayApp - ok
21:04:50.0617 0x19f0  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:04:50.0621 0x19f0  APSDaemon - ok
21:04:50.0661 0x19f0  [ 7D5E8D5BDF324718BBC91DF02D830317, AA6A8B0536C14A7D11FDFFA5F980E90059F6C3BE99DE57503EC58DEA022C5398 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
21:04:50.0707 0x19f0  Adobe Creative Cloud - ok
21:04:50.0734 0x19f0  [ E05782E0B697CADBBC17E78C67280B30, 87A142350F1BD9FF7ADDDBF80AC5C1EFDCE93F8E3142B95ACC8D85DDE77D42D8 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
21:04:50.0745 0x19f0  Lightshot - ok
21:04:50.0764 0x19f0  [ 1519248C040C04C346ABE07B51ECB5BA, FFE9D26C4CF9D217F4169F5968B0A6C3C21B47D80DA8CC98B53A8F35C522A17B ] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
21:04:50.0779 0x19f0  Razer Synapse - ok
21:04:50.0783 0x19f0  [ D727E8C745F90FCAB3000C9D6C8C1B48, 5A4E237F21AD2AA27CE8B8D1D960E7F7EF5C231D23F4CD94EFC0F6DE1B075523 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
21:04:50.0787 0x19f0  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
21:04:51.0131 0x19f0  Detect skipped due to KSN trusted
21:04:51.0131 0x19f0  ProductUpdater - ok
21:04:51.0205 0x19f0  [ D64CABE569D6722B756D37216C46FE3F, DFC12526B12C243CD9278AD1D1BA0B241DB5F2E1A0EFE37B5ABDADD079807C09 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
21:04:51.0303 0x19f0  LogMeIn Hamachi Ui - ok
21:04:51.0315 0x19f0  [ 1ACEE0D94147344AA7FEC959C52CAD87, 6FCCE5669F5A86684C2A15A0E6CD4F084AED74C0FD4FEE0CB382050338A9CE6A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:04:51.0326 0x19f0  SunJavaUpdateSched - ok
21:04:51.0577 0x19f0  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:04:51.0887 0x19f0  OneDriveSetup - ok
21:04:52.0136 0x19f0  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:04:52.0388 0x19f0  OneDriveSetup - ok
21:04:52.0422 0x19f0  [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\Ben\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:04:52.0448 0x19f0  OneDrive - ok
21:04:52.0486 0x19f0  [ 2A91472C8408B31E9EBEECB31FF5EC6E, F2409C7C97FF13DC91DD4FD8D197519735AC23BDDA8355E3790180C803F81C41 ] C:\Program Files (x86)\Steam\steam.exe
21:04:52.0530 0x19f0  Steam - ok
21:04:52.0701 0x19f0  [ 1AE06861652941531B06BF3914BDA212, 13441D8769DF64B0AC10B0A8190BA870FE84C7365E064437655CF56D9EF856B4 ] C:\Program Files (x86)\WTFast\WTFast.exe
21:04:52.0822 0x19f0  WTFast Tray - ok
21:04:52.0934 0x19f0  [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
21:04:53.0063 0x19f0  CCleaner Monitoring - ok
21:04:53.0070 0x19f0  [ 406E7DF08CE79BE3016CC6D15E2ED956, 9DA8D10AE642B9411A3EB253F97918A6F470F1772F0057964267497CE0BDA53A ] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
21:04:53.0075 0x19f0  Dxtory Update Checker 2.0 - detected UnsignedFile.Multi.Generic ( 1 )
21:04:53.0501 0x19f0  Detect skipped due to KSN trusted
21:04:53.0501 0x19f0  Dxtory Update Checker 2.0 - ok
21:04:53.0513 0x19f0  [ E97E971FB9FE4C0A72CB89B8063A4468, 5F45822818D90D3CDD97F6E705C309FD9161F7C55AAA6EFC44976F129D6B0D38 ] C:\Program Files\Sandboxie\SbieCtrl.exe
21:04:53.0528 0x19f0  SandboxieControl - ok
21:04:53.0544 0x19f0  [ B98CC48EA3265B55E98686F740CE6EB7, DF3544EF61C28F63EB6FA7D44221814C7CA05EDE31226E9D5BAFAB6E14D7465F ] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
21:04:53.0564 0x19f0  BlueStacks Agent - ok
21:04:53.0566 0x19f0  Discord - ok
21:04:53.0574 0x19f0  [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
21:04:53.0586 0x19f0  RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
21:04:54.0711 0x19f0  Detect skipped due to KSN trusted
21:04:54.0711 0x19f0  RocketDock - ok
21:04:54.0720 0x19f0  [ 2B134B3277A36CBA1BA54EBF2B2FAD5F, 72F72AF5FB5BE36858573CFBC4D2BBC3EB3EFC4BCB66081C2D7787BF31C6BB12 ] C:\Program Files\CyberGhost 5\CyberGhost.exe
21:04:54.0729 0x19f0  CyberGhost - ok
21:04:54.0731 0x19f0  Skype - ok
21:04:54.0734 0x19f0  ipts - ok
21:04:54.0758 0x19f0  [ 71747D90C7DC9C34C2290844D0EED0AC, D6B737F2794CE17E48D2D6E16606A395B4A51B88F779C70FD362624750065401 ] C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
21:04:54.0786 0x19f0  Wargaming.net Game Center - ok
21:04:54.0833 0x19f0  [ 49CB055A98FDEDE685350C988D349B8B, 5AF539D8D8E88A17E9AFDC5DF2FE8F84F3E4638FF8D8C1DEBB7D44666418B33A ] C:\Users\S***y\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:04:54.0863 0x19f0  OneDrive - ok
21:04:55.0097 0x19f0  [ 94912C1D73ADE68F2486ED4D8EA82DE6, 9F7EBB79DEF0BF8CCCB5A902DB11746375AF3FE618355FE5A69C69E4BCD50AC9 ] C:\WINDOWS\system32\cmd.exe
21:04:55.0113 0x19f0  Uninstall 17.3.6943.0625\amd64 - ok
21:04:55.0121 0x19f0  [ 94912C1D73ADE68F2486ED4D8EA82DE6, 9F7EBB79DEF0BF8CCCB5A902DB11746375AF3FE618355FE5A69C69E4BCD50AC9 ] C:\WINDOWS\system32\cmd.exe
21:04:55.0138 0x19f0  Uninstall 17.3.6943.0625 - ok
21:04:55.0139 0x19f0  Waiting for KSN requests completion. In queue: 281
21:04:56.0146 0x19f0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x61100 ( enabled : updated )
21:04:56.0151 0x19f0  Win FW state via NFP2: enabled ( trusted )
21:04:56.0228 0x19f0  ============================================================
21:04:56.0228 0x19f0  Scan finished
21:04:56.0228 0x19f0  ============================================================
21:04:56.0236 0x33f8  Detected object count: 0
21:04:56.0236 0x33f8  Actual detected object count: 0

M-K-D-B · 09.09.2017, 12:51

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- Firewall
- IE Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

c642 · 10.09.2017, 13:14

Code:

ATTFilter

# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 10 12:02:39 2017
# Updated on 2017/29/08 by Malwarebytes 
# Database: 09-08-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Chip, chip1click


***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Ben\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Ben\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy, C:\Program Files (x86)\Common Files\freemake shared
PUP.Optional.Chip, C:\Program Files (x86)\Chip Digital GmbH
PUP.Optional.Chip, C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
PUP.Optional.WebCompanion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, Driver Booster Scheduler


***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IOBIT\ASC
PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
PUP.Optional.Chip, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
PUP.Optional.WinRepairPro, [Key] - HKU\S-1-5-21-186756840-728361655-16016459-1001\Software\win
PUP.Optional.WinRepairPro, [Key] - HKCU\Software\win


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 10.09.17
Scan-Zeit: 14:04
Protokolldatei: 
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.2767
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: BEN-PC\Ben

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 404083
Abgelaufene Zeit: 7 Min., 1 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2017
durchgeführt von Ben (Administrator) auf BEN-PC (10-09-2017 14:12:14)
Gestartet von C:\Users\Ben\Desktop
Geladene Profile: Ben (Verfügbare Profile: Ben & s***y)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files\Everything\Everything.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_watchdog.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Everything\Everything.exe
() C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8495320 2015-06-23] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2016-04-08] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-08-06] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-07-03] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [7422984 2016-03-26] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2016-07-02] (Dxtory Software)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-08-20] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Discord] => C:\Users\Ben\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [ipts] => C:\Users\Ben\Desktop\ipts.exe -h
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [1762040 2017-08-29] (Wargaming.net)
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\MountPoints2: {c68e9052-2e81-11e7-a476-806e6f6e6963} - "F:\Setup.exe" 
Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-02-02]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\s***y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 4500 series (Kopie 1).lnk [2017-09-08]
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 4500 series (Kopie 1).lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\s***y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 4500 series.lnk [2017-05-29]
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 4500 series.lnk -> C:\Program Files\HP\HP ENVY 4500 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2C7B2EE4-D141-4A1C-97DA-E7C9EC9B9B3F}: [NameServer] 190.202.81.115,192.95.48.17
Tcpip\..\Interfaces\{2C7B2EE4-D141-4A1C-97DA-E7C9EC9B9B3F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{344f46fc-1e2f-497a-8782-8225f4fa8463}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-186756840-728361655-16016459-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKU\S-1-5-21-186756840-728361655-16016459-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-186756840-728361655-16016459-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-186756840-728361655-16016459-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-17] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: xa7d8fwk.default
FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default [2017-09-10]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\xa7d8fwk.default -> Bing®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\xa7d8fwk.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\xa7d8fwk.default -> hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: Mozilla\Firefox\Profiles\xa7d8fwk.default -> ist aktiviert.
FF Extension: (MEGA) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\firefox@mega.co.nz.xpi [2017-09-06]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-10-10]
FF Extension: (WOT) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-09-08]
FF Extension: (Adblock Plus) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\xa7d8fwk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-10] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-17] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Präsentationen) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-29]
CHR Extension: (Google Docs) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-29]
CHR Extension: (Google Drive) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-29]
CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-29]
CHR Extension: (Agar.io Powerups) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2016-10-29]
CHR Extension: (Google Tabellen) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-29]
CHR Extension: (Avira Browserschutz) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07]
CHR Extension: (Google Docs Offline) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-20]
CHR Extension: (ModHeader) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2017-03-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Google Mail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-04]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-06] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-09-08] (EasyAntiCheat Ltd)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-02] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-08-20] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-22] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305400 2016-04-03] (Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-05-01] (Advanced Micro Devices)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-03-23] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-01] (REALiX(tm))
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R3 kxwdmdrv; C:\WINDOWS\system32\drivers\kx.sys [765448 2016-05-28] (Eugene Gavrilov)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-09-10] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-29] (Malwarebytes)
R1 MpKsl125782f0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0C030798-4176-4F7F-803F-CFCA34B725C7}\MpKsl125782f0.sys [44928 2017-09-10] (Microsoft Corporation)
R1 MpKsl5b20d682; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBE62474-ECC4-443A-8F10-A90C261F5829}\MpKsl5b20d682.sys [44928 2017-09-09] (Microsoft Corporation)
R1 MpKslda1ea320; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A517B4A-516A-4794-A757-5289DE861980}\MpKslda1ea320.sys [44928 2017-09-08] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-05-01] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Datei ist nicht signiert]
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121824 2016-08-11] (Oracle Corporation)
S1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195424 2016-08-11] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [27904 2016-03-26] (AAA Internet Publishing, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-10 14:00 - 2017-09-10 14:02 - 000000000 ____D C:\AdwCleaner
2017-09-10 14:00 - 2017-09-10 14:00 - 008182736 _____ (Malwarebytes) C:\Users\Ben\Desktop\adwcleaner_7.0.2.1.exe
2017-09-08 21:42 - 2017-09-08 21:42 - 000000000 ____D C:\Users\Ben\AppData\Local\HirezLauncherUI
2017-09-08 21:41 - 2017-09-10 13:58 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-09-08 21:41 - 2017-09-08 21:44 - 000000000 ____D C:\ProgramData\Hi-Rez Studios
2017-09-08 21:41 - 2017-09-08 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2017-09-08 21:18 - 2017-09-08 21:44 - 000000000 ____D C:\Users\Ben\AppData\Roaming\EasyAntiCheat
2017-09-08 21:04 - 2017-09-08 21:11 - 000293426 _____ C:\TDSSKiller.3.1.0.15_08.09.2017_21.04.10_log.txt
2017-09-08 21:03 - 2017-09-08 21:04 - 000008564 _____ C:\TDSSKiller.3.1.0.15_08.09.2017_21.03.45_log.txt
2017-09-08 21:02 - 2017-09-10 14:12 - 000024502 _____ C:\Users\Ben\Desktop\FRST.txt
2017-09-08 21:02 - 2017-09-10 14:12 - 000000000 ____D C:\Users\Ben\Desktop\FRST-OlderVersion
2017-09-08 21:02 - 2017-09-08 21:03 - 000108349 _____ C:\Users\Ben\Desktop\Addition.txt
2017-09-08 21:01 - 2017-09-10 14:12 - 000000000 ____D C:\FRST
2017-09-08 20:58 - 2017-09-08 20:58 - 000000222 _____ C:\Users\Ben\Desktop\Paladins.url
2017-09-08 17:21 - 2017-09-08 17:21 - 005027784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-08 17:10 - 2017-09-09 08:56 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-08 17:10 - 2017-09-08 17:21 - 000000000 ____D C:\Users\Ben\Desktop\mbar
2017-09-08 17:08 - 2017-09-08 17:09 - 000297208 _____ C:\TDSSKiller.3.1.0.15_08.09.2017_17.08.46_log.txt
2017-09-08 16:43 - 2017-09-08 17:07 - 000000000 ____D C:\WINDOWS\Minidump
2017-09-08 15:11 - 2017-09-08 15:11 - 000148241 _____ C:\Users\s***y\Downloads\2017_09rechnung_4912103886.pdf
2017-09-07 21:27 - 2017-09-07 21:27 - 000000095 ____H C:\Users\Ben\Desktop\.~lock.Freiheit und Grundrechte.docx#
2017-09-06 20:54 - 2017-09-06 21:03 - 750825432 _____ C:\Users\Ben\Desktop\Multi-Style intro Template By JUGGERNALT.rar
2017-09-03 18:01 - 2017-09-03 18:06 - 272227601 _____ C:\Users\Ben\Desktop\Ohne Titel.mp4
2017-08-28 19:56 - 2017-08-28 19:56 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign7899ab8f9c8f2085
2017-08-26 11:48 - 2017-08-26 11:48 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsignb088eb144b538ec6
2017-08-26 09:37 - 2017-08-26 09:37 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsigndfda0daa3e563994
2017-08-26 09:17 - 2017-08-26 09:17 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign36e221066f4da012
2017-08-26 00:12 - 2017-08-26 00:12 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign6a3a9548e908d091
2017-08-25 23:48 - 2017-08-25 23:48 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign792ed6a14557fb51
2017-08-25 23:42 - 2017-08-25 23:42 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign6b31ad755757fa0f
2017-08-25 22:03 - 2017-08-25 22:03 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign3457f76a8502e590
2017-08-25 16:50 - 2017-08-25 16:50 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-20 17:34 - 2017-08-20 17:34 - 002297625 _____ C:\Users\Ben\Desktop\YouTube_Memory.pdf
2017-08-20 16:27 - 2017-08-20 16:27 - 000442192 _____ C:\Users\Ben\Desktop\Evaxo.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000418656 _____ C:\Users\Ben\Desktop\Doctor rayzor.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000360000 _____ C:\Users\Ben\Desktop\rye.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000329208 _____ C:\Users\Ben\Desktop\fuerey.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000329208 _____ C:\Users\Ben\Desktop\fineeey.sfk
2017-08-20 16:27 - 2017-08-20 16:27 - 000306584 _____ C:\Users\Ben\Desktop\Load Tronic.sfk
2017-08-20 16:27 - 2017-08-20 07:10 - 092142772 _____ C:\Users\Ben\Desktop\rye.wav
2017-08-20 16:27 - 2017-08-20 07:09 - 084260892 _____ C:\Users\Ben\Desktop\fuerey.wav
2017-08-20 16:27 - 2017-08-20 07:07 - 078467628 _____ C:\Users\Ben\Desktop\Load Tronic.wav
2017-08-20 16:27 - 2017-08-20 07:06 - 107158092 _____ C:\Users\Ben\Desktop\Doctor rayzor.wav
2017-08-20 16:27 - 2017-08-20 07:04 - 113184044 _____ C:\Users\Ben\Desktop\Evaxo.wav
2017-08-20 16:27 - 2017-08-20 07:02 - 084260892 _____ C:\Users\Ben\Desktop\fineeey.wav
2017-08-20 16:24 - 2017-08-20 16:26 - 000507274 _____ C:\Users\Ben\Desktop\Finish0001-0142.avi
2017-08-20 16:23 - 2017-08-20 16:24 - 001703328 _____ C:\Users\Ben\Desktop\2D Intro Template #57 by Alexbau01.blend
2017-08-20 16:23 - 2016-02-21 16:55 - 001702048 _____ C:\Users\Ben\Desktop\2D Intro Template #57 by Alexbau01.blend1
2017-08-20 16:23 - 2016-02-21 15:54 - 000998908 _____ C:\Users\Ben\Desktop\JPB_-_High_[NCS_Release] Part.wav
2017-08-20 16:18 - 2017-08-20 16:18 - 002380288 _____ C:\Users\Ben\Desktop\Profile Picture.psd
2017-08-20 16:18 - 2017-08-20 16:18 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign5741cc26cea20434
2017-08-20 16:11 - 2017-08-20 16:11 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign8391c49d58528f4a
2017-08-20 16:10 - 2017-08-20 16:12 - 037938630 _____ C:\Users\Ben\Desktop\Cobras Banner template.psd
2017-08-20 16:07 - 2017-08-20 16:07 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsignace8d14dbfe972c3
2017-08-20 16:05 - 2017-08-20 16:05 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsigne80365ce84cdbeae
2017-08-20 15:44 - 2017-08-20 15:44 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign7757a1aad2f6038e
2017-08-20 15:37 - 2017-08-20 15:37 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign8b7c4c10cef01079
2017-08-20 15:28 - 2017-08-20 15:28 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsigna77e8bf9aad0d63a
2017-08-20 12:57 - 2017-08-20 12:57 - 000000000 ____D C:\Users\Ben\Desktop\tmp
2017-08-19 11:39 - 2017-08-19 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-08-19 11:39 - 2017-08-19 11:39 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-08-17 21:29 - 2017-08-17 21:29 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-08-17 21:29 - 2017-08-17 21:29 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-08-17 21:29 - 2017-08-17 21:29 - 000000000 ____D C:\Program Files\Java
2017-08-17 19:49 - 2017-08-20 20:14 - 000025608 _____ C:\Users\Ben\Desktop\Ohne Titel.veg
2017-08-17 19:49 - 2017-08-17 19:49 - 000014688 _____ C:\Users\Ben\Desktop\Ohne Titel.veg.bak
2017-08-16 19:50 - 2017-08-16 21:41 - 000000707 _____ C:\Users\Ben\Desktop\World of Warships EU.lnk
2017-08-16 19:49 - 2017-08-16 19:50 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2017-08-16 19:49 - 2017-08-16 19:49 - 000001846 _____ C:\Users\Ben\Desktop\Game Center.lnk
2017-08-16 19:49 - 2017-08-16 19:49 - 000000000 ____D C:\ProgramData\Wargaming.net
2017-08-14 20:29 - 2017-08-14 20:29 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign7efd30bc8886b72f
2017-08-14 17:08 - 2017-08-14 17:27 - 1181340214 _____ C:\Users\Ben\Desktop\releases.mp4
2017-08-14 17:04 - 2017-08-14 17:04 - 000000000 ____D C:\output
2017-08-14 17:03 - 2017-08-14 17:03 - 000000635 _____ C:\Users\Public\Desktop\WAV To MP3.lnk
2017-08-14 17:03 - 2017-08-14 17:03 - 000000000 ____D C:\WAV To MP3
2017-08-14 17:03 - 2017-08-14 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WAV To MP3
2017-08-14 16:52 - 2017-08-14 16:52 - 000000000 ____D C:\Users\Ben\AppData\Local\Tempzxpsign24a3c6509b478085
2017-08-13 22:08 - 2017-08-13 22:08 - 000000074 _____ C:\Users\Ben\Desktop\üb.txt
2017-08-11 11:35 - 2017-08-11 11:35 - 000000222 _____ C:\Users\Ben\Desktop\Rocket League (2).url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-10 14:12 - 2016-08-17 22:04 - 002396160 _____ (Farbar) C:\Users\Ben\Desktop\FRST64.exe
2017-09-10 14:11 - 2016-06-01 17:42 - 000000000 ____D C:\Users\Ben\AppData\Local\Adobe
2017-09-10 14:04 - 2017-05-19 16:26 - 003712628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 14:04 - 2017-05-19 16:23 - 000003012 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Ben)
2017-09-10 14:04 - 2017-03-20 06:35 - 001802878 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-10 14:04 - 2017-03-20 06:35 - 000450368 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-10 14:02 - 2016-03-22 18:17 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Skype
2017-09-10 14:01 - 2017-06-16 09:14 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Everything
2017-09-10 14:00 - 2017-04-18 16:46 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-10 13:59 - 2017-05-19 16:19 - 000000000 ____D C:\Users\Ben
2017-09-10 13:58 - 2017-05-19 16:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 13:58 - 2016-06-07 10:30 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-09 22:18 - 2016-03-23 00:12 - 000000000 ___RD C:\Users\Ben\OneDrive
2017-09-09 20:27 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-09 09:30 - 2016-03-22 18:26 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-09 09:09 - 2016-09-03 18:41 - 000779304 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-09-09 09:03 - 2017-07-27 22:14 - 000003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-186756840-728361655-16016459-1001
2017-09-09 09:03 - 2016-03-23 00:12 - 000002379 _____ C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 21:42 - 2017-05-19 16:18 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-08 21:41 - 2016-03-24 16:07 - 000000000 ____D C:\Users\Ben\AppData\Roaming\vlc
2017-09-08 21:41 - 2016-03-23 00:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-08 21:21 - 2017-04-29 20:14 - 000001185 _____ C:\Users\Ben\Desktop\nativelog.txt
2017-09-08 21:21 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-08 21:21 - 2016-03-22 18:35 - 000000000 ____D C:\Users\Ben\AppData\Roaming\.minecraft
2017-09-08 21:03 - 2017-02-02 22:16 - 000000000 ____D C:\Users\Ben\Desktop\Backgrounds
2017-09-08 20:59 - 2016-09-03 18:41 - 000382504 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-09-08 20:58 - 2016-03-22 18:36 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-08 17:21 - 2017-05-19 16:18 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-08 17:21 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SchCache
2017-09-08 17:21 - 2017-03-18 13:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-09-08 17:10 - 2017-04-14 23:10 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 17:10 - 2016-06-07 10:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 17:07 - 2017-07-06 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mine-imator
2017-09-08 17:07 - 2016-11-05 20:49 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2017-09-08 17:07 - 2016-11-03 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-09-08 17:07 - 2016-10-29 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMacroRecorder
2017-09-08 17:07 - 2016-08-13 12:00 - 000000000 ____D C:\Users\Ben\Desktop\Design
2017-09-08 17:07 - 2016-08-12 16:06 - 000000000 ____D C:\Users\Ben\Desktop\Spiele
2017-09-08 17:07 - 2016-03-24 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-09-08 16:43 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-08 15:14 - 2016-11-22 12:40 - 000000000 ____D C:\Users\s***y\AppData\LocalLow\Mozilla
2017-09-08 15:00 - 2017-07-27 17:59 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-186756840-728361655-16016459-1002
2017-09-08 15:00 - 2016-03-22 18:03 - 000002397 _____ C:\Users\s***y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 15:00 - 2016-03-22 18:03 - 000000000 ___RD C:\Users\s***y\OneDrive
2017-09-08 00:31 - 2017-05-19 16:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-05 21:31 - 2016-04-10 16:47 - 000000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client
2017-09-03 17:37 - 2017-05-19 16:00 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-02 13:33 - 2016-11-18 21:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-02 13:33 - 2016-03-22 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-30 20:09 - 2016-05-03 19:37 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Audacity
2017-08-29 17:55 - 2017-06-06 21:31 - 000000000 ____D C:\Program Files\Rockstar Games
2017-08-29 17:55 - 2017-06-06 21:31 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-08-29 16:25 - 2016-10-29 21:19 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 13:44 - 2017-01-28 16:04 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-08-26 21:07 - 2016-06-17 14:36 - 000000000 ____D C:\Users\Ben\AppData\Roaming\obs-studio
2017-08-26 09:20 - 2016-11-19 10:57 - 000000000 ____D C:\Users\Ben\AppData\LocalLow\Mozilla
2017-08-25 20:58 - 2017-07-06 12:03 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Mine_imator
2017-08-25 16:50 - 2016-03-25 21:52 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-21 13:59 - 2017-07-06 18:12 - 000015475 _____ C:\Users\Ben\Desktop\Bewerbung.odt
2017-08-21 13:15 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-21 12:59 - 2016-06-01 17:47 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-08-20 16:53 - 2016-12-19 20:18 - 000000000 ____D C:\Users\Ben\BrawlhallaReplays
2017-08-17 21:57 - 2016-09-23 14:15 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-17 21:29 - 2017-05-18 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-16 19:55 - 2017-01-31 16:30 - 000007599 _____ C:\Users\Ben\AppData\Local\Resmon.ResmonCfg
2017-08-16 19:50 - 2016-08-19 20:03 - 000000000 ____D C:\Games
2017-08-16 19:49 - 2016-08-19 21:49 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Wargaming.net
2017-08-14 21:11 - 2016-08-22 15:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-08-14 14:21 - 2016-03-22 18:03 - 000000000 ____D C:\Users\s***y\AppData\Local\Packages
2017-08-14 14:20 - 2016-03-23 00:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 12:21 - 2016-03-22 18:17 - 000000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-03 13:18 - 2016-07-03 13:18 - 000000000 ___RH () C:\Users\Ben\AppData\Roaming\b24fe1c9ae392848daab4337067789532
2016-04-09 18:32 - 2016-04-09 18:32 - 000000040 _____ () C:\Users\Ben\AppData\Roaming\infobypatrickghg.txt
2017-02-27 13:18 - 2017-02-27 13:18 - 000000505 _____ () C:\Users\Ben\AppData\Roaming\jd-gui.cfg
2016-04-09 18:32 - 2016-04-09 18:32 - 000000085 _____ () C:\Users\Ben\AppData\Roaming\pack.mcmeta
2016-04-09 18:32 - 2016-04-09 18:32 - 000012005 _____ () C:\Users\Ben\AppData\Roaming\pack.png
2016-08-20 20:45 - 2016-08-20 20:45 - 000005120 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-08 17:12 - 2016-10-25 21:36 - 000000600 _____ () C:\Users\Ben\AppData\Local\PUTTY.RND
2017-01-31 16:30 - 2017-08-16 19:55 - 000007599 _____ () C:\Users\Ben\AppData\Local\Resmon.ResmonCfg
2016-07-08 16:10 - 2016-07-08 16:10 - 000000003 _____ () C:\Users\Ben\AppData\Local\updater.log
2016-07-08 16:10 - 2017-05-17 16:22 - 000000425 _____ () C:\Users\Ben\AppData\Local\UserProducts.xml
2017-02-27 17:56 - 2017-02-27 17:56 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-05-19 16:18 - 2017-05-19 16:18 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-29 20:01 - 2016-08-29 20:01 - 000000224 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2016-06-14 20:35 - 2016-06-14 20:35 - 002458672 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Ben\AppData\Local\Temp\libeay32.dll
2016-06-14 20:35 - 2016-06-14 20:35 - 000970912 _____ (Microsoft Corporation) C:\Users\Ben\AppData\Local\Temp\msvcr120.dll
2016-06-14 20:35 - 2016-06-14 20:35 - 000772672 _____ () C:\Users\Ben\AppData\Local\Temp\sqlite3.dll
2017-06-01 13:13 - 2017-06-01 13:13 - 000008720 _____ () C:\Users\s***y\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-05-26 14:57 - 2017-05-26 14:57 - 000010520 _____ () C:\Users\s***y\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-07 21:33

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-09-2017
durchgeführt von Ben (10-09-2017 14:12:42)
Gestartet von C:\Users\Ben\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-19 14:25:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-186756840-728361655-16016459-500 - Administrator - Disabled)
Ben (S-1-5-21-186756840-728361655-16016459-1001 - Administrator - Enabled) => C:\Users\Ben
DefaultAccount (S-1-5-21-186756840-728361655-16016459-503 - Limited - Disabled)
Gast (S-1-5-21-186756840-728361655-16016459-501 - Limited - Disabled)
s***y (S-1-5-21-186756840-728361655-16016459-1002 - Limited - Enabled) => C:\Users\s***y

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
ACP Application (HKLM\...\{32A0BFB6-5413-C0E6-FA04-713AFDA3BD05}) (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.12.160304 - )
BattleStick (HKLM\...\Steam App 394380) (Version:  - Pinterac)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Camtasia Studio 8 (HKLM-x32\...\{F6EC4C4E-C87B-4F50-851B-1C86E0C94F00}) (Version: 8.6.0.2055 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
ChargeShot (HKLM\...\Steam App 401840) (Version:  - Cowboy Color)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Crazy Killer (HKLM\...\Steam App 448460) (Version:  - Ino-Co Plus)
CrystalDiskInfo 7.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.1.1 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Discord (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Epic Games Launcher (HKLM-x32\...\{BD7E17B3-FEB2-4761-980D-50C4FA169EF9}) (Version: 1.1.74.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
FileZilla Client 3.19.0 (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Funny Voice (HKLM-x32\...\Funny Voice) (Version: "1.4.1" - "Grafik-Software.de")
GameDog (HKLM-x32\...\{05C30AD9-6CDF-4767-A4E6-6D6C9F41CA0C}) (Version: 2.4.5955.41964 - Wolfspirit)
GenArts Sapphire Plug-ins 7.04 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1141 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Invasion (HKLM\...\Steam App 397980) (Version:  - Hipix Studio)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 8 Update 77 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180770}) (Version: 8.0.770.3 - Oracle Corporation)
join.me (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\JoinMe) (Version: 3.1.0.4825 - LogMeIn, Inc.)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
KnowBe4 RanSim (HKLM-x32\...\{E6098775-CB4B-47F6-9FA7-473D542CB6F2}) (Version: 1.1.0.7 - KnowBe4 Inc) Hidden
KnowBe4 RanSim (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\{5fcc8862-ce47-4f88-b5aa-011f4141417f}) (Version: 1.1.0.7 - KnowBe4 Inc)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{7C6B1560-A8B1-4AED-BF77-A43713C7726D}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LibreOffice 5.2.5.1 (HKLM-x32\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Magic Bullet Suite 64-bit (HKLM\...\{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Duels (HKLM\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mine-imator version 1.0.6 (HKLM-x32\...\{EF61A1AA-5F85-4E94-ACC6-D5650A312AE6}}_is1) (Version: 1.0.6 - David Norgren)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Muddy Heights 2 (HKLM\...\Steam App 463850) (Version:  - Rageborn Studio, LLC)
MultiTool V2 (HKLM-x32\...\MultiTool V2) (Version: 2.0.3.1 - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.2 (HKLM\...\{629314D8-8CB7-45F4-8C48-20EF2E330430}) (Version: 5.1.2 - Oracle Corporation)
osu! (HKLM-x32\...\{0de90e66-aed9-497b-9532-3cac56210413}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.17.6-r119262-release - Plays.tv, LLC)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 r2746 - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
ROBLOX Player for Ben (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio for Ben (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Scratch 2 Offline Editor (HKLM-x32\...\{EF5983CC-7C4B-85D2-36BA-591163A1159E}) (Version: 255 - Massachusetts Institute of Technology) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 453 - Massachusetts Institute of Technology)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
Skype Audio Player (remove only) (HKLM-x32\...\SkypePlayer) (Version:  - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Speak-A-Message (HKLM-x32\...\{9BEA131F-4D50-4AC3-ADE7-715F109E9308}) (Version: 10.2.6 - Inventivio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 5.25 - NCH Software)
TeamSpeak 3 Client (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
The Next Penelope (HKLM\...\Steam App 332250) (Version:  - Aurelien Regard)
Trove (HKLM\...\Steam App 304050) (Version:  - Trion Worlds)
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version:  - )
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F21AF10F-1A2A-11E7-8809-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\Wargaming.net Game Center) (Version: 17.6.0.4857 - Wargaming.net)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
What's under your blanket !? (HKLM\...\Steam App 432020) (Version:  - 5Wolf)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version:  - Evil Tortilla Games)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-186756840-728361655-16016459-1001\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
Worm.is: The Game (HKLM\...\Steam App 466910) (Version:  - Freakinware Studios)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-186756840-728361655-16016459-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6CFD8FEA62AB}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-186756840-728361655-16016459-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-08-15] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-08-15] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B29F89-420C-4FE6-A968-F526B79D74AE} - System32\Tasks\Driver Booster SkipUAC (Ben) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {033D623A-3A47-4121-BEE1-B3D25B0AD32D} - System32\Tasks\HP AR Program Upload - 186fb3cc958745288e464fca9e13bddc581ec5121a514f438ee2a11a2364a190 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {061FCAEE-0E62-4354-9E3F-0C6141C5578C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-10] (Adobe Systems Incorporated)
Task: {1D6FA934-162F-4166-A3E5-A6D866866267} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-03] (Advanced Micro Devices, Inc.)
Task: {1EB64A52-EABE-4272-9D41-7A0FF34CD2F9} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {2B69450E-18B0-4E73-A442-6AF02DF37E21} - System32\Tasks\update-S-1-5-21-186756840-728361655-16016459-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {3C86B6CE-BDC6-4A8C-90BC-0E8D4EC971A5} - System32\Tasks\CMEClient => C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe [2017-01-17] ()
Task: {4818BD97-6A00-4049-B355-0F0721496593} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ben.s***y@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {4B518314-20FB-400C-962F-EF2B1E0BC4A3} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2011-11-23] ()
Task: {51A47F9B-7886-421B-9EC3-83083B35977E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {6312C7B1-6FB2-4E0F-96B6-146CEA3C55AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {6AD9CDE8-E39C-4379-B1F7-8C1C283D525D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-29] (Google Inc.)
Task: {6C3BDD1E-0EB7-4BF8-A3D2-28A03713D9E1} - System32\Tasks\HP AR Program Upload - 26490f5743a34d0ea02eebc170cf9078ee3d47154d3640779e36e48a8875e56e => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {9F41413A-D0B8-4844-853D-B674CF81B1DF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {9F667C33-D53B-401F-86C6-3763E3492171} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {A0EA4D7F-160C-4AE4-9529-F7F58347922B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {B9564CFA-CA0C-4D4A-A8B3-16BB36710E79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-29] (Google Inc.)
Task: {C669BA46-1FB2-4686-A462-42D80AAA1D98} - System32\Tasks\{B8FCA1F8-3B98-45A4-AD0C-5DE2C233B0AE} => C:\Windows\system32\pcalua.exe -a G:\Ben\Downloads\VirtualDub-1.10.4\auxsetup.exe -d G:\Ben\Downloads\VirtualDub-1.10.4
Task: {DB4EB52F-90E1-4373-B9AB-0F2DD8F8E657} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {E374EA5B-8140-44C3-80C8-729AE15F4B39} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe [2017-03-28] (IObit)
Task: {EF687D85-2B42-47DC-ABFE-962939F63FA5} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F5E74EC7-DF4F-4A6C-892A-B109D377AC71} - System32\Tasks\HP AR Program Upload - 85b6e1ba9dd640dab0f93f9ffcb2cc738d0ea9c8a2174764a4f5f7f2e816d29e => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {FB3109D3-8EBA-485C-A442-4D2EFC93864D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-186756840-728361655-16016459-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Ben\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-04 10:16 - 2014-08-06 03:04 - 001441792 _____ () C:\Program Files\Everything\Everything.exe
2015-05-19 10:11 - 2015-05-19 10:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-09-25 01:20 - 2016-09-25 01:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-04-14 23:10 - 2017-03-22 10:24 - 002271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-01-01 16:00 - 2017-01-01 16:00 - 000023040 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2017-01-01 15:59 - 2017-01-01 15:59 - 000173568 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2017-07-06 21:40 - 2017-07-03 10:01 - 000080896 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-11-12 20:08 - 2017-01-17 16:46 - 000718112 _____ () C:\Program Files (x86)\ChallengeMe.GG Client\ChallengeMeClient.exe
2017-07-24 15:57 - 2017-07-24 15:57 - 001991640 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-08-16 19:49 - 2017-07-27 15:40 - 001663736 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libGLESv2.dll
2017-08-16 19:49 - 2017-07-27 15:40 - 000091896 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libEGL.dll
2017-08-16 19:49 - 2017-07-27 15:40 - 048874744 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libcef.dll
2016-11-18 12:41 - 2016-11-18 12:41 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-06-02 05:18 - 2015-06-02 05:18 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-10 11:14 - 2016-08-10 11:14 - 040523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\WLXPGSS.SCR:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\adwcleaner_6.010.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\adwcleaner_6.010.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\AutoClicker.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AutoClicker.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Banner Template.zip:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Banner Template.zip:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\BaumBlau__Salagel_swordpack.lib4d:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BaumBlau__Salagel_swordpack.lib4d:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Ben lied 001.mid:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Ben lied 001.mid:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Channel Art Template (Fireworks).png:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\CINEBENCH_R15 (1).zip:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\cpuz_x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cpuz_x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Crack Kid jaaaa sound.mp3:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DxtoryCodec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\FTB_Launcher.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FTB_Launcher.exe:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Kanal Abstimmung..mp4:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Kanal Abstimmung..mp4:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\KnifeParty.mid:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnifeParty.mid:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\neropxl_customfmreditLATEST.lib4d:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\neropxl_customfmreditLATEST.lib4d:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\Noesis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pack.mcmeta:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\prime95.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\prime95.exe:$CmdZnID [29]
AlternateDataStreams: C:\WINDOWS\system32\RazerCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Rochelle - All Night Long (DVDG Remix).mp3:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Rochelle - All Night Long (DVDG Remix).mp3:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\system32\SET782B.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET78AA.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET78FD.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET7992.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET79A4.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET868C.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET9082.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET9093.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SET90E5.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TCParticleBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UniChooser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DxtoryCodec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET86FB.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET878A.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET87EB.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET8A33.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET8E0A.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET901E.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9185.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET98D0.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9936.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9957.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SET9988.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vp6vfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-3-1.exe:$CmdTcID [64]

c642 · 10.09.2017, 13:15

Code:

ATTFilter

AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Hamdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kx.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET87D8.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET9070.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SETA0CE.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxDrv.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Ben\Desktop\Computer AG.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Computer AG.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\It-Hardware.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\It-Hardware.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Jufo.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Jufo.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Medien.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Medien.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Sport.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Sport.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\Desktop\Zeugnis.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Ben\Desktop\Zeugnis.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ben\AppData\Roaming\infobypatrickghg.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Ben\AppData\Roaming\pack.mcmeta:$CmdZnID [26]
AlternateDataStreams: C:\Users\Ben\AppData\Roaming\pack.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Desktop\Bild (2).jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\s***y\Desktop\Bild (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\s***y\Desktop\Everything_1.3.4.686.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Desktop\Everything_1.3.4.686.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\FoxitReader734_enu_Setup_clean.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\Schreiben InterRisk.PDF:$CmdTcID [130]
AlternateDataStreams: C:\Users\s***y\Downloads\Schreiben InterRisk.PDF:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\SuperPI190.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Downloads\SuperPI190.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\tiptap2-lerncddesipe.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\s***y\Downloads\tiptap2-lerncddesipe.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\s***y\Downloads\vlc-2.2.2-win64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\s***y\Downloads\vlc-2.2.2-win64.exe:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-186756840-728361655-16016459-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2017-04-02 21:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-186756840-728361655-16016459-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "Start GeekBuddy.lnk"
HKLM\...\StartupApproved\Run: => "kX Mixer"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SL-6397 Gaming Mouse"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "RocketDock"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-186756840-728361655-16016459-1001\...\StartupApproved\Run: => "WTFast Tray"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{91AE74BE-8F5C-4B35-8CA5-5AF0CF009FB3}] => (Block) LPort=445
FirewallRules: [{09C92345-826C-415C-AB11-DB3BDBAE1D5B}] => (Block) LPort=445
FirewallRules: [{3FE761B4-B86F-4DF8-AF4E-49A85975ED32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E2A1C630-CE8A-4AFE-B851-BD47395E149E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3CF044C2-94A4-4C34-93C2-5F82910A3727}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{D118A6B7-9233-4D0B-AA7C-1C1BA638A9C4}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{26987AFC-CD0A-49D8-8D6A-6B2DD4F3F708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{4D8962CF-C02B-4423-890E-0D8115880455}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{4A2CE0D8-CED3-4374-8418-F641BBF8091C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChargeShot\windows_content\ChargeShot.exe
FirewallRules: [{F019402E-DECF-4572-B562-AA6880339B02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChargeShot\windows_content\ChargeShot.exe
FirewallRules: [{6B48325A-C0E7-4FB6-85E2-2B4A544DC659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Next Penelope\nw.exe
FirewallRules: [{B7ECC667-F48D-4C8A-92DF-EF6DC09F6605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Next Penelope\nw.exe
FirewallRules: [{DEC4BAB8-D4EC-452E-A3D2-70116CDBA47E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Invasion\Invasion.exe
FirewallRules: [{797618FE-15BD-4733-BD1B-91F706830C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Invasion\Invasion.exe
FirewallRules: [{F70B98B0-EF27-4CB8-9983-6EDC93228A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\What'sunderyourblanket!\game.exe
FirewallRules: [{F1FD143F-C6FB-40D5-8843-F86A903D39E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\What'sunderyourblanket!\game.exe
FirewallRules: [{A40AEFDE-2537-43B2-BB4E-5F3BA3155543}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A4C23F07-0E79-411D-AE8B-721CC8B24B45}] => (Allow) LPort=5357
FirewallRules: [{38C4A8B4-2F88-4DD7-BD97-52A1BEBE5139}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{1B884823-8BA9-4D2A-BE89-2CD2F5B57596}C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8D5028A6-16A1-4206-878E-0A10575B0EB5}C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ben\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B137D63A-AAC5-4857-884C-A845A0864F98}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{19366AB0-ADBE-4D29-B02A-B1F1FABB038A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{385ADA71-476A-421B-9B68-48AAE00B206C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{7F5B9B41-41AE-4CAC-83F5-547E214D8098}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{60ED3B5C-C7A8-4853-82F1-BC0544EFF2F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{82B0A53A-8DB2-4178-8DB7-7D7D8B51ADCD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3B275D13-D008-401F-A041-F4AAC5AFF5E9}] => (Allow) D:\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{41F282EA-5315-4AD1-81B2-509D0E322B75}] => (Allow) D:\Steam\steamapps\common\ShellShock Live\ShellShockLive.exe
FirewallRules: [{386C1EF0-E2B3-47E4-88A7-9DFB8EEA45B8}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{00EBFED7-8996-4E63-A719-CE72F798F623}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [UDP Query User{B2778340-DC69-4890-92BB-5CD7CAA2FA6A}C:\program files\vegas\vegas pro 14.0\vegas140.exe] => (Block) C:\program files\vegas\vegas pro 14.0\vegas140.exe
FirewallRules: [TCP Query User{CE1F0AA8-6B2E-495B-A633-BDCD87F7308A}C:\program files\vegas\vegas pro 14.0\vegas140.exe] => (Block) C:\program files\vegas\vegas pro 14.0\vegas140.exe
FirewallRules: [{E3AAF6D1-2094-4A5D-9103-E12C3691C8B5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DEA43688-ECED-4EBA-B484-F1F62399B76C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{ECD7418C-8AD0-4106-A9B8-7DA710BF315F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B802DF55-A6DC-4893-9AE0-64BBE2D93831}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A1229FCC-4F85-456B-A0F0-F1E1541B0BF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B1FC6ABE-4D58-424C-A89D-1237165EE708}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{18D79861-660C-47EA-9275-71ACC3DC8F80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6C9D1300-1A16-4665-B17B-9A6E9D25EE32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E6685DB-C89C-43DD-99B1-968FE2439367}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E2AE1E7E-FDF7-4004-95EA-32EF267324EB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9581E2A5-D77D-4425-B6AC-0DEEBE88D2FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{3E07E016-EBA4-453F-AC0C-7405140A77F6}D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ADC9F3D9-F10E-4D92-A001-A4CED599F448}D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1AC0C4E1-9E19-4AD4-BE0E-C3C4483C68D2}] => (Allow) D:\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{06E6E6AF-767F-4DD1-B28D-76B22F30FD9D}] => (Allow) D:\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{1562A7B1-6B01-4461-B897-39F2070C1824}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{90D0EBC1-E743-4E07-A188-EFA0924C3664}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7222E657-339E-42CF-B9AE-0DB807B719C5}] => (Allow) C:\Program Files (x86)\WTFast\WTFast.exe
FirewallRules: [TCP Query User{2125E60D-005C-4FC0-B4CB-3A9BA69EF27C}D:\steam\steamapps\common\ts2015rack\railworks.exe] => (Allow) D:\steam\steamapps\common\ts2015rack\railworks.exe
FirewallRules: [UDP Query User{AF0DE5A4-90A3-4C48-874D-8E1525366F26}D:\steam\steamapps\common\ts2015rack\railworks.exe] => (Allow) D:\steam\steamapps\common\ts2015rack\railworks.exe
FirewallRules: [{2C9A4699-FA7C-48A1-84CF-1DDC0744E148}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{303EBA85-7D37-46B5-837C-6444062CFDA1}C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe
FirewallRules: [UDP Query User{99DBCC1B-F900-43C3-8686-8EF9DDC8BB40}C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_77\jre\bin\javaw.exe
FirewallRules: [{DEEF08F3-EF35-4020-9D22-A0EF5A21F41B}] => (Allow) D:\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{7582DDA8-EC41-4C88-96E8-F0B9868ED316}] => (Allow) D:\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{6E973FF4-C57F-4456-B904-88C91CC10392}] => (Allow) D:\Steam\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{D0E05F0D-3104-4035-AED0-4298E0FEBC70}] => (Allow) D:\Steam\steamapps\common\BattleStick\BattleStick.exe
FirewallRules: [{06FD7350-90F2-4722-B9D0-74CCD45513AE}] => (Allow) D:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{5D216AF2-7859-4F6E-A910-61C9DABE4494}] => (Allow) D:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{7744C394-94E7-474C-AA1A-6CA62E91CB00}] => (Allow) D:\Steam\steamapps\common\Crazy Killer\UnrealCrazyKiller\Binaries\Win64\UnrealCrazyKillerClient-Win64-Shipping.exe
FirewallRules: [{0CD77DAF-D6FE-4F9E-B3D4-3D1EFE605F63}] => (Allow) D:\Steam\steamapps\common\Crazy Killer\UnrealCrazyKiller\Binaries\Win64\UnrealCrazyKillerClient-Win64-Shipping.exe
FirewallRules: [{0A611B33-FFCE-49CC-B228-1FB0CFDF1D98}] => (Allow) LPort=8317
FirewallRules: [{27D6B05E-C811-49ED-A01C-159693A80B3E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B001CA41-6CE3-4555-A992-C2E826EE27BF}] => (Allow) LPort=2869
FirewallRules: [{04489D66-30F0-424B-9703-60DB67ED3DB1}] => (Allow) LPort=1900
FirewallRules: [{53E98454-E14B-4C93-9AD0-8BB927FD629A}] => (Allow) D:\GameforgeLive\gfl_client.exe
FirewallRules: [{422CA376-0B9A-4470-A181-C98E45831471}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{054DB367-C8A7-4B12-9B80-068E04A322B9}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{8E6E10A2-B9EA-483C-AE45-6C869ACA1437}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{BF6BBC2E-A147-45C9-8608-614DFC010612}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{E57FDC37-CB26-457A-B3F9-55F3BF438646}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{60EE0A6B-5BFA-4A7A-B30D-2126E0C1E6A5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{F500B38F-949C-498F-AF3B-8AE9FF2DC777}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{26BFE4FA-BCA9-49A3-B6C4-F590EE0D22CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{272A31D9-5F5F-4B60-AEFA-191395CF15E7}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{8AA6DC77-36EF-438D-B3A3-B6AFFED3F399}D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) D:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{7216DE84-6FEF-47C0-9C8E-CF9490865D16}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{83DDB4D6-250C-4891-B572-95E4CD42D241}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{B29A43F4-4A33-4244-B211-0166C79B2D48}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{A9A891B3-C89B-4DA6-895C-791AA2B3A45E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{A629E33F-397A-44C6-8A3C-FDC479E6798C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{96B5EBF3-FC5D-4E27-83FD-BD5F61C6F182}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{38F51534-FA20-4EF2-B5B1-6B65456BFC24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AD05B27E-8250-42CD-80E3-24534C8C61B8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9937A1B5-BA99-4644-8B19-CFB8F69F74F4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C26B5AC4-F9EB-4B35-9C11-AE68693C1CCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{36366BA4-7807-4147-BED4-525E8374B6C3}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [UDP Query User{16C62421-96B8-4938-AFDC-F10032DC1AD1}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [{7313C487-DFE0-4F61-B3CF-7DBC9A22CAA5}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{0A3DD8B8-DE1A-4E45-B088-5F8B07994417}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{B0ED7766-805B-47A6-8BC3-9955D7C584B0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{A2F846A2-ECAC-4CFB-A779-704D5EBD985F}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{AACE44F6-4ADD-4B40-9500-AF3EADC8F8E7}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{7213C4B5-9ED5-4B07-8B35-6F7C3DC29037}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{C6423D21-49CC-4CA6-B798-626367E1FC0B}] => (Allow) D:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{079141C8-BEB7-4CF4-9206-A97E260EF639}] => (Allow) D:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{B9641751-9A7D-48C9-A6AB-CA4E3BCA64AD}C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe
FirewallRules: [UDP Query User{74BC90AB-F7BB-4F77-BCCD-6DAB6A003FB0}C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015.3\adobe premiere pro.exe
FirewallRules: [{0F3D9AD0-E15A-4DDD-865A-67001E7F4712}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{25F32B63-6E6D-482A-A0E0-4B1B55D97A94}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{D4A109A7-8B4A-459B-9127-6D1903BE49AF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{9EE896EA-D550-472D-944B-11B9C0EA0990}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{4CB75514-215E-46D6-AEB4-A47FD3EF83C6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{78BFBC8B-D971-40F1-8AF3-34CC73823553}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{72CA2F6C-7730-4DF9-AE92-9E68C0C2F6FB}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{571CDAC1-381C-4644-BCFD-CFC182F19E9A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{9487749E-C42D-4527-84A0-0096B30D4E75}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{391CEC9C-6607-4B86-9B44-C39B5132E0E5}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8078A9A6-3860-4868-B739-2CB003DF2086}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2A70F938-EAF1-4818-B98D-3A5956F70D62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54D12068-30EE-4060-831C-F98EBE2F5E15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{D4993175-C7A6-4A24-A2A9-D01371E4104A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FAD07AE3-FD7E-477F-B096-D129CB0E078F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muddy Heights 2\Muddy Heights 2.exe
FirewallRules: [{87588CE2-26C0-4917-8E96-71CDDACA4ADB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muddy Heights 2\Muddy Heights 2.exe
FirewallRules: [TCP Query User{80D486DA-3607-41EF-8F10-F4D4C8223275}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{423A8DE5-2F5C-48CF-A5F3-E8F6EF025CAA}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{8255E2AD-D798-4F06-999E-B3FE6ADFFAA0}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{360CCD0A-26E1-4F43-9325-02752EC0CA2D}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{5BDDF0E2-ED53-4E57-96F2-09B8FA4560E5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{A0A40056-A66C-4605-8966-08078BC00C71}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [TCP Query User{0B9002AE-A3AA-4541-A46D-B3810A8071AC}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{0C00708A-3F2B-451E-8CB4-B2D7C565F578}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{0791496A-5665-4864-9579-A00C916E62B5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5213FC4D-BD16-4296-88B1-5AFFC43E7491}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{2C1B5FC4-6617-4263-A033-C6F376D7EF37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{B3701E29-CA83-485D-B885-091299475CDF}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{245EE3E8-1C19-4387-B8CE-15346D122B2A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe

==================== Wiederherstellungspunkte =========================

07-09-2017 21:38:26 Geplanter Prüfpunkt
08-09-2017 17:20:50 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PCI-Eingabegerät
Description: PCI-Eingabegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/10/2017 02:12:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.

Error: (09/10/2017 02:12:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/10/2017 01:59:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x57b6bf05
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0xc3955624
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x29f8
Startzeit der fehlerhaften Anwendung: 0x01d32a2c49b3e791
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 25223887-2ce1-43ab-8eef-b9e252e8419d
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/10/2017 01:59:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
   bei System.IO.__Error.WinIOError(Int32, System.String)
   bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
   bei System.IO.File.Copy(System.String, System.String, Boolean)
   bei Razer.DataTracking.Common.Utils.XDocumentSafe.SafeSave(System.Xml.Linq.XDocument, System.String)
   bei RzDataTrackingManager.DataHistoryManager.InitStatsHistory(System.String)
   bei RzDataTrackingManager.DataHistoryManager.GetStatsFromStorage()
   bei RzDataTrackingManager.Form1..ctor()
   bei RzDataTrackingManager.Program.Main()

Error: (09/09/2017 09:04:39 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.

Error: (09/09/2017 09:04:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (09/09/2017 08:56:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x57b6bf05
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0xc3955624
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x3308
Startzeit der fehlerhaften Anwendung: 0x01d32938d210c4b2
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 2a8bf74f-80bc-47dd-a2b4-a99deedb641e
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2017 08:56:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
   bei System.IO.__Error.WinIOError(Int32, System.String)
   bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
   bei System.IO.File.Copy(System.String, System.String, Boolean)
   bei Razer.DataTracking.Common.Utils.XDocumentSafe.SafeSave(System.Xml.Linq.XDocument, System.String)
   bei RzDataTrackingManager.DataHistoryManager.InitStatsHistory(System.String)
   bei RzDataTrackingManager.DataHistoryManager.GetStatsFromStorage()
   bei RzDataTrackingManager.Form1..ctor()
   bei RzDataTrackingManager.Program.Main()

Error: (09/08/2017 05:22:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x57b6bf05
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0xc3955624
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1d24
Startzeit der fehlerhaften Anwendung: 0x01d328b63e22bd4e
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 20665f87-c6ca-4b88-81f2-a921bb9e74bb
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2017 05:22:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.IOException
   bei System.IO.__Error.WinIOError(Int32, System.String)
   bei System.IO.File.InternalCopy(System.String, System.String, Boolean, Boolean)
   bei System.IO.File.Copy(System.String, System.String, Boolean)
   bei Razer.DataTracking.Common.Utils.XDocumentSafe.SafeSave(System.Xml.Linq.XDocument, System.String)
   bei RzDataTrackingManager.DataHistoryManager.InitStatsHistory(System.String)
   bei RzDataTrackingManager.DataHistoryManager.GetStatsFromStorage()
   bei RzDataTrackingManager.Form1..ctor()
   bei RzDataTrackingManager.Program.Main()


Systemfehler:
=============
Error: (09/10/2017 01:58:17 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/10/2017 01:58:17 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/10/2017 01:58:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/10/2017 01:58:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎09.‎2017 um 22:16:20 unerwartet heruntergefahren.

Error: (09/10/2017 01:58:08 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (09/10/2017 01:58:07 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841284288

Error: (09/09/2017 08:58:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/09/2017 08:58:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (09/09/2017 08:56:21 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/09/2017 08:56:21 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0


CodeIntegrity:
===================================
  Date: 2017-09-08 17:16:47.295
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.288
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.282
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.275
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.267
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.261
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETBD1B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.236
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:47.080
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:46.959
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-09-08 17:16:46.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETA72B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 16315.1 MB
Verfügbarer physikalischer RAM: 11866.79 MB
Summe virtueller Speicher: 18747.1 MB
Verfügbarer virtueller Speicher: 13911.31 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.33 GB) (Free:37.33 GB) NTFS
Drive d: (Daten) (Fixed) (Total:976.56 GB) (Free:465.98 GB) NTFS
Drive e: (Fertige Vids) (Fixed) (Total:195.31 GB) (Free:188.48 GB) NTFS
Drive g: (Eigene Dateien) (Fixed) (Total:691.14 GB) (Free:98.19 GB) NTFS
Drive z: (Aufnahme) (Fixed) (Total:931.51 GB) (Free:879.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6003DEC4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6003DEC3)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

M-K-D-B · 10.09.2017, 19:47

Bitte die richtige Logdatei von AdwCleaner posten (Löschprotokoll), in der die Funde entfernt wurden.

M-K-D-B · 14.09.2017, 19:17

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM inklusive Link zum Thema an mich falls du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

10.09.2017, 19:47	#10
M-K-D-B /// TB-Ausbilder	Mbar mehere Funde und langsamer pc Bitte die richtige Logdatei von AdwCleaner posten (Löschprotokoll), in der die Funde entfernt wurden.

Mbar mehere Funde und langsamer pc

Log-Analyse und Auswertung: Mbar mehere Funde und langsamer pc